VYPR
Vendor

Cloudlinux OS

Products
3
CVEs
4
Across products
4
Status
Private

Products

3

Recent CVEs

4
  • CVE-2020-36771HigJan 22, 2024
    risk 0.51cvss 7.8epss 0.00

    CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.

  • CVE-2021-21956HigApr 14, 2022
    risk 0.51cvss 7.8epss 0.01

    A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.10.2. A specially-crafted malformed file can lead to potential arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.

  • CVE-2020-36772MedJan 22, 2024
    risk 0.29cvss 4.4epss 0.00

    CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.

  • CVE-2025-65530Dec 12, 2025
    risk 0.00cvss epss 0.00

    An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file.