All 4 CVE vulnerabilities found in api, with AI-generated Chinese analysis, references, and POCs.
Vendor: Passbolt
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-40520 | FreePBX api module Command Injection via GraphQL CWE-78 | 7.2 | High | 2026-04-21 |
| CVE-2025-55210 | FreePBX API has a Privilege Escalation Error in GraphQL Allowing Authenticated Users to Access Additional Scopes CWE-270 | 8.8AI | HighAI | 2026-02-12 |
| CVE-2025-55739 | api: Shared OAuth Signing Key Between Different Instances CWE-798 | 9.8AI | CriticalAI | 2025-09-04 |
| CVE-2025-27913 | Passbolt 安全漏洞 CWE-348 | 3.7 | - | 2025-03-10 |
All 4 known CVE vulnerabilities affecting api with full Chinese analysis, references, and POCs where available.