Browse all 21 CVE security advisories affecting ASR. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Application Security Research (ASR) primarily delivers automated vulnerability scanning and risk assessment tools for enterprise software development lifecycles. With twenty-one recorded Common Vulnerabilities and Exposures, the platform has historically been susceptible to remote code execution and cross-site scripting flaws, often stemming from inadequate input validation in its web interface. Privilege escalation vulnerabilities have also been documented, allowing unauthorized users to bypass access controls within the administrative dashboard. These technical weaknesses suggest that while the core scanning engine remains robust, the surrounding management infrastructure requires stricter security hygiene. No major public data breaches have been widely reported, though the cumulative CVE count indicates persistent gaps in patch management and secure coding practices. Continuous monitoring of these specific vulnerability classes is essential for maintaining the integrity of the security assessment workflow and preventing potential exploitation by malicious actors targeting the administrative layer.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42800 | Deference after null check in ims_client sip — Lapwing_LinuxCWE-476 | 7.4 | High | 2026-04-30 |
| CVE-2025-13735 | Out-of-bounds Read in nr flc — Lapwing_LinuxCWE-125 | 7.4 | High | 2025-11-26 |
This page lists every published CVE security advisory associated with ASR. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.