Skip to main content

Cryptobox

2 CVEs product

Monthly

CVE-2026-6805 MEDIUM This Month

Cryptobox external sharing feature leaks information via sharing link URLs that enables offline brute-force attacks against access codes. Remote unauthenticated attackers with knowledge of a sharing link can retrieve sufficient data from the server to conduct offline enumeration of the associated access code, compromising the confidentiality of shared content. No public exploit code has been identified, but the low attack complexity and network accessibility make this a practical vulnerability.

Information Disclosure Cryptobox
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-5794 MEDIUM PATCH This Month

A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via sending a specially crafted request.

Information Disclosure Cryptobox
NVD
CVSS 4.0
4.9
EPSS
0.0%
EPSS 0% CVSS 6.9
MEDIUM This Month

Cryptobox external sharing feature leaks information via sharing link URLs that enables offline brute-force attacks against access codes. Remote unauthenticated attackers with knowledge of a sharing link can retrieve sufficient data from the server to conduct offline enumeration of the associated access code, compromising the confidentiality of shared content. No public exploit code has been identified, but the low attack complexity and network accessibility make this a practical vulnerability.

Information Disclosure Cryptobox
NVD VulDB
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via sending a specially crafted request.

Information Disclosure Cryptobox
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy