All 2 CVE vulnerabilities found in openaev, with AI-generated Chinese analysis, references, and POCs.
Vendor: OpenAEV-Platform
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-24468 | OpenAEV Vulnerable to Username/Email Enumeration Through Differential HTTP Responses in Password Reset API CWE-204 | 5.3 | Medium | 2026-04-20 |
| CVE-2026-24467 | OpenAEV's Improper Password Reset Token Management Leads to Unauthenticated Account Takeover and Platform Compromise CWE-640 | 9.1 | Critical | 2026-04-20 |
All 2 known CVE vulnerabilities affecting openaev with full Chinese analysis, references, and POCs where available.