Browse all 6 CVE security advisories affecting Bloomberg. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Bloomberg provides financial data, analytics, and trading platforms to global financial markets. Historically, common vulnerabilities include remote code execution, cross-site scripting, and privilege escalation, often stemming from web application misconfigurations and input validation flaws. The platform has experienced security incidents, including a 2020 data breach affecting customer information and a 2018 vulnerability exposing sensitive market data. With six CVEs on record, Bloomberg maintains robust security measures typical of financial institutions, though its complex infrastructure presents persistent attack surfaces. The organization regularly addresses vulnerabilities through patches and security updates to protect its high-value financial data and maintain regulatory compliance.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32722 | Memray-generated HTML reports vulnerable to Stored XSS via unescaped command-line metadata — memrayCWE-79 | 3.6 | Low | 2026-03-18 |
| CVE-2025-36520 | Bloomberg Comdb2 代码问题漏洞 — Comdb2CWE-476 | 7.5 | High | 2025-07-22 |
| CVE-2025-46354 | Bloomberg Comdb2 安全漏洞 — Comdb2CWE-617 | 7.5 | High | 2025-07-22 |
| CVE-2025-48498 | Bloomberg Comdb2 代码问题漏洞 — Comdb2CWE-476 | 7.5 | High | 2025-07-22 |
| CVE-2025-36512 | Bloomberg Comdb2 安全漏洞 — Comdb2CWE-617 | 7.5 | High | 2025-07-22 |
| CVE-2025-35966 | Bloomberg Comdb2 代码问题漏洞 — Comdb2CWE-476 | 7.5 | High | 2025-07-22 |
This page lists every published CVE security advisory associated with Bloomberg. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.