Open Vsx

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-6705 MEDIUM PATCH This Month

CVE-2025-6705 is a security vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass Open Vsx
NVD GitHub
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-1007 MEDIUM POC This Month

In OpenVSX version v0.9.0 to v0.20.0, the /user/namespace/{namespace}/details API allows a user to edit all namespace details, even if the user is not a namespace Owner or Contributor. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Open Vsx
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-6705
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

CVE-2025-6705 is a security vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures.

Authentication Bypass Open Vsx
NVD GitHub
CVE-2025-1007
EPSS 0% CVSS 6.9
MEDIUM POC This Month

In OpenVSX version v0.9.0 to v0.20.0, the /user/namespace/{namespace}/details API allows a user to edit all namespace details, even if the user is not a namespace Owner or Contributor. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Open Vsx
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy