All 5 CVE vulnerabilities found in PandaX, with AI-generated Chinese analysis, references, and POCs.
Vendor: PandaXGO
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15108 | PandaXGO PandaX JWT Secret config.yml hard-coded key CWE-321 | 3.7 | Low | 2025-12-27 |
| CVE-2024-2565 | PandaXGO PandaX File Extension upload.go unrestricted upload CWE-434 | 6.3 | Medium | 2024-03-17 |
| CVE-2024-2564 | PandaXGO PandaX user.go ExportUser path traversal CWE-24 | 6.3 | Medium | 2024-03-17 |
| CVE-2024-2563 | PandaXGO PandaX upload.go DeleteImage path traversal CWE-24 | 5.4 | Medium | 2024-03-17 |
| CVE-2024-2562 | PandaXGO PandaX role_menu.go InsertRole sql injection CWE-89 | 6.3 | Medium | 2024-03-17 |
All 5 known CVE vulnerabilities affecting PandaX with full Chinese analysis, references, and POCs where available.