VYPR

MiR software

by MiR

CVEs (3)

  • CVE-2025-9225MedAug 20, 2025
    risk 0.36cvss 5.5epss 0.00

    Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser

  • CVE-2025-9229MedAug 20, 2025
    risk 0.34cvss 5.3epss 0.00

    Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages.

  • CVE-2025-9228MedAug 20, 2025
    risk 0.28cvss 4.3epss 0.00

    MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users.