Browse all 6 CVE security advisories affecting OSC. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-26002 | OnDemand susceptible to malicious input when navigating to a directory. — ondemandCWE-74 | 8.0AI | HighAI | 2026-03-04 |
| CVE-2025-66029 | Open OnDemand affected by Apache proxy passing sensitive headers — ondemandCWE-522 | 7.6 | High | 2025-12-17 |
| CVE-2025-64185 | Open OnDemand RPM packages create world writable locations — ondemandCWE-277 | - | - | 2025-11-20 |
| CVE-2025-62724 | Open OnDemand allowlist bypass using symlinks in directory downloads (TOCTOU) — ondemandCWE-61 | 4.3 | Medium | 2025-11-20 |
| CVE-2025-58435 | Open OnDemand didn't rotate password for VNC batch_connect — ondemandCWE-262 | 8.1AI | HighAI | 2025-09-09 |
| CVE-2025-53636 | Open OnDemand Shell App closed websocket DoS — ondemandCWE-400 | 5.4 | Medium | 2025-07-11 |
This page lists every published CVE security advisory associated with OSC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.