All 4 CVE vulnerabilities found in Cube, with AI-generated Chinese analysis, references, and POCs.
Vendor: cube-js
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25958 | Cube privilege escalation via a specially crafted request CWE-807 | 7.7 | High | 2026-02-09 |
| CVE-2026-25957 | Cube Denial of Service (DoS) - An authenticated attacker can crash the server by sending a specially crafted request CWE-755 | 6.5 | Medium | 2026-02-09 |
| CVE-2018-25156 | Teradek Cube 7.3.6 Cross-Site Request Forgery Password Change CWE-352 | 4.3 | Medium | 2025-12-24 |
| CVE-2023-50709 | Denial of service attack on the cube-api endpoint CWE-20 | 6.5 | Medium | 2023-12-13 |
All 4 known CVE vulnerabilities affecting Cube with full Chinese analysis, references, and POCs where available.