All 6 CVE vulnerabilities found in hfs, with AI-generated Chinese analysis, references, and POCs.
Vendor: rejetto
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-61505 | Rejetto HFS < 3.2.1 Limited File Disclosure via Path Traversal in lang Parameter CWE-22 | 5.3 | Medium | 2026-07-13 |
| CVE-2026-61504 | Rejetto HFS < 3.2.1 Stored XSS via File Names in Basic Web Listing CWE-79 | 5.4 | Medium | 2026-07-13 |
| CVE-2026-61503 | Rejetto HFS < 3.2.1 Username Enumeration via Login Response Differences CWE-204 | 5.3 | Medium | 2026-07-13 |
| CVE-2026-61502 | Rejetto HFS < 3.2.1 Cross-Site Request Forgery via GET Requests CWE-352 | 4.3 | Medium | 2026-07-13 |
| CVE-2026-61501 | Rejetto HFS < 3.2.1 Stored XSS in Admin Log Viewer CWE-79 | 6.1 | Medium | 2026-07-13 |
| CVE-2026-61500 | Rejetto HFS < 3.2.1 Session Forgery via Predictable Signing Key CWE-338 | 9.8 | Critical | 2026-07-13 |
All 6 known CVE vulnerabilities affecting hfs with full Chinese analysis, references, and POCs where available.