CVE-2026-3329

UNKNOWN 0.0

Nexus Repository Manager - Improper Restriction of Excessive Authentication Attempts

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints.

CWE	CWE-307
Vendor	sonatype
Product	nexus repository manager
Published	Jun 11, 2026
Last Updated	Jun 11, 2026

Stay Ahead of the Next One

Get instant alerts for sonatype nexus repository manager

Be the first to know when new unknown vulnerabilities affecting sonatype nexus repository manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Sonatype / Nexus Repository Manager

3.0.0 < 3.93.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

help.sonatype.com: https://help.sonatype.com/en/sonatype-nexus-repository-3-93-0-release-notes.html support.sonatype.com: https://support.sonatype.com/hc/en-us/articles/52482870409491

Credits

Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc.