CVE-2026-53521
MediumCVSS 6.4Exploitation Probability (EPSS)
Low risk13th percentile — higher than 13% of all known CVEs
Summary
Nezha Monitoring versions from 2.0.14 to before 2.1.0 allows accepting and persisting nonexistent ddns_profiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, it can lead to the use of the other user's DDNS profile configuration in the context of the attacker's server.
Risk Assessment
The organization may be exposed to unauthorized updates of DDNS configurations, potentially leading to the takeover of servers and services. This poses a risk to the integrity and availability of monitored systems.
Recommendation
It is recommended to upgrade to version 2.1.0 or later to eliminate this vulnerability. Additionally, conducting an audit of existing DDNS profiles to identify potential threats is advisable.
Original NVD description (English source)
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, PATCH /server/{id} accepts and persists nonexistent ddns_profiles IDs for a member-owned server. If another user later creates a DDNS profile with one of those IDs, the DDNS worker resolves the stored ID and dispatches an update using the other user's DDNS profile configuration in the context of the attacker's server. This issue has been patched in version 2.1.0.

