MidnightBSD

Advisories for metacubex

CVE-2025-56499

Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level privileges to read arbitrary files with elevated privileges via obtaining the external control key from the config file.

Products Affected

Vendor Product Version
metacubex mihomo 1.9.11