All 8 CVE vulnerabilities found in litmus, with AI-generated Chinese analysis, references, and POCs.
Vendor: LitmusChaos
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14261 | Lack of entropy allows registered low-privileged users of Litmus to crack valid JWT tokens and gain admin privileges CWE-331 | 7.1 | High | 2025-12-08 |
| CVE-2025-8797 | LitmusChaos Litmus LocalStorage permission CWE-275 | 6.3 | Medium | 2025-08-10 |
| CVE-2025-8796 | LitmusChaos Litmus Delete Request delete_project authorization CWE-862 | 5.4 | Medium | 2025-08-10 |
| CVE-2025-8795 | LitmusChaos Litmus login access control CWE-284 | 6.3 | Medium | 2025-08-10 |
| CVE-2025-8794 | LitmusChaos Litmus LocalStorage authorization CWE-639 | 5.3 | Medium | 2025-08-10 |
| CVE-2025-8793 | LitmusChaos Litmus resource injection CWE-99 | 4.3 | Medium | 2025-08-10 |
| CVE-2025-8792 | LitmusChaos Litmus client-side enforcement of server-side security CWE-602 | 4.3 | Medium | 2025-08-10 |
| CVE-2025-8791 | LitmusChaos Litmus list_projects improper authorization CWE-285 | 6.3 | Medium | 2025-08-10 |
All 8 known CVE vulnerabilities affecting litmus with full Chinese analysis, references, and POCs where available.