CVE-2026-11746
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability has been identified in centraldogma-server versions prior to 0.84.0, where enabling ZooKeeper replication without setting replication.secret causes the server to silently fall back to a hard-coded, publicly known secret. This default credential authenticates the embedded ZooKeeper ensemble, allowing an attacker with network access to read the full replication log or join the quorum and execute arbitrary replicated commands across the cluster.
| Vendor | ly corporation |
| Product | central dogma |
| Published | Jun 22, 2026 |
Stay Ahead of the Next One
Get instant alerts for ly corporation central dogma
Be the first to know when new unknown vulnerabilities affecting ly corporation central dogma are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
LY Corporation / Central Dogma
All versions affected