{"id":"CVE-2024-26477","details":"An issue in Statping-ng v.0.91.0 allows an attacker to obtain sensitive information via a crafted request to the api parameter of the oauth, amazon_sns, export endpoints.","modified":"2026-04-10T05:11:54.998712Z","published":"2026-02-11T20:16:05.670Z","references":[{"type":"WEB","url":"https://statping-ng.github.io/"},{"type":"ADVISORY","url":"https://github.com/Ev3rR3d/Statping_Poc/tree/main/CVE-2024-26477"},{"type":"PACKAGE","url":"https://github.com/statping-ng/statping-ng"},{"type":"EVIDENCE","url":"https://github.com/Ev3rR3d/Statping_Poc"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/statping-ng/statping-ng","events":[{"introduced":"0"},{"last_affected":"66a1adaa66acfa9615d5b8661e3c0320109731c3"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.91.0"}]}}],"versions":["dev-v0.90.64","dev-v0.90.76","dev-v0.90.78","dev-v0.90.78-alpha","dev-v0.90.79","dev-v0.90.80","untagged-4b1cd42048450a168b46","v0.1","v0.12","v0.13","v0.14","v0.15","v0.151","v0.161","v0.17","v0.18","v0.2","v0.21","v0.22","v0.23","v0.24","v0.241","v0.242","v0.243","v0.25","v0.26","v0.27","v0.27.1","v0.27.2","v0.27.4","v0.27.7","v0.27.8","v0.27.9","v0.28","v0.28.1","v0.28.2","v0.28.3","v0.28.4","v0.28.5","v0.28.6","v0.28.7","v0.28.9","v0.28.91","v0.29","v0.29.1","v0.29.2","v0.29.3","v0.29.5","v0.29.6","v0.29.7","v0.29.8","v0.29.9","v0.30","v0.32","v0.33","v0.34","v0.35","v0.36","v0.37","v0.38","v0.4","v0.41","v0.42","v0.43","v0.44","v0.45","v0.46","v0.47","v0.48","v0.49","v0.5","v0.51","v0.52","v0.54","v0.55","v0.56","v0.57","v0.58","v0.59","v0.6","v0.61","v0.64","v0.66","v0.67","v0.68","v0.69","v0.70","v0.71","v0.72","v0.73","v0.74","v0.75","v0.76","v0.77","v0.78","v0.79","v0.79.1","v0.79.2","v0.79.4","v0.79.5","v0.79.7","v0.79.8","v0.79.81","v0.79.82","v0.79.84","v0.79.85","v0.79.86","v0.79.88","v0.79.9","v0.79.91","v0.79.93","v0.79.94","v0.79.95","v0.79.96","v0.79.97","v0.79.98","v0.79.99","v0.80.0","v0.80.2","v0.80.3","v0.80.31","v0.80.32","v0.80.34","v0.80.35","v0.80.36","v0.80.37","v0.80.38","v0.80.40","v0.80.41","v0.80.42","v0.80.43","v0.80.44","v0.80.45","v0.80.46","v0.80.47","v0.80.48","v0.80.49","v0.80.5","v0.80.51","v0.80.52","v0.80.53","v0.80.54","v0.80.55","v0.80.56","v0.80.57","v0.80.58","v0.80.59","v0.80.61","v0.80.63","v0.80.67","v0.80.68","v0.80.69","v0.80.70","v0.90.11","v0.90.12","v0.90.14","v0.90.15","v0.90.16","v0.90.17","v0.90.18","v0.90.19","v0.90.20","v0.90.22","v0.90.23","v0.90.24","v0.90.25","v0.90.26","v0.90.27","v0.90.28","v0.90.29","v0.90.30","v0.90.31","v0.90.32","v0.90.33","v0.90.34","v0.90.36","v0.90.37","v0.90.38","v0.90.39","v0.90.40","v0.90.41","v0.90.42","v0.90.43","v0.90.44","v0.90.45","v0.90.46","v0.90.47","v0.90.48","v0.90.49","v0.90.50","v0.90.51","v0.90.52","v0.90.53","v0.90.54","v0.90.55","v0.90.56","v0.90.57","v0.90.58","v0.90.59","v0.90.60","v0.90.61","v0.90.62","v0.90.63","v0.90.64","v0.90.65","v0.90.67","v0.90.69","v0.90.71","v0.90.74","v0.90.77","v0.90.78","v0.91.0","v0.91.0-rc1","v0.91.0-rc2","v0.91.0-rc3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26477.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}