Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

cobalt — Vulnerabilities & Security Advisories 85

All 85 CVE vulnerabilities found in cobalt, with AI-generated Chinese analysis, references, and POCs.

Vendor: Ashlar-Vellum

CVE IDTitleCVSSSeverityPublished
CVE-2025-53705 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, Cobalt Share Out-of-bounds Write CWE-787 7.8 High2025-08-18
CVE-2025-2023 Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability CWE-190 7.8 -2025-03-11
CVE-2025-2022 Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability CWE-843 7.8 -2025-03-11
CVE-2025-2021 Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability CWE-190 7.8 -2025-03-11
CVE-2025-2020 Ashlar-Vellum Cobalt VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787 7.8 -2025-03-11
CVE-2025-2019 Ashlar-Vellum Cobalt VC6 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CWE-122 7.8 -2025-03-11
CVE-2025-2018 Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability CWE-843 7.8 -2025-03-11
CVE-2025-2017 Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability CWE-120 7.8 -2025-03-11
CVE-2025-2016 Ashlar-Vellum Cobalt VC6 File Parsing Type Confusion Remote Code Execution Vulnerability CWE-843 7.8 -2025-03-11
CVE-2025-2015 Ashlar-Vellum Cobalt VS File Parsing Type Confusion Remote Code Execution Vulnerability CWE-843 7.8 -2025-03-11
CVE-2025-2014 Ashlar-Vellum Cobalt VS File Parsing Use of Uninitialized Variable Remote Code Execution Vulnerability CWE-457 7.8 -2025-03-11
CVE-2025-2013 Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability CWE-416 7.8 -2025-03-11
CVE-2025-2012 Ashlar-Vellum Cobalt VS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability CWE-125 7.8 -2025-03-11
CVE-2023-39943 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium Out-of-bounds Write CWE-787 7.8 High2025-02-04
CVE-2023-40222 Ashlar-Vellum Cobalt, Xenon, Argon, Lithium Heap-based Buffer Overflow CWE-122 7.8 High2025-02-04
CVE-2024-13049 Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execution Vulnerability CWE-843 7.8 -2024-12-30
CVE-2024-13048 Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787 7.8 -2024-12-30
CVE-2024-13047 Ashlar-Vellum Cobalt CO File Parsing Type Confusion Remote Code Execution Vulnerability CWE-843 7.8 -2024-12-30
CVE-2024-13046 Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787 7.8 -2024-12-30
CVE-2024-13045 Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability CWE-121 7.8 -2024-12-30
CVE-2024-13044 Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability CWE-787 7.8 -2024-12-30
CVE-2024-51498 [@imput/cobalt-web] Cross-site Scripting when downloading picker image from malicious instance CWE-79 6.1AIMediumAI2024-11-04
CVE-2023-44437 Ashlar-Vellum Cobalt Uncontrolled Search Path Element Remote Code Execution Vulnerability CWE-427 7.8 -2024-05-03
CVE-2023-42105 Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability CWE-843 7.8 -2024-05-03
CVE-2023-42104 Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability CWE-416 7.8 -2024-05-03
CVE-2023-42103 Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability CWE-416 7.8 -2024-05-03
CVE-2023-42102 Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability CWE-843 7.8 -2024-05-03
CVE-2023-42101 Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability CWE-125 7.8 -2024-05-03
CVE-2023-35716 Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability CWE-125 7.8 -2024-05-03
CVE-2023-35715 Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability CWE-824 7.8 -2024-05-03

All 85 known CVE vulnerabilities affecting cobalt with full Chinese analysis, references, and POCs where available.