CVE-2026-44343
CRITICAL WAF: Medium
CVSS 9.8
Published: 2026-05-12
CWE-20
WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there are critical vulnerabilities affecting WGDashboard that, if exploited, could allow unauthorized parties to access the host file system without authentication. This vulnerability is fixed in 4.3.2.
WAF Coverage Analysis
Improper Input Validation
Medium WAF Coverage
OWASP: A03:2021 Injection
920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| wgdashboard | wgdashboard | up to 4.3.2 |
References
- github.com (Patch)
- github.com (Mitigation, Vendor Advisory)