All 5 CVE vulnerabilities found in PILOS, with AI-generated Chinese analysis, references, and POCs.
Vendor: THM-Health
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-22800 | PILOS affected by a CSRF via GET request allows unintentional termination of all active video conferences CWE-352 | 2.4 | Low | 2026-01-12 |
| CVE-2025-62781 | PILOS is missing session regeneration after password change CWE-613 | 5.0 | Medium | 2025-10-27 |
| CVE-2025-62524 | PILOS Exposes PHP version CWE-200 | 5.3 | Medium | 2025-10-27 |
| CVE-2025-62523 | PILOS Misconfigured the Access-Control-Allow-Origin Header CWE-942 | 6.3 | Medium | 2025-10-27 |
| CVE-2023-47107 | PILOS account takeover through password reset poisoning CWE-20 | 8.8 | High | 2023-11-08 |
All 5 known CVE vulnerabilities affecting PILOS with full Chinese analysis, references, and POCs where available.