| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-11093 | Arbitrary Code Execution with higher privileged users in Multiple WSO2 Products via Script Mediator Engines (GraalJS and NashornJS) | WSO2 | WSO2 Micro Integrator | High | 8.4 | 2025-11-05 18:31:18 | Deep Dive |
| CVE-2025-10907 | Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Services Leading to Remote Code Execution | WSO2 | WSO2 API Manager | High | 8.4 | 2025-11-05 18:03:50 | Deep Dive |
| CVE-2024-4598 | Information Disclosure in Multiple WSO2 Products Due to Improper Handling in Enrich Mediator | WSO2 | WSO2 API Manager | Medium | 6.5 | 2025-09-23 10:39:16 | Deep Dive |
| CVE-2024-7074 | Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Service Leading to Remote Code Execution | WSO2 | WSO2 Enterprise Integrator | Medium | 6.8 | 2025-06-02 16:42:19 | Deep Dive |
| CVE-2025-2905 | An XML External Entity (XXE) vulnerability in Multiple WSO2 Products | WSO2 | WSO2 API Manager | Critical | 9.1 | 2025-05-05 09:02:01 | Deep Dive |
| CVE-2023-6836 | WSO2 API Manager 安全漏洞 | WSO2 | WSO2 API Manager | Medium | 4.6 | 2023-12-15 09:26:01 | Deep Dive |