Browse all 4 CVE security advisories affecting yahoo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34043 | Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects — serialize-javascriptCWE-400 | 5.9 | Medium | 2026-03-31 |
| CVE-2022-24827 | SQL Injection in elide-datastore-aggregation — elideCWE-89 | 8.1 | High | 2022-04-11 |
| CVE-2020-5289 | Read permissions not enforced for client provided filter expressions in Elide http client — elideCWE-285 | 6.8 | Medium | 2020-03-30 |
| CVE-2019-16769 | Affected versions of serialize-javascript are vulnerable to Cross-site Scripting (XSS) — serialize-javascriptCWE-79 | 4.2 | Medium | 2019-12-05 |
This page lists every published CVE security advisory associated with yahoo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.