VYPR
Vendor

Yacy

Products
2
CVEs
3
Across products
3
Status
Private

Products

2

Recent CVEs

3
  • CVE-2026-24824MedJan 27, 2026
    risk 0.45cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java. This issue affects…

  • CVE-2008-4731Oct 24, 2008
    risk 0.00cvss epss 0.01

    Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown impact and attack vectors.

  • CVE-2004-2651Dec 31, 2004
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in YaCy before 0.32 allow remote attackers to inject arbitrary web script or HTML via the (1) urlmaskfilter parameter to index.html or the (2) page parameter to Wiki.html.