VYPR
Vendor

Hummerrisk

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2026-3067MedFeb 24, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability has been found in HummerRisk up to 1.5.0. This issue affects the function extractTarGZ/extractZip of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/CommandUtils.java of the component Archive Extraction. The manipulation leads…

  • CVE-2026-3066MedFeb 24, 2026
    risk 0.41cvss 6.3epss 0.09

    A flaw has been found in HummerRisk up to 1.5.0. This vulnerability affects the function fixedCommand of the file hummer-common/hummer-common-core/src/main/java/com/hummer/common/core/utils/PlatformUtils.java of the component Cloud Compliance Scanning. Executing a manipulation…

  • CVE-2026-3065MedFeb 24, 2026
    risk 0.41cvss 6.3epss 0.24

    A vulnerability was detected in HummerRisk up to 1.5.0. This affects the function CommandUtils.commonExecCmdWithResult of the file CloudTaskService.java of the component Cloud Task Dry-run. Performing a manipulation of the argument fileName results in command injection. Remote…

  • CVE-2026-3064MedFeb 24, 2026
    risk 0.41cvss 6.3epss 0.14

    A security vulnerability has been detected in HummerRisk up to 1.5.0. Affected by this issue is some unknown functionality of the file ResourceCreateService.java of the component Cloud Task Scheduler. Such manipulation of the argument regionId leads to command injection. The…

  • CVE-2025-63721Dec 8, 2025
    risk 0.00cvss epss 0.00

    HummerRisk thru v1.5.0 is using a vulnerable Snakeyaml component, allowing attackers with normal user privileges to hit the /rule/add API and thereby achieve RCE and take over the server.

  • CVE-2023-43449Jan 16, 2024
    risk 0.00cvss epss 0.01

    An issue in HummerRisk HummerRisk v.1.10 thru 1.4.1 allows an authenticated attacker to execute arbitrary code via a crafted request to the service/LicenseService component.