VYPR

KL-001-2025-004

by KoreLogic

CVEs (3)

  • CVE-2025-5099CriMay 23, 2025
    risk 0.64cvss 9.8epss 0.01

    An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution.

  • CVE-2024-6891HigAug 8, 2024
    risk 0.57cvss 8.8epss 0.01

    Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow.

  • CVE-2024-6707HigAug 7, 2024
    risk 0.57cvss 8.8epss 0.01

    Attacker controlled files can be uploaded to arbitrary locations on the web server's filesystem by abusing a path traversal vulnerability.