VYPR
Vendor

9front

Products
5
CVEs
4
Across products
5
Status
Private

Products

5

Recent CVEs

4
  • CVE-2026-9054CriMay 22, 2026
    risk 0.60cvss epss 0.00

    An attacker sending tcp, il, rudp, rudp, or gre packets with a length less than the header size would trigger a kernel panic.

  • CVE-2022-28380HigApr 3, 2022
    risk 0.49cvss 7.5epss 0.01

    The rc-httpd component through 2022-03-31 for 9front (Plan 9 fork) allows ..%2f directory traversal if serve-static is used.

  • CVE-2026-9053MedMay 22, 2026
    risk 0.45cvss epss 0.00

    Mothra would respect a default value given by a website for HTML file upload forms. An attacker could craft a website with a malicious default file path, and then conceal this form element.

  • CVE-2024-8158MedAug 25, 2024
    risk 0.42cvss 6.5epss 0.00

    A bug in the 9p authentication implementation within lib9p allows an attacker with an existing valid user within the configured auth server to impersonate any other valid filesystem user. This is due to lib9p not properly verifying that the uname given in the Tauth and Tattach…