CVE-2026-49397Medium· 5.3▾ SunlitNezha's private services (`EnableShowInService: false`) are enumerable via per-server endpoints, leaking name and timing data
▾ Sunlit zone — Low / medium · no exploitation signal
impact 29.2 · likelihood 0.1 · exploitation 0
The latest CVEs are free to read. CVE-2026-49397 is outside the free window — sign in (free) to view the full technical detail, affected versions, references, and raw markdown.