VYPR

Xiaozhi Esp32 Server Java

by Joey Zhou

Source repositories

CVEs (2)

  • CVE-2025-3382MedApr 7, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in joey-zhou xiaozhi-esp32-server-java up to a14fe8115842ee42ab5c7a51706b8a85db5200b7 and classified as critical. This vulnerability affects the function update of the file /api/user/update. The manipulation of the argument state leads to sql…

  • CVE-2025-15135MedDec 28, 2025
    risk 0.34cvss 6.3epss 0.00

    A weakness has been identified in joey-zhou xiaozhi-esp32-server-java up to 3.0.0. This impacts the function tryAuthenticateWithCookies of the file AuthenticationInterceptor.java of the component Cookie Handler. Executing manipulation can lead to improper authentication. The…