A vulnerability was found in Shelf-nu shelf.nu up to 1.20.0 . It has been classified as problematic . This affects an unknown function of the file /assets of the component Query Parameter Handler . The manipulation leads to information disclosure. This vulnerability is referenced as CVE-2026-44204 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.