Mender Client
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-55959 | Cri | 0.59 | 9.1 | 0.00 | Jan 21, 2025 | Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. | ||
| CVE-2025-67903 | 0.00 | — | — | May 27, 2026 | Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass. | |||
| CVE-2022-32290 | 0.00 | — | 0.00 | Jul 6, 2022 | The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network… |
- risk 0.59cvss 9.1epss 0.00
Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions.
- CVE-2025-67903May 27, 2026risk 0.00cvss —epss —
Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass.
- CVE-2022-32290Jul 6, 2022risk 0.00cvss —epss 0.00
The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network…