VYPR
Vendor

jhuckaby

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2026-39400MedApr 7, 2026
    risk 0.33cvss 6.1epss 0.00

    Cronicle is a multi-server task scheduler and runner, with a web based front-end UI. Prior to 0.9.111, a non-admin user with create_events and run_events privileges can inject arbitrary JavaScript through job output fields (html.content, html.title, table.header, table.rows,…

  • CVE-2026-39401MedApr 7, 2026
    risk 0.28cvss 5.4epss 0.00

    Cronicle is a multi-server task scheduler and runner, with a web based front-end UI. Prior to 0.9.111, jb child processes can include an update_event key in their JSON output. The server applies this directly to the parent event's stored configuration without any authorization…