VYPR

SIEM

by Logpoint

CVEs (4)

  • CVE-2023-49950MedFeb 3, 2024
    risk 0.35cvss 5.4epss 0.01

    The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting (XSS) payload and send it to any system or device…

  • CVE-2025-66359Nov 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.

  • CVE-2025-66360Nov 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

  • CVE-2025-66361Nov 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.