VYPR

Novu

by Novuhq

CVEs (2)

  • CVE-2023-24215CriMay 18, 2026
    risk 0.59cvss 9.1epss 0.00

    Incorrect access control in the /uci/get/ endpoint of NOVUS AirGate 4G firmware v1.1.16 allows unauthenticated attackers to obtain administrator credentials via a crafted POST request.

  • CVE-2023-35948MedJul 6, 2023
    risk 0.00cvss 5.4epss 0.00

    Novu provides an API for sending notifications through multiple channels. Versions prior to 0.16.0 contain an open redirect vulnerability in the "Sign In with GitHub" functionality of Novu's open-source repository. It could have allowed an attacker to force a victim into opening…