Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

dragonflyoss — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting dragonflyoss. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by dragonflyoss:dragonflyDragonfly2
CVE IDTitleCVSSSeverityPublished
CVE-2026-24124 Dragonfly Manager Job API Allows Unauthenticated Access — dragonflyCWE-306 9.8 -2026-01-22
CVE-2025-59410 Dragonfly tiny file download uses hard coded HTTP protocol — dragonflyCWE-311 5.9AIMediumAI2025-09-17
CVE-2025-59354 Dragonfly has weak integrity checks for downloaded files — dragonflyCWE-328 6.5AIMediumAI2025-09-17
CVE-2025-59353 Manager generates mTLS certificates for arbitrary IP addresses — dragonflyCWE-295 6.5AIMediumAI2025-09-17
CVE-2025-59352 Dragonfly allows arbitrary file read and write on a peer machine — dragonflyCWE-202 8.8AIHighAI2025-09-17
CVE-2025-59351 Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error — dragonflyCWE-476 7.5AIHighAI2025-09-17
CVE-2025-59350 Timing attacks against Proxy’s basic authentication are possible — dragonflyCWE-208 5.9AIMediumAI2025-09-17
CVE-2025-59349 Directories created via os.MkdirAll are not checked for permissions — dragonflyCWE-732 3.3AILowAI2025-09-17
CVE-2025-59348 Dragonfly incorrectly handles a task structure’s usedTraffic field — dragonflyCWE-457 7.5AIHighAI2025-09-17
CVE-2025-59347 Dragonfly Manager makes requests to external endpoints with disabled TLS authentication — dragonflyCWE-295 7.4AIHighAI2025-09-17
CVE-2025-59346 Dragonfly server-side request forgery vulnerability — dragonflyCWE-918 4.6AIMediumAI2025-09-17
CVE-2025-59345 Dragonfly did not enable authentication for some Manager’s endpoints — dragonflyCWE-306 9.1AICriticalAI2025-09-17
CVE-2023-27584 Dragonfly2 vulnerable to hard coded cyptographic key — Dragonfly2CWE-321 9.8 Critical2024-09-19

This page lists every published CVE security advisory associated with dragonflyoss. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.