Vulnerabilities

Detect, prioritize and remediate security vulnerabilities

Open Vulnerabilities
CVE IDVulnerabilityAffected AssetCVSSSeverityDiscoveredStatus
CVE-2025-1187
Remote Code Execution

Unauthenticated RCE in web module

WEB-SRV-01 9.8 Critical 10 Jul 2026 Open
CVE-2025-0934
SQL Injection

Blind SQLi in reporting API

DB-Cluster-02 9.1 Critical 09 Jul 2026 Patching
CVE-2025-2276
Privilege Escalation

Local priv-esc via kernel driver

WKS-2043 8.4 High 09 Jul 2026 Open
CVE-2025-3391
Auth Bypass

JWT signature not verified

IDP-Cloud 7.6 High 08 Jul 2026 Patching
CVE-2025-4108
Cross-Site Scripting

Stored XSS in comment field

WEB-SRV-03 6.1 Medium 07 Jul 2026 Patched
CVE-2025-5520
Information Disclosure

Verbose error stack traces

API-GW-01 3.7 Low 06 Jul 2026 Patched
Critical
Remote Code Execution

CVE-2025-1187 · WEB-SRV-01

CVSS 9.8 Open
View Details
Critical
SQL Injection

CVE-2025-0934 · DB-Cluster-02

CVSS 9.1 Patching
View Details
High
Privilege Escalation

CVE-2025-2276 · WKS-2043

CVSS 8.4 Open
View Details
High
Auth Bypass

CVE-2025-3391 · IDP-Cloud

CVSS 7.6 Patching
View Details
Medium
Cross-Site Scripting

CVE-2025-4108 · WEB-SRV-03

CVSS 6.1 Patched
View Details
Low
Information Disclosure

CVE-2025-5520 · API-GW-01

CVSS 3.7 Patched
View Details
Critical
Buffer Overflow

CVE-2025-6642 · APP-SRV-07

CVSS 9.4 Open
View Details
High
Server-Side Request Forgery

CVE-2025-7013 · API-GW-02

CVSS 8.1 Patching
View Details
Medium
Insecure Deserialization

CVE-2025-7788 · SVC-Queue-04

CVSS 5.9 Patched
View Details