All 7 CVE vulnerabilities found in ScreenConnect, with AI-generated Chinese analysis, references, and POCs.
Vendor: ConnectWise
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-3564 | ScreenConnect Instance Level Cryptographic Material Exposure CWE-347 | 9.0 | Critical | 2026-03-17 |
| CVE-2025-14823 | Certificate Signing Extension Returns Encrypted Values CWE-201 | 5.3 | Medium | 2025-12-18 |
| CVE-2025-14265 | Improper server-side validation in ScreenConnect extension framework CWE-494 | 9.1 | Critical | 2025-12-11 |
| CVE-2025-3935 | ScreenConnect Exposure to ASP.NET ViewState Code Injection CWE-502 | 8.1 | High | 2025-04-25 |
| CVE-2024-1709 | Authentication bypass using an alternate path or channel CWE-288 | 10.0 | Critical | 2024-02-21 |
| CVE-2024-1708 | Improper limitation of a pathname to a restricted directory (“path traversal”) CWE-22 | 8.4 | High | 2024-02-21 |
| CVE-2022-36781 | ConnectWise - ScreenConnect Session Code Bypass | 5.3 | Medium | 2022-09-28 |
All 7 known CVE vulnerabilities affecting ScreenConnect with full Chinese analysis, references, and POCs where available.