| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-0651 | File symlink abuse might lead to deleting files belonging to SYSTEM user | Cloudflare | WARP | 中危 | - | 2025-01-22 17:34:17 | Deep Dive |
| CVE-2023-48712 | User authorization bug leading to privilege escalation in warpgate | warp-tech | warpgate | High | 7.1 | 2023-11-24 17:03:00 | Deep Dive |
| CVE-2023-43660 | SSH key password bypassed in warpgate | warp-tech | warpgate | Medium | 4.8 | 2023-09-27 21:00:30 | Deep Dive |
| CVE-2023-3747 | Insufficient Validation on Override Codes for Always-Enabled WARP Mode | Cloudflare | WARP Client | Medium | 5.5 | 2023-09-07 12:11:01 | Deep Dive |
| CVE-2023-0654 | Spoofing User's Activity Loads in WARP Mobile Client (Android) | Cloudflare | WARP Client | Low | 3.9 | 2023-08-29 15:05:20 | Deep Dive |
| CVE-2023-0238 | Injecting Activity Loads in WARP Mobile Client | Cloudflare | WARP Client | Low | 3.9 | 2023-08-29 14:56:51 | Deep Dive |
| CVE-2023-2754 | Plaintext transmission of DNS requests in Windows 1.1.1.1 WARP client | Cloudflare | WARP | High | 7.4 | 2023-08-03 13:53:01 | Deep Dive |
| CVE-2023-37268 | User login confusion with SSO in warpgate | warp-tech | warpgate | Medium | 6.4 | 2023-07-14 21:02:01 | Deep Dive |
| CVE-2023-1862 | Remote access to warp-svc.exe in Cloudflare WARP | Cloudflare | WARP Client | High | 7.3 | 2023-06-20 08:28:13 | Deep Dive |
| CVE-2023-0652 | Local Privilege Escalation in Cloudflare WARP Installer (Windows) | Cloudflare | WARP | High | 7.0 | 2023-04-06 09:42:34 | Deep Dive |
| CVE-2023-1412 | Local Privilege Escalation Vulnerability in WARP's MSI Installer | Cloudflare | WARP | High | 7.0 | 2023-04-05 15:22:56 | Deep Dive |
| CVE-2023-28113 | russh may use insecure Diffie-Hellman keys | warp-tech | russh | Medium | 5.9 | 2023-03-16 00:00:00 | Deep Dive |
| CVE-2022-4428 | support_uri validation missing in WARP client for Windows | Cloudflare | WARP | High | 8.9 | 2023-01-11 16:49:37 | Deep Dive |
| CVE-2022-4457 | WARP client manifest misconfiguration leading to Task Hijacking | Cloudflare | WARP | Medium | 5.5 | 2023-01-11 16:32:28 | Deep Dive |
| CVE-2022-3320 | Bypassing Cloudflare Zero Trust policies using warp-cli set-custom-endpoint command | Cloudflare | WARP | Medium | 6.7 | 2022-10-28 09:30:18 | Deep Dive |
| CVE-2022-3322 | Lock WARP switch bypass on WARP mobile client using iOS quick action | Cloudflare | WARP | Medium | 6.7 | 2022-10-28 09:25:56 | Deep Dive |
| CVE-2022-3337 | Lock WARP switch bypass by removing VPN profile on iOS mobile client | Cloudflare | WARP | Medium | 6.7 | 2022-10-28 09:25:32 | Deep Dive |
| CVE-2022-3321 | Lock WARP switch feature bypass on WARP mobile client for iOS | Cloudflare | WARP | Medium | 6.7 | 2022-10-28 09:24:41 | Deep Dive |
| CVE-2022-3512 | Lock WARP switch bypass using warp-cli 'add-trusted-ssid' command | Cloudflare | WARP | Medium | 6.7 | 2022-10-28 09:22:08 | Deep Dive |
| CVE-2022-2225 | Zero Trust Secure Web Gateway policies bypass using WARP client subcommands | Cloudflare | WARP | High | 8.1 | 2022-07-26 11:35:10 | Deep Dive |