VYPR
Vendor

Yeti Platform

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2024-46508HigMay 8, 2026
    risk 0.49cvss 7.5epss 0.00

    yeti-platform yeti before 2.1.12 allows attackers to generate valid JWT tokens is the secret is not changed (by setting YETI_AUTH_SECRET_KEY to a value other than SECRET).

  • CVE-2024-46507HigMay 8, 2026
    risk 0.47cvss 7.3epss 0.04

    A SSTI (server side template injection) vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server.

  • CVE-2024-45412Sep 10, 2024
    risk 0.00cvss epss 0.01

    Yeti bridges the gap between CTI and DFIR practitioners by providing a Forensics Intelligence platform and pipeline. Remote user-controlled data tags can reach a Unicode normalization with a compatibility form NFKD. Under Windows, such normalization is costly in resources and…