All 6 CVE vulnerabilities found in Arc, with AI-generated Chinese analysis, references, and POCs.
Vendor: CData
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-40896 | Lack of TLS certificate validation when connecting Arc to a Guardian or CMC, in Arc before v2.2.0 CWE-295 | 6.5 | Medium | 2026-03-04 |
| CVE-2023-5938 | Path traversal via 'zip slip' in Arc before v1.6.0 CWE-22 | 8.0 | High | 2024-05-15 |
| CVE-2023-5937 | Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 CWE-538 | 3.8 | Low | 2024-05-15 |
| CVE-2023-5936 | Unsafe temporary data privileges on Unix systems in Arc before v1.6.0 CWE-732 | 7.8 | High | 2024-05-15 |
| CVE-2023-5935 | Missing authentication for local web interface in Arc before v1.6.0 CWE-306 | 7.4 | High | 2024-05-15 |
| CVE-2024-31850 | CData Arc 安全漏洞 CWE-22 | 8.6 | High | 2024-04-05 |
All 6 known CVE vulnerabilities affecting Arc with full Chinese analysis, references, and POCs where available.