| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-1554 | Central Authentication System (CAS) Server - Less critical - XML Element Injection - SA-CONTRIB-2026-007 | Drupal | Central Authentication System (CAS) Server | - | - | 2026-02-04 20:26:39 | Deep Dive |
| CVE-2021-47875 | GeoGebra CAS Calculator 6.0.631.0 - Denial of Service | GeoGebra | CAS Calculator | Critical | 9.8 | 2026-01-21 17:27:49 | Deep Dive |
| CVE-2022-4980 | General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page | General Bytes | Crypto Application Server (CAS) | 中危 | - | 2025-09-19 18:55:03 | Deep Dive |
| CVE-2025-3986 | Apereo CAS CasConfigurationMetadataServerController.java redos | Apereo | CAS | Medium | 4.3 | 2025-04-27 21:00:08 | Deep Dive |
| CVE-2025-3985 | Apereo CAS ResponseEntity redos | Apereo | CAS | Low | 2.7 | 2025-04-27 20:31:07 | Deep Dive |
| CVE-2025-3984 | Apereo CAS Groovy Code RegisteredServiceSimpleFormController.java saveService code injection | Apereo | CAS | Medium | 5.0 | 2025-04-27 20:00:08 | Deep Dive |
| CVE-2025-30561 | WordPress CAS Maestro plugin <= 1.1.3 - CSRF to Stored XSS vulnerability | Henrique Mouta | CAS Maestro | High | 7.1 | 2025-03-24 13:47:01 | Deep Dive |
| CVE-2024-11209 | Apereo CAS 2FA login improper authentication | Apereo | CAS | Medium | 6.3 | 2024-11-14 13:31:06 | Deep Dive |
| CVE-2024-11208 | Apereo CAS login session expiration | Apereo | CAS | Low | 3.7 | 2024-11-14 13:31:05 | Deep Dive |
| CVE-2024-11207 | Apereo CAS login redirect | Apereo | CAS | Medium | 4.3 | 2024-11-14 12:31:04 | Deep Dive |
| CVE-2024-4399 | CAS <= 1.0.0 - Unauthenticated SSRF | Unknown | cas | - | - | 2024-05-23 06:00:04 | Deep Dive |
| CVE-2024-4388 | CAS <= 1.0.0 - Unauthenticated Arbitrary File Access | Unknown | cas | - | - | 2024-05-23 06:00:03 | Deep Dive |
| CVE-2023-4612 | MFA bypass in Apereo CAS | Apereo Foundation | CAS | 超危 | - | 2023-11-09 13:41:38 | Deep Dive |
| CVE-2023-28857 | LDAP password leak in Apereo CAS - GHSL-2023-009 | Apereo | CAS | Medium | 4.0 | 2023-06-27 17:10:48 | Deep Dive |
| CVE-2023-32997 | Jenkins Plugin CAS 授权问题漏洞 | Jenkins Project | Jenkins CAS Plugin | 高危 | - | 2023-05-16 16:00:15 | Deep Dive |
| CVE-2023-22447 | Intel Open CAS 日志信息泄露漏洞 | - | Open CAS software for Linux maintained by Intel | Low | 2.0 | 2023-05-10 13:17:25 | Deep Dive |
| CVE-2022-29523 | Intel Open CAS 代码问题漏洞 | - | Open CAS software maintained by Intel(R) | Low | 3.3 | 2023-02-16 20:00:20 | Deep Dive |
| CVE-2021-21673 | Jenkins 输入验证错误漏洞 | Jenkins project | Jenkins CAS Plugin | 中危 | - | 2021-06-30 16:45:20 | Deep Dive |
| CVE-2012-1105 | Jasig Project php-pear-CAS 信息泄露漏洞 | Jasig Project | php-pear-CAS | 中危 | - | 2019-12-05 18:26:36 | Deep Dive |
| CVE-2019-10754 | Apereo CAS 安全特征问题漏洞 | - | Apereo CAS | 高危 | - | 2019-09-23 22:09:32 | Deep Dive |