Browse all 6 CVE security advisories affecting torproject. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Tor Project develops and maintains the Tor network, enabling anonymous communication and privacy protection online. Historically, common vulnerabilities include remote code execution, cross-site scripting, and privilege escalation, often stemming from memory corruption flaws or improper input validation. While the project prioritizes security, notable incidents have included potential deanonymization risks through browser exploits and timing attacks. The organization actively patches vulnerabilities, with six CVEs currently on record, reflecting ongoing challenges in balancing functionality with security in a complex, decentralized system designed to resist surveillance and censorship.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-44603 | Tor <0.4.9.7 越界读取漏洞 — TorCWE-193 | 3.7 | Low | 2026-05-07 |
| CVE-2026-44602 | Tor<=0.4.9.6 CERT无序处理空指针解引用 — TorCWE-476 | 3.7 | Low | 2026-05-07 |
| CVE-2026-44601 | Tor客户端因电路双重关闭崩溃 — TorCWE-837 | 3.7 | Low | 2026-05-07 |
| CVE-2026-44600 | Tor <0.4.9.7 计数逻辑漏洞 — TorCWE-696 | 3.7 | Low | 2026-05-07 |
| CVE-2026-44599 | Tor多个版本BEGIN_DIR绕过漏洞 — TorCWE-669 | 3.7 | Low | 2026-05-07 |
| CVE-2026-44597 | Tor <0.4.9.7越界读漏洞 — TorCWE-684 | 3.7 | Low | 2026-05-07 |
This page lists every published CVE security advisory associated with torproject. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.