VYPR

Vulnerability Disclosures

by Mandiant

Source repositories

CVEs (2)

  • CVE-2026-5426CriApr 16, 2026
    risk 0.52cvss 9.1epss 0.01

    Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks

  • CVE-2023-26603MedApr 26, 2024
    risk 0.38cvss 5.9epss 0.00

    JumpCloud Agent before 1.178.0 Creates a Temporary File in a Directory with Insecure Permissions. This allows privilege escalation to SYSTEM via a repair action in the installer.