Skip to main content

Loom

2 CVEs product

Monthly

CVE-2024-23742 CRITICAL Act Now

An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple Loom
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2019-14432 HIGH This Week

Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Loom
NVD
CVSS 3.0
8.8
EPSS
2.3%
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Apple +1
NVD GitHub
EPSS 2% CVSS 8.8
HIGH This Week

Incorrect authentication of application WebSocket connections in Loom Desktop for Mac up to 0.16.0 allows remote code execution from either malicious JavaScript in a browser or hosts on the same. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Loom
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy