VYPR

Archon

by Archonproject

Source repositories

CVEs (2)

  • CVE-2025-69443MedMay 14, 2026
    risk 0.41cvss 6.3epss 0.00

    Remote Code Execution in coleam00 Archon 0.1.0. A crafted HTML page, when accessed by a victim, can execute commands, run prompts on behalf of the user, control the Archon UI features, and steal all Archon information available on the UI including API keys.

  • CVE-2017-17911MedDec 27, 2017
    risk 0.40cvss 6.1epss 0.01

    packages/core/contact.php in Archon 3.21 rev-1 has XSS in the referer parameter in an index.php?p=core/contact request, aka Open Bug Bounty ID OBB-278503.