Mender Client
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-55959 | Cri | 0.59 | 9.1 | 0.01 | Jan 21, 2025 | Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. | ||
| CVE-2025-67903 | Med | 0.34 | 5.3 | 0.00 | May 27, 2026 | Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass. | ||
| CVE-2022-32290 | Med | 0.28 | 4.3 | 0.00 | Jul 6, 2022 | The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network… |
- risk 0.59cvss 9.1epss 0.01
Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions.
- risk 0.34cvss 5.3epss 0.00
Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass.
- risk 0.28cvss 4.3epss 0.00
The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network…