Vendor
Noaa Pmel
Products
2
CVEs
1
Across products
2
Status
Private
Products
2- 1 CVE
- 1 CVE
Recent CVEs
1| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-62193 | Cri | 0.64 | 9.8 | 0.01 | Jan 15, 2026 | Sites running NOAA PMEL Live Access Server (LAS) are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of… |
- risk 0.64cvss 9.8epss 0.01
Sites running NOAA PMEL Live Access Server (LAS) are vulnerable to remote code execution via specially crafted requests that include PyFerret expressions. By leveraging a SPAWN command, a remote, unauthenticated attacker can execute arbitrary OS commands. Fixed in a version of…