Skip to content
July 10, 2026 3:01:48 PM
CRITICAL 3 HIGH 12 MEDIUM 45 ADVISORIES TRACKED 15 CRITICAL 3 HIGH 12 MEDIUM 45 ADVISORIES TRACKED 15
[//]

Cyber Threat Hub

Stay ahead of cyber threats with real-time news on data breaches, vulnerabilities, and security updates. Your hub for the latest cybersecurity intelligence.

Vulnerabilities · January 29, 2026 · Admin

Appsmith Vulnerable to Account Takeover Exploit – CVE-2026-22794

cve

CVE-2026-22794

The exploit works by allowing an attacker to initiate and inject a password reset. When the reset link is clicked by the victim it will allow the attacker to capture the reset code on their website used in the poisoning. The attacker can then use that code to reset the account password. This vulnerability has been patching version 1.93 on.

Ashwesker on GitHub released a guide on using the CVE-2026-22794.py proof of concept script to exploit a vulnerable system.

CVE-2026-22794 Guide

CVE-2026-22794 PoC Exploit Download