| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-3432 | Sim Studio AI - Unauthenticated OAuth Token Theft | SimStudioAI | sim | - | - | 2026-03-02 13:01:05 | Deep Dive |
| CVE-2026-3431 | Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion | SimStudioAI | sim | Critical | 9.8 | 2026-03-02 13:00:59 | Deep Dive |
| CVE-2025-15099 | simstudioai sim CRON Secret internal.ts improper authentication | simstudioai | sim | High | 7.3 | 2025-12-26 04:02:07 | Deep Dive |
| CVE-2025-10097 | SimStudioAI sim route.ts code injection | SimStudioAI | sim | Medium | 6.3 | 2025-09-08 16:32:07 | Deep Dive |
| CVE-2025-10096 | SimStudioAI sim route.ts server-side request forgery | SimStudioAI | sim | Medium | 6.3 | 2025-09-08 15:32:09 | Deep Dive |
| CVE-2025-9805 | SimStudioAI sim route.ts server-side request forgery | SimStudioAI | sim | Medium | 6.3 | 2025-09-02 00:02:08 | Deep Dive |
| CVE-2025-9801 | SimStudioAI sim path traversal | SimStudioAI | sim | Medium | 5.4 | 2025-09-01 23:02:07 | Deep Dive |
| CVE-2025-9800 | SimStudioAI sim HTML File route.ts import unrestricted upload | SimStudioAI | sim | Medium | 6.3 | 2025-09-01 22:32:07 | Deep Dive |
| CVE-2025-7114 | SimStudioAI sim Session route.ts POST missing authentication | SimStudioAI | sim | High | 7.3 | 2025-07-07 05:32:06 | Deep Dive |
| CVE-2025-7107 | SimStudioAI sim route.ts handleLocalFile path traversal | SimStudioAI | sim | Medium | 5.3 | 2025-07-07 02:02:08 | Deep Dive |