| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-32712 | Open Source Point of Sale has Stored XSS in Customer Name (Sales) | opensourcepos | opensourcepos | Medium | 5.4 | 2026-04-07 20:37:31 | Deep Dive |
| CVE-2026-39380 | Open Source Point of Sale has Stored XSS in Stock Location (Configuration) | opensourcepos | opensourcepos | Medium | 5.4 | 2026-04-07 19:49:14 | Deep Dive |
| CVE-2026-33730 | Open Source Point of Sale has an IDOR in Password Change (Home) | opensourcepos | opensourcepos | Medium | 6.5 | 2026-03-27 00:30:02 | Deep Dive |
| CVE-2026-32888 | Open Source Point of Sale is Vulnerable to SQL Injection Through its Item Search Functionality | opensourcepos | opensourcepos | High | 8.8 | 2026-03-20 02:14:35 | Deep Dive |
| CVE-2025-68658 | Open Source Point of Sale (opensourcepos) Stored XSS in Configuration (Information) – Company Name field | opensourcepos | opensourcepos | Medium | 4.3 | 2026-01-13 21:25:58 | Deep Dive |
| CVE-2025-68434 | opensourcepos has Cross-Site Request Forgery vulnerability that leads to Unauthorized Administrator Creation | opensourcepos | opensourcepos | High | 8.8 | 2025-12-17 22:20:13 | Deep Dive |
| CVE-2025-68147 | opensourcepos has a Cross-site Scripting vulnerability | opensourcepos | opensourcepos | High | 8.1 | 2025-12-17 22:16:37 | Deep Dive |