Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Canto — Vulnerabilities & Security Advisories 5

All 5 CVE vulnerabilities found in Canto, with AI-generated Chinese analysis, references, and POCs.

Vendor: flightbycanto

CVE IDTitleCVSSSeverityPublished
CVE-2026-6441 Canto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting Modification CWE-862 4.3 Medium2026-04-17
CVE-2026-3335 Canto <= 3.1.1 - Missing Authorization to Unauthenticated File Upload CWE-862 5.3 Medium2026-03-21
CVE-2024-4936 Canto <= 3.0.8 - Unauthenticated Remote File Inclusion CWE-98 9.8 Critical2024-06-14
CVE-2024-25096 WordPress canto plugin <= 3.0.7 - Unauth. Remote Code Execution (RCE) vulnerability CWE-94 10.0 Critical2024-04-03
CVE-2023-3452 Canto <= 3.0.4 - Unauthenticated Remote File Inclusion CWE-98 9.8 Critical2023-08-12

All 5 known CVE vulnerabilities affecting Canto with full Chinese analysis, references, and POCs where available.