All 6 CVE vulnerabilities found in HyperCloud, with AI-generated Chinese analysis, references, and POCs.
Vendor: SoftIron
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1842 | HyperCloud Improper Refresh Token Validation and Access Token Invalidation Allows Long-Term Unauthorized Access CWE-613 | 8.8AI | HighAI | 2026-02-20 |
| CVE-2025-10650 | Improper SSH Key Handling in Internal Debug Builds May Grant Cluster-Level Access to Non-Administrative Users CWE-269 | 9.8AI | CriticalAI | 2025-09-18 |
| CVE-2024-13058 | Authenticated, non-admin users can create storage pools via the sifi API CWE-269 | 6.5 | - | 2024-12-30 |
| CVE-2023-45085 | When compute hosts are disabled and reenabled, they immediately transition to "ON", not "INIT" CWE-1419 | 3.2 | Low | 2023-12-05 |
| CVE-2023-45084 | Media caddy removal and reinsertion without reboot may cause data loss CWE-820 | 7.0 | High | 2023-12-05 |
| CVE-2023-45083 | HyperCloud: "admin" and "serveradmin" users can be deleted CWE-269 | 4.2 | Medium | 2023-12-05 |
All 6 known CVE vulnerabilities affecting HyperCloud with full Chinese analysis, references, and POCs where available.