Skip to main content

Hoverfly

2 CVEs product

Monthly

CVE-2025-54123 Go CRITICAL POC PATCH THREAT Act Now

Hoverfly API simulation tool version 1.11.3 and prior contains a command injection vulnerability in the middleware management endpoint /api/v2/hoverfly/middleware. Insufficient validation of user input allows authenticated attackers to execute arbitrary commands on the Hoverfly server.

RCE Command Injection Hoverfly Suse
NVD GitHub
CVSS 3.1
9.8
EPSS
60.2%
Threat
5.3
CVE-2024-45388 Go HIGH POC PATCH THREAT This Week

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python Information Disclosure Hoverfly
NVD GitHub
CVSS 3.1
7.5
EPSS
55.9%
EPSS 60% 5.3 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Hoverfly API simulation tool version 1.11.3 and prior contains a command injection vulnerability in the middleware management endpoint /api/v2/hoverfly/middleware. Insufficient validation of user input allows authenticated attackers to execute arbitrary commands on the Hoverfly server.

RCE Command Injection Hoverfly +1
NVD GitHub
EPSS 56% CVSS 7.5
HIGH POC PATCH THREAT This Week

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Python Information Disclosure Hoverfly
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy