Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Kiteworks — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting Kiteworks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Kiteworks:security-advisoriesSecure Data FormsOwnCloudcoreKiteworks Email Protection Gateway
CVE IDTitleCVSSSeverityPublished
CVE-2026-29092 Kiteworks Email Protection Gateway has an Insufficient Session Expiration — Kiteworks Email Protection GatewayCWE-613 4.9 Medium2026-03-25
CVE-2026-23636 Kiteworks Secure Data Forms is vulnerable to an Unrestricted Upload of File with Dangerous Type — Secure Data FormsCWE-434 5.5 Medium2026-03-25
CVE-2026-23635 Kiteworks Secure Data Forms has a potential Unprotected Transport of Credentials — Secure Data FormsCWE-523 6.5 Medium2026-03-25
CVE-2026-24750 Kiteworks Secure Data Forms vulnerable to Cross-site Scripting — Secure Data FormsCWE-79 7.6 High2026-03-25
CVE-2026-23514 Kiteworks Core before 9.2.2 is vulnerable to Improper Ownership Management — coreCWE-282 8.8 High2026-03-25
CVE-2026-28272 Kiteworks Email Protection Gateway has a Cross-site Scripting vulnerability — security-advisoriesCWE-79 8.1 High2026-02-27
CVE-2026-28271 Kiteworks Core is vulnerable to Server-Side Request Forgery (SSRF) — security-advisoriesCWE-350 6.5 Medium2026-02-27
CVE-2026-28270 Kiteworks Core has an Unrestricted Upload of File with Dangerous Type — security-advisoriesCWE-434 4.9 Medium2026-02-27
CVE-2026-28269 Kiteworks Core has an OS Command Injection — security-advisoriesCWE-78 5.9 Medium2026-02-26
CVE-2025-53939 Kiteworks Core is vulnerable to Improper Input Validation — security-advisoriesCWE-20 6.3 Medium2025-11-29
CVE-2025-53900 Kiteworks MFT has a Privilege Defined With Unsafe Actions — security-advisoriesCWE-267 6.5 Medium2025-11-29
CVE-2025-53899 Kiteworks MFT is vulnerable to an Incorrectly Specified Destination in a Communication Channel — security-advisoriesCWE-941 7.2 High2025-11-29
CVE-2025-53897 Kiteworks MFT has a Cross-Site Request Forgery (CSRF) vulnerability — security-advisoriesCWE-352 6.8 Medium2025-11-29
CVE-2025-53896 Kiteworks MFT is vulnerable to Insufficient Session Expiration — security-advisoriesCWE-613 7.1 High2025-11-29
CVE-2023-7273 Cross Site Request Forgery in Kiteworks OwnCloud — OwnCloudCWE-352 6.8 Medium2024-10-01

This page lists every published CVE security advisory associated with Kiteworks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.