๐Ÿ” CVE Alert

CVE-2026-14687

MEDIUM 5.3

666ghj BettaFish InsightEngine search-result Deduplication agent.py _deduplicate_results partial string comparison

CVSS Score
5.3
EPSS Score
0.0%
EPSS Percentile
0th

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function _deduplicate_results of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.

CWE CWE-187 CWE-697
Vendor 666ghj
Product bettafish
Published Jul 5, 2026
Stay Ahead of the Next One

Get instant alerts for 666ghj bettafish

Be the first to know when new medium vulnerabilities affecting 666ghj bettafish are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

666ghj / BettaFish
1.2.0 1.2.1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
vuldb.com: https://vuldb.com/vuln/376283 vuldb.com: https://vuldb.com/vuln/376283/cti vuldb.com: https://vuldb.com/cve/CVE-2026-14687 vuldb.com: https://vuldb.com/submit/846753 github.com: https://github.com/666ghj/BettaFish/issues/688 github.com: https://github.com/666ghj/BettaFish/pull/689 github.com: https://github.com/666ghj/BettaFish/

Credits

๐Ÿ” Dem000000 (VulDB User) VulDB CNA Team