VYPR

Cubeapm

by Prassan10

Source repositories

CVEs (1)

  • CVE-2025-57564HigOct 7, 2025
    risk 0.53cvss 8.2epss 0.00

    CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject arbitrary log entries into production systems via the /api/logs/insert/elasticsearch/_bulk endpoint. This endpoint accepts bulk log data without requiring authentication or input validation, allowing remote…