VYPR

SIEM

by Logpoint

CVEs (4)

  • CVE-2023-49950MedFeb 3, 2024
    risk 0.35cvss 5.4epss 0.01

    The Jinja templating in Logpoint SIEM 6.10.0 through 7.x before 7.3.0 does not correctly sanitize log data being displayed when using a custom Jinja template in the Alert view. A remote attacker can craft a cross-site scripting (XSS) payload and send it to any system or device…

  • CVE-2025-66359Nov 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.

  • CVE-2025-66360Nov 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

  • CVE-2025-66361Nov 27, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.

VYPR — Vulnerability Intelligence