Hoverfly

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-54376 HIGH POC PATCH This Week

Hoverfly is an open source API simulation tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Hoverfly Suse
NVD GitHub
CVSS 4.0
8.8
EPSS
0.2%
CVE-2025-54123 CRITICAL POC PATCH THREAT Act Now

Hoverfly API simulation tool version 1.11.3 and prior contains a command injection vulnerability in the middleware management endpoint /api/v2/hoverfly/middleware. Insufficient validation of user input allows authenticated attackers to execute arbitrary commands on the Hoverfly server.

RCE Command Injection Hoverfly Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
60.2%
CVE-2025-54376
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

Hoverfly is an open source API simulation tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Hoverfly Suse
NVD GitHub
CVE-2025-54123
EPSS 60% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Hoverfly API simulation tool version 1.11.3 and prior contains a command injection vulnerability in the middleware management endpoint /api/v2/hoverfly/middleware. Insufficient validation of user input allows authenticated attackers to execute arbitrary commands on the Hoverfly server.

RCE Command Injection Hoverfly +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy