Sunshine@* Security Vulnerabilities and Issues — Sunshine@* CVE List

Lucene search

LizardbyteSunshine*

3 matches found

CVE•added 2025/01/20 4:15 p.m.•39 views

CVE-2024-51738

Sunshine is a self-hosted game stream host for Moonlight. In 0.23.1 and earlier, Sunshine's pairing protocol implementation does not validate request order and is thereby vulnerable to a MITM attack, potentially allowing an unauthenticated attacker to pair a client by hijacking a legitimate pairing...

7.7CVSS6.7AI score0.00077EPSS

CVE•added 2025/07/01 2:15 a.m.•9 views

CVE-2025-53095

Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Cross-Site Request Forgery (CSRF) attacks. This vulnerability allows an attacker to craft a malicious web page that, when visited by an authenticated user, can t...

9.6CVSS7.6AI score0.0002EPSS

CVE•added 2025/07/01 2:15 a.m.•7 views

CVE-2025-53096

Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.628.4510, the web UI of Sunshine lacks protection against Clickjacking attacks. This vulnerability allows an attacker to embed the Sunshine interface within a malicious website using an invisible or disguised iframe. If...

5.4CVSS7AI score0.00035EPSS