0.0
NA
CVE-2026-14611
DeepMyst Mysti Per-Project Auto-Memory MemoryManager.ts initProjectMemory exposure of resource
Description

A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory Handler. Such manipulation of the argument workspacePath leads to exposure of resource. The attack may be performed from remote. Upgrading to version 0.4.0 is sufficient to fix this issue. The name of the patch is 6d709229b5199f6769fb3cf763e5122dcc43c079. It is advisable to upgrade the affected component.

INFO

Published Date :

July 3, 2026, 9 p.m.

Last Modified :

July 3, 2026, 9 p.m.

Remotely Exploit :

No

Source :

VulDB
Affected Products

The following products are affected by CVE-2026-14611 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Deepmyst mysti
Solution
Upgrade the affected component to version 0.4.0 or later to fix the exposure of resources.
  • Upgrade the affected component to version 0.4.0.
  • Apply the patch 6d709229b5199f6769fb3cf763e5122dcc43c079.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-14611 vulnerability anywhere in the article.

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.