CVE-2026-16213
Fantomas42 django-blog-zinnia Protected Entry Password entry_protection.py cleartext storage
CVSS Score
3.3
EPSS Score
0.0%
EPSS Percentile
0th
A security flaw has been discovered in Fantomas42 django-blog-zinnia up to 0.20. Affected by this vulnerability is an unknown functionality of the file zinnia/views/mixins/entry_protection.py of the component Protected Entry Password Handler. The manipulation results in cleartext storage of sensitive information. The attack needs to be approached locally. The project was informed of the problem early through an issue report but has not responded yet.
| CWE | CWE-312 CWE-310 |
| Vendor | fantomas42 |
| Product | django-blog-zinnia |
| Published | Jul 19, 2026 |
Stay Ahead of the Next One
Get instant alerts for fantomas42 django-blog-zinnia
Be the first to know when new low vulnerabilities affecting fantomas42 django-blog-zinnia are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Fantomas42 / django-blog-zinnia
0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 0.10 0.11 0.12 0.13 0.14 0.15 0.16 0.17 0.18 0.19 0.20
References
vuldb.com: https://vuldb.com/vuln/380029 vuldb.com: https://vuldb.com/vuln/380029/cti vuldb.com: https://vuldb.com/cve/CVE-2026-16213 vuldb.com: https://vuldb.com/submit/857944 github.com: https://github.com/Fantomas42/django-blog-zinnia/issues/595 github.com: https://github.com/Fantomas42/django-blog-zinnia/
Credits
๐ GalaxynX (VulDB User) VulDB CNA Team