Arc

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-40896 MEDIUM This Month

The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. [CVSS 6.5 MEDIUM]

Authentication Bypass Arc
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2024-52928 CRITICAL Act Now

Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website.

Microsoft Authentication Bypass Arc Windows
NVD
CVSS 3.1
9.6
EPSS
0.1%
CVE-2025-40896
EPSS 0% CVSS 6.5
MEDIUM This Month

The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc agent and the Guardian or CMC. [CVSS 6.5 MEDIUM]

Authentication Bypass Arc
NVD
CVE-2024-52928
EPSS 0% CVSS 9.6
CRITICAL Act Now

Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website.

Microsoft Authentication Bypass Arc +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy