Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Altumcode66biolinks

3 matches found

CVE
CVEadded 2026/01/12 12:0 a.m.10 views

CVE-2025-66939

CVE-2025-66939 is a Cross Site Scripting vulnerability in AltumCode’s 66biolinks, version 61.0.1, where specially crafted favicon files can cause an attacker to execute arbitrary code. The root cause is described as improper handling of favicon files that triggers XSS. The affected software is 66...

5.4CVSS6.6AI score0.00034EPSS
CVE
CVEadded 2026/01/28 12:0 a.m.9 views

CVE-2025-69601

CVE-2025-69601 affects 66biolinks v44.0.0 (AltumCode) in the app’s “Static Sites” feature. A Zip Slip directory traversal occurs when ZIP archives are uploaded, as files are extracted without path validation, allowing traversal sequences (e.g., ../) to write outside the extraction directory. Repo...

6.5CVSS5.9AI score0.00165EPSS
CVE
CVEadded 2026/01/28 12:0 a.m.6 views

CVE-2025-69602

CVE-2025-69602 describes a session fixation vulnerability in 66biolinks v62.0.0 by AltumCode. The issue arises because the application does not regenerate the session identifier after successful authentication, allowing the same session cookie value to be reused for users authenticating in the sa...

9.1CVSS5.9AI score0.00103EPSS