VYPR

Ekuiper

by Lf Edge

pypi: ekuiper

Source repositories

CVEs (4)

  • CVE-2025-54379CriJul 24, 2025
    risk 0.57cvss 9.8epss 0.01

    LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability in the getLast API functionality of the eKuiper project. This flaw allows…

  • CVE-2024-43406HigAug 20, 2024
    risk 0.50cvss 8.8epss 0.01

    LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. A user could utilize and exploit SQL Injection to allow the execution of malicious SQL query via Get method in sqlKvStore. This vulnerability is fixed in…

  • CVE-2024-52290MedMay 14, 2025
    risk 0.34cvss 6.3epss 0.00

    LF Edge eKuiper is a lightweight internet of things (IoT) data analytics and stream processing engine. Prior to version 2.1.0 user with rights to modificate the service (e.g. kuiperUser role) can inject a cross-site scripting payload into Connection Configuration key `Name`…

  • CVE-2024-52812MedMar 10, 2025
    risk 0.28cvss 5.4epss 0.00

    LF Edge eKuiper is an internet-of-things data analytics and stream processing engine. Prior to version 2.0.8, auser with rights to modify the service (e.g. kuiperUser role) can inject a cross-site scripting payload into the rule `id` parameter. Then, after any user with access…