All 3 CVE vulnerabilities found in orion-ops, with AI-generated Chinese analysis, references, and POCs.
Vendor: orionsec
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13809 | orionsec orion-ops SSH Connection MachineInfoController.java server-side request forgery CWE-918 | 6.3 | Medium | 2025-12-01 |
| CVE-2025-13808 | orionsec orion-ops User Profile UserController.java update improper authorization CWE-285 | 7.3 | High | 2025-12-01 |
| CVE-2025-13807 | orionsec orion-ops API MachineKeyController.java MachineKeyController improper authorization CWE-285 | 4.3 | Medium | 2025-12-01 |
All 3 known CVE vulnerabilities affecting orion-ops with full Chinese analysis, references, and POCs where available.