Vulnerability List

CVE ID	Title	Vendor	Product	Severity	CVSS Score	Published At	AI Analysis
CVE-2025-64493	SuiteCRM is Vulnerable to Authenticated Blind SQL Injection via GraphQL	SuiteCRM	SuiteCRM-Core	Medium	6.5	2025-11-08 01:16:23	Deep Dive
CVE-2025-64492	SuiteCRM is Vulnerable to Authenticated Time Based Blind SQL Injection	SuiteCRM	SuiteCRM-Core	High	8.8	2025-11-08 01:07:23	Deep Dive
CVE-2025-64491	SuiteCRM is vulnerable to unauthenticated reflected XSS through its Login page	SuiteCRM	SuiteCRM	Medium	6.1	2025-11-08 00:45:08	Deep Dive
CVE-2025-64490	SuiteCRM's Inconsistent RBAC Enforcement Enables Access Control Bypass	SuiteCRM	SuiteCRM	High	8.3	2025-11-08 00:22:38	Deep Dive
CVE-2025-64489	SuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User Bypass	SuiteCRM	SuiteCRM	High	8.3	2025-11-08 00:15:45	Deep Dive
CVE-2025-64488	SuiteCRM: Authenticated SQL Injection Possible in Reschedule Call Module	SuiteCRM	SuiteCRM	高危	-	2025-11-07 23:59:46	Deep Dive
CVE-2022-50590	SuiteCRM < 7.12.6 Type Confusion via 'deleteAttachment' Functionality	SuiteCRM	SuiteCRM	中危	-	2025-11-06 19:59:36	Deep Dive
CVE-2022-50589	SuiteCRM < 7.12.6 SQL Injection via 'export' Functionality	SuiteCRM	SuiteCRM	中危	-	2025-11-06 19:59:13	Deep Dive
CVE-2025-41384	Reflected Cross-Site Scripting (XSS) in SuiteCRM	SuiteCRM	SuiteCRM	-	-	2025-10-27 12:53:51	Deep Dive
CVE-2025-54787	SuiteCRM: Improper Authorization for attachment downloads	SuiteCRM	SuiteCRM	Low	3.7	2025-08-07 21:15:40	Deep Dive
CVE-2025-54784	SuiteCRM is vulnerable to Cross Site Scripting (XSS) through its email viewer	SuiteCRM	SuiteCRM	-	-	2025-08-07 00:07:08	Deep Dive
CVE-2025-54783	SuiteCRM: Reflected Cross Site Scripting (XSS) through HTTP Referrer header	SuiteCRM	SuiteCRM	-	-	2025-08-07 00:05:12	Deep Dive
CVE-2025-54788	SuiteCRM: Authenticated Blind SQL Injection in InboundEmail module	SuiteCRM	SuiteCRM	High	8.8	2025-08-06 23:48:56	Deep Dive
CVE-2025-54786	SuiteCRM: Legacy iCal service allows unauthenticated access to meeting data	SuiteCRM	SuiteCRM-Core	Medium	5.3	2025-08-06 23:23:01	Deep Dive
CVE-2025-54785	SuiteCRM is Vulnerable to PHP Object Injection in Reports	SuiteCRM	SuiteCRM	High	8.8	2025-08-06 23:15:17	Deep Dive
CVE-2024-50335	Authenticated XSS in "Publish Key" Field Allowing Unauthorized Administrator User Creation in SuiteCRM	salesagility	SuiteCRM	Medium	4.9	2024-11-05 18:42:14	Deep Dive
CVE-2024-50333	RCE in ModuleBuilder in SuiteCRM	salesagility	SuiteCRM	Medium	6.6	2024-11-05 18:41:24	Deep Dive
CVE-2024-50332	Authenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM	salesagility	SuiteCRM	High	8.8	2024-11-05 18:40:15	Deep Dive
CVE-2024-49774	ModuleScanner flaws in SuiteCRM	salesagility	SuiteCRM	High	7.2	2024-11-05 18:37:05	Deep Dive
CVE-2024-49773	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SuiteCRM	salesagility	SuiteCRM	Medium	5.3	2024-11-05 18:35:11	Deep Dive

Goal Reached Thanks to every supporter — we hit 100%!

Vulnerability List