VYPR

SDK

by beefree.io

CVEs (5)

  • CVE-2024-24292CriMar 28, 2025
    risk 0.64cvss 9.8epss 0.01

    A Prototype Pollution issue in Aliconnect /sdk v.0.0.6 allows an attacker to execute arbitrary code via the aim function in the aim.js component.

  • CVE-2025-12518MedMar 18, 2026
    risk 0.34cvss epss 0.00

    beefree.io SDK is vulnerable to Stored XSS in Social Media icon URL parameter in email builder functionality. Malicious attacker can inject arbitrary HTML and JS into template, which will be rendered/executed when visiting preview page. However due to beefree's Content Security…

  • CVE-2026-27281Mar 10, 2026
    risk 0.00cvss epss 0.00

    DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this…

  • CVE-2025-64784Dec 9, 2025
    risk 0.00cvss epss 0.00

    DNG SDK versions 1.7.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive memory information. Exploitation of this issue…

  • CVE-2025-64783Dec 9, 2025
    risk 0.00cvss epss 0.00

    DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.