All 11 CVE vulnerabilities found in YugabyteDB Anywhere, with AI-generated Chinese analysis, references, and POCs.
Vendor: YugabyteDB
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1966 | YugabyteDB Anywhere Exposes LDAP Credentials in Cleartext in Web UI CWE-522 | 8.1AI | HighAI | 2026-02-05 |
| CVE-2025-8866 | YugabyteDB 安全漏洞 CWE-200 | 5.3AI | MediumAI | 2025-08-11 |
| CVE-2025-8864 | YugabyteDB 安全漏洞 CWE-532 | 6.5 | - | 2025-08-11 |
| CVE-2024-11193 | YugabyteDB 安全漏洞 CWE-532 | 7.8AI | HighAI | 2024-11-13 |
| CVE-2024-11165 | YugabyteDB 安全漏洞 CWE-532 | 4.9AI | MediumAI | 2024-11-13 |
| CVE-2024-6908 | Admin Can Escalate Privileges to SuperAdmin Using Manual PUT Request CWE-269 | 7.2 | - | 2024-07-19 |
| CVE-2024-6895 | Insecure Account Profile Management CWE-306 | 5.0 | - | 2024-07-19 |
| CVE-2024-0006 | DB User Password Leak in Application Log CWE-532 | 7.1 | - | 2024-07-19 |
| CVE-2023-6001 | Prometheus Metrics Accessible Pre-Authentication CWE-200 | 5.3 | Medium | 2023-11-07 |
| CVE-2023-0745 | Arbitrary File Write in High Availability Backup Upload CWE-23 | 6.7 | Medium | 2023-02-09 |
| CVE-2023-0574 | Server-Side Request Forgery CWE-918 | 6.8 | Medium | 2023-02-09 |
All 11 known CVE vulnerabilities affecting YugabyteDB Anywhere with full Chinese analysis, references, and POCs where available.