VYPR

Logpoint

by Logpoint

CVEs (5)

  • CVE-2025-54317HigJul 20, 2025
    Logpoint
    Logpoint
    risk 0.55cvss 8.4epss 0.01

    An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution (RCE).

  • CVE-2025-54316MedJul 20, 2025
    Logpoint
    Logpoint
    risk 0.32cvss 4.9epss 0.00

    An issue was discovered in Logpoint before 7.6.0. When creating reports, attackers can create custom Jinja templates that chained built-in filter functions to generate XSS payloads. These payloads can be rendered by the Logpoint Report Template engine, making it vulnerable to cross-site scripting (XSS) attacks.

  • CVE-2025-66361Nov 27, 2025
    Logpoint
    Siem
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. Sensitive information is exposed in System Processes for an extended period during high CPU load.

  • CVE-2025-66360Nov 27, 2025
    Logpoint
    Siem
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. An improperly configured access control policy exposes sensitive Logpoint internal service (Redis) information to li-admin users. This can lead to privilege escalation.

  • CVE-2025-66359Nov 27, 2025
    Logpoint
    Siem
    risk 0.00cvss epss 0.00

    An issue was discovered in Logpoint before 7.7.0. Insufficient input validation and a lack of output escaping in multiple components leads to a cross-site scripting (XSS) vulnerability.