All 7 CVE vulnerabilities found in Thorium, with AI-generated Chinese analysis, references, and POCs.
Vendor: CISA
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-35436 | CISA Thorium account verification email error handling CWE-248 | 5.3 | Medium | 2025-09-17 |
| CVE-2025-35435 | CISA Thorium download stream divide by zero CWE-369 | 4.3 | Medium | 2025-09-17 |
| CVE-2025-35434 | CISA Thorium does not validate TLS connections to Elasticsearch CWE-295 | 4.2 | Medium | 2025-09-17 |
| CVE-2025-35433 | CISA Thorium does not properly invalidate previously used tokens CWE-613 | 5.0 | Medium | 2025-09-17 |
| CVE-2025-35432 | CISA Thorium does not rate limit account verification email messages CWE-400 | 5.3 | Medium | 2025-09-17 |
| CVE-2025-35431 | CISA Thorium LDAP injection CWE-90 | 5.4 | Medium | 2025-09-17 |
| CVE-2025-35430 | CISA Thorium insecure downloaded file path validation CWE-22 | 5.0 | Medium | 2025-09-17 |
All 7 known CVE vulnerabilities affecting Thorium with full Chinese analysis, references, and POCs where available.