Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/10/08 9:16 p.m.12 views

CVE-2025-57564

CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject arbitrary log entries into production systems via the /api/logs/insert/elasticsearch/bulk endpoint. This endpoint accepts bulk log data without requiring authentication or input validation, allowing remote attackers to perform...

8.2CVSS7.4AI score0.00346EPSS
Exploits0References1
NVD
NVD
added 2025/10/07 2:15 p.m.4 views

CVE-2025-57564

CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject arbitrary log entries into production systems via the /api/logs/insert/elasticsearch/bulk endpoint. This endpoint accepts bulk log data without requiring authentication or input validation, allowing remote attackers to perform...

8.2CVSS0.00346EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.4 views

PT-2025-41008

Name of the Vulnerable Software and Affected Versions CubeAPM version nightly-2025-08-01-1 Description The software allows unauthenticated attackers to inject arbitrary log entries into production systems. This is possible through the /api/logs/insert/elasticsearch/ bulk API endpoint, which accep...

8.2CVSS7AI score0.00346EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:0 a.m.5 views

EUVD-2025-32855

CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject arbitrary log entries into production systems via the /api/logs/insert/elasticsearch/bulk endpoint. This endpoint accepts bulk log data without requiring authentication or input validation, allowing remote attackers to perform...

6.8AI score0.00346EPSS
Exploits0References3
Rows per page
Query Builder