CWE-1100

Insufficient Isolation of System-Dependent Functions

2 CVEs Avg CVSS 6.8 MITRE
0
CRITICAL
1
HIGH
1
MEDIUM
0
LOW
2
POC
0
KEV

Monthly

CVE-2025-3466 HIGH POC PATCH This Week

CVE-2025-3466 is a security vulnerability (CVSS 7.2). Risk factors: public PoC available. Vendor patch is available.

RCE Authentication Bypass Dify
NVD GitHub
CVSS 3.1
7.2
EPSS
0.2%
CVE-2024-9612 MEDIUM POC This Month

In danswer-ai/danswer v0.3.94, administrators can set the visibility of pages within a workspace, including the search page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Onyx
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-3466
EPSS 0% CVSS 7.2
HIGH POC PATCH This Week

CVE-2025-3466 is a security vulnerability (CVSS 7.2). Risk factors: public PoC available. Vendor patch is available.

RCE Authentication Bypass Dify
NVD GitHub
CVE-2024-9612
EPSS 0% CVSS 6.5
MEDIUM POC This Month

In danswer-ai/danswer v0.3.94, administrators can set the visibility of pages within a workspace, including the search page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Onyx
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy