Vendor
Yacy
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-24824 | Med | 0.45 | — | 0.00 | Jan 27, 2026 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java. This issue affects… | ||
| CVE-2008-4731 | 0.00 | — | 0.01 | Oct 24, 2008 | Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown impact and attack vectors. | |||
| CVE-2004-2651 | 0.00 | — | 0.01 | Dec 31, 2004 | Multiple cross-site scripting (XSS) vulnerabilities in YaCy before 0.32 allow remote attackers to inject arbitrary web script or HTML via the (1) urlmaskfilter parameter to index.html or the (2) page parameter to Wiki.html. |
- risk 0.45cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java. This issue affects…
- CVE-2008-4731Oct 24, 2008risk 0.00cvss —epss 0.01
Multiple unspecified vulnerabilities in YaCy before 0.61 have unknown impact and attack vectors.
- CVE-2004-2651Dec 31, 2004risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in YaCy before 0.32 allow remote attackers to inject arbitrary web script or HTML via the (1) urlmaskfilter parameter to index.html or the (2) page parameter to Wiki.html.