VYPR
Vendor

Kaleris

Products
4
CVEs
4
Across products
6
Status
Private

Products

4

Recent CVEs

4
  • CVE-2026-31151CriApr 6, 2026
    risk 0.64cvss 9.8epss 0.00

    An issue in the login mechanism of Kaleris YMS v7.2.2.1 allows attackers to bypass login verification to access the application 's resources.

  • CVE-2025-2566CriJun 24, 2025
    risk 0.61cvss epss 0.01

    Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java deserialization vulnerability. An unauthenticated attacker can make specially crafted requests to execute arbitrary code on the server.

  • CVE-2025-5087MedJun 24, 2025
    risk 0.39cvss epss 0.00

    Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials.

  • CVE-2026-31150MedApr 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Incorrect access control in Kaleris YMS v7.2.2.1 allows authenticated attackers with only the shipping/receiving role to view the truck's dashboard resources.