CVE-2026-6588 — A weakness has been identified in serge-chat serge up to
CVE-2026-6588 — A weakness has been identified in serge-chat serge up to 1.4TB. The impacted element is the function download_model/delete_model of the file api/src/serge/routers/model.py of the component Model API Endpoint. Executing a manipulation can lead to missing authentication. The attack can
What This Means For You
- If your environment is affected by CWE-287, CWE-306, review your exposure and prioritize patching based on your environment. Monitor vendor advisories for CVE-2026-6588 updates and patches.
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-6588 | vulnerability | CVE-2026-6588 |
| CWE-287 | weakness | CWE-287 |
| CWE-306 | weakness | CWE-306 |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | April 20, 2026 at 04:16 UTC |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Related Posts
Hospital Management System Hit by Remote Unrestricted File Upload
CVE-2026-6602 — A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The manipulation...
CVE-2026-6601 — Lagom WHMCS Template Vulnerability
CVE-2026-6601 — A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatables. The manipulation...
CVE-2026-6599 — Langflow-Ai Langflow Vulnerability
CVE-2026-6599 — A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_mcp_config of the file src/backend/base/langflow/api/v1/mcp_projects.py of the...