Browse all 5 CVE security advisories affecting BOINC. AI-powered Chinese analysis, POCs, and references for each vulnerability.
BOINC is an open-source platform enabling distributed computing for scientific research across volunteer networks. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure session management. While no major security incidents have been widely documented, the five recorded CVEs highlight potential risks in web interfaces and authentication mechanisms. The platform's distributed nature introduces unique attack surfaces, particularly in volunteer-managed deployments where security practices may vary. Its design prioritizes computational efficiency over robust security controls, necessitating careful configuration and regular updates to mitigate identified vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-0669 | BOINC Server Cross-Site Request Forgery — BOINC ServerCWE-352 | 8.8AI | HighAI | 2025-05-07 |
| CVE-2025-0668 | BOINC Server Multiple SQL Injections — BOINC ServerCWE-89 | 5.4AI | MediumAI | 2025-05-07 |
| CVE-2025-0667 | BOINC Server Stored XSS Injection in pm.php — BOINC ServerCWE-79 | 5.4AI | MediumAI | 2025-05-07 |
| CVE-2025-0666 | BOINC Server Stored XSS Injection in host_venue_action.php — BOINC ServerCWE-79 | 5.4AI | MediumAI | 2025-05-07 |
| CVE-2013-2018 | BOINC SQL注入漏洞 — BOINC | 9.8 | - | 2020-02-19 |
This page lists every published CVE security advisory associated with BOINC. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.