Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Openc3Cosmos6.0.0

7 matches found

CVE
CVEadded 2025/06/13 2:15 p.m.37 views

CVE-2025-28382

An issue in the openc3-api/tables endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute a directory traversal.

7.5CVSS6.8AI score0.01109EPSS
CVE
CVEadded 2025/06/13 2:15 p.m.37 views

CVE-2025-28384

An issue in the /script-api/scripts/ endpoint of OpenC3 COSMOS 6.0.0 allows attackers to execute a directory traversal.

9.1CVSS7.3AI score0.01109EPSS
CVE
CVEadded 2025/06/13 2:15 p.m.36 views

CVE-2025-28388

OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account.

9.8CVSS7.6AI score0.0008EPSS
CVE
CVEadded 2025/06/13 2:15 p.m.35 views

CVE-2025-28386

A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file.

9.8CVSS8.6AI score0.00549EPSS
CVE
CVEadded 2025/06/13 2:15 p.m.35 views

CVE-2025-28389

Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack.

9.8CVSS7.5AI score0.00162EPSS
CVE
CVEadded 2025/06/13 2:15 p.m.32 views

CVE-2025-28380

A cross-site scripting (XSS) vulnerability in OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the URL parameter.

6.1CVSS5.7AI score0.00051EPSS
CVE
CVEadded 2025/06/13 2:15 p.m.30 views

CVE-2025-28381

A credential leak in OpenC3 COSMOS v6.0.0 allows attackers to access service credentials as environment variables stored in all containers.

7.5CVSS6.8AI score0.0006EPSS