Vendor
NightWolf
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-3013 | Hig | 0.54 | — | 0.00 | Mar 31, 2025 | Insecure Direct Object References (IDOR) in access control in Customer Portal before 2.1.4 on NightWolf Penetration Testing allows an attacker to access via manipulating request parameters or object references. | ||
| CVE-2025-31165 | Med | 0.45 | — | 0.00 | Mar 27, 2025 | Cross-Site Scripting (XSS) vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 allows attackers to execute JavaScript through the markdown editor feature. | ||
| CVE-2026-6179 | Med | 0.41 | — | 0.00 | Apr 13, 2026 | Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser |
- risk 0.54cvss —epss 0.00
Insecure Direct Object References (IDOR) in access control in Customer Portal before 2.1.4 on NightWolf Penetration Testing allows an attacker to access via manipulating request parameters or object references.
- risk 0.45cvss —epss 0.00
Cross-Site Scripting (XSS) vulnerability in the Logbug module of NightWolf Penetration Testing Platform 1.2.2 allows attackers to execute JavaScript through the markdown editor feature.
- risk 0.41cvss —epss 0.00
Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser