| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-6380 | ONLYOFFICE Docs 1.1.0 - 2.2.0 - Missing Authorization to Unauthenticated Privilege Escalation via callback Function | onlyoffice | ONLYOFFICE Docs | Critical | 9.8 | 2025-07-24 09:22:18 | Deep Dive |
| CVE-2025-5301 | Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer) | OnlyOffice | Docs (DocumentServer) | - | - | 2025-06-12 07:59:06 | Deep Dive |
| CVE-2024-11450 | ONLYOFFICE Docs <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | onlyoffice | ONLYOFFICE Docs | Medium | 6.4 | 2024-12-06 08:24:54 | Deep Dive |