| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-68271 | Unauthenticated Remote Code Execution in openc3-api | OpenC3 | cosmos | Critical | 10.0 | 2026-01-13 18:32:22 | Deep Dive |
| CVE-2025-64675 | Azure Cosmos DB Spoofing Vulnerability | Microsoft | Azure Cosmos DB | High | 8.3 | 2025-12-18 23:15:31 | Deep Dive |
| CVE-2025-23214 | Cosmos userbase checking vulnerability | azukaar | Cosmos-Server | 中危 | - | 2025-01-20 18:09:46 | Deep Dive |
| CVE-2024-47529 | OpenC3 COSMOS uses clear text storage of password/token (`GHSL-2024-129`) | OpenC3 | cosmos | 中危 | - | 2024-10-02 19:17:22 | Deep Dive |
| CVE-2024-46977 | OpenC3 COSMOS allows a path traversal via screen controller (`GHSL-2024-127`) | OpenC3 | cosmos | 中危 | - | 2024-10-02 19:17:14 | Deep Dive |
| CVE-2024-43795 | OpenC3 COSMOS vulnerable to cross-site scripting in Login functionality (`GHSL-2024-128`) | OpenC3 | cosmos | 中危 | - | 2024-10-02 19:13:02 | Deep Dive |
| CVE-2023-49091 | Jwttoken in Cosmos server never expires after password changed and logging out | azukaar | Cosmos-Server | High | 8.8 | 2023-11-29 19:16:38 | Deep Dive |
| CVE-2021-41135 | Authz Module Non-Determinism | cosmos | cosmos-sdk | Medium | 6.5 | 2021-10-20 18:05:10 | Deep Dive |