VYPR

Yamcs

by Yamcs

Source repositories

CVEs (8)

  • CVE-2026-46621criMay 27, 2026
    risk 0.59cvss epss 0.00

    ### Summary A Server-Side Code Injection vulnerability exists in the Yamcs script evaluation engine for Python algorithms. The application dynamically compiles and evaluates user-controlled algorithm text using Jython (via the JSR-223 ScriptEngine API) without enforcing a secure…

  • CVE-2026-46562criMay 27, 2026
    risk 0.59cvss epss 0.01

    # Remote Code Execution via Mission Database algorithm override ## Summary The Nashorn `ScriptEngine` used to evaluate user-supplied algorithm text in `MdbOverrideApi.updateAlgorithm` is constructed without a `ClassFilter`, allowing a user with the `ChangeMissionDatabase`…

  • CVE-2026-44632criMay 27, 2026
    risk 0.59cvss epss 0.00

    ### Summary A Server-Side Code Injection vulnerability exists in the Yamcs algorithm evaluation engine (`org.yamcs.algorithms.JavaExprAlgorithmExecutionFactory`). The application dynamically compiles and evaluates user-controlled algorithm text without enforcing a secure…

  • CVE-2026-42568MedJun 10, 2026
    risk 0.31cvss 4.3epss 0.01

    Yamcs is a mission control framework. Prior to versions 5.13.0 and 5.12.7, an LDAP injection vulnerability exists in `org.yamcs.security.LdapAuthModule` when constructing search filters. The username parameter is inserted directly into the LDAP filter without proper RFC 4515…

  • CVE-2026-44596May 27, 2026
    risk 0.03cvss epss 0.00

    ### Summary The authentication endpoint `POST /auth/token` in `yamcs-core` lacks any form of rate limiting, account lockout, or failed attempt throttling. As a result, an unauthenticated remote attacker can perform unlimited password guessing attempts against any user account. …

  • CVE-2026-44595May 27, 2026
    risk 0.03cvss epss 0.00

    ### Summary The IAM API endpoints (`listUsers`, `getUser`, `listGroups`, and `getGroup`) in `yamcs-core` do not enforce the required `SystemPrivilege.ControlAccess` check. As a result, **any authenticated user** (even those with low or no privileges) can enumerate all user…

  • CVE-2023-47311Nov 20, 2023
    risk 0.00cvss epss 0.00

    An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking.

  • CVE-2023-45281Oct 19, 2023
    risk 0.00cvss epss 0.00

    An issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML file.