| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-54376 | Hoverfly's WebSocket endpoint `/api/v2/ws/logs` reachable without authentication even when --auth is enabled. | SpectoLabs | hoverfly | - | - | 2025-09-10 19:49:09 | Deep Dive |
| CVE-2025-54123 | Hoverfly vulnerable to remote code execution at `/api/v2/hoverfly/middleware` endpoint due to insecure middleware implementation | SpectoLabs | hoverfly | Critical | 9.8 | 2025-09-10 18:41:46 | Deep Dive |
| CVE-2024-45388 | Arbitrary file read in the `/api/v2/simulation` endpoint in hoverfly (`GHSL-2023-274`) | SpectoLabs | hoverfly | High | 7.5 | 2024-09-02 16:07:18 | Deep Dive |