Browse all 5 CVE security advisories affecting Volcengine. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-40525 | OpenViking < 0.3.9 Authentication Bypass via VikingBot OpenAPI — OpenVikingCWE-636 | 9.1 | Critical | 2026-04-17 |
| CVE-2026-22680 | OpenViking < 0.3.3 Missing Authorization via Task Polling — OpenVikingCWE-862 | 5.3 | Medium | 2026-04-07 |
| CVE-2026-34999 | OpenViking 0.2.5 < 0.2.14 Bot Proxy Endpoints Allow Unauthenticated Access — OpenVikingCWE-306 | 5.3 | Medium | 2026-04-01 |
| CVE-2026-28518 | OpenViking .ovpack Import ZIP Slip Path Traversal — OpenVikingCWE-22 | 7.8 | High | 2026-03-03 |
| CVE-2026-22207 | OpenViking Missing root_api_key Allows Anonymous ROOT Access — OpenVikingCWE-306 | 9.8 | Critical | 2026-02-26 |
This page lists every published CVE security advisory associated with Volcengine. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.