Browse all 3 CVE security advisories affecting Atheos. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Atheos is a web-based content management system designed for collaborative document management and team productivity. Historically, Atheos has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The platform has accumulated three CVEs to date, with RCE being a recurring concern in its earlier versions. While no major public security incidents have been widely documented, the consistent presence of critical vulnerabilities in past releases indicates potential security risks for organizations relying on Atheos for sensitive document handling. Users are advised to maintain current versions and implement additional security controls to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-49008 | Atheos Improper Input Validation Vulnerability Enables RCE in Common.php — AtheosCWE-78 | 8.8AI | HighAI | 2025-06-05 |
| CVE-2025-47788 | Missing Path Validation Enables Path Traversal in Controller.php — AtheosCWE-22 | 9.8AI | CriticalAI | 2025-05-15 |
| CVE-2025-22152 | Improper Path Validation Enables Path Traversal in Multiple Components in Atheos — AtheosCWE-22 | 8.8 | - | 2025-01-10 |
This page lists every published CVE security advisory associated with Atheos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.