Browse all 4 CVE security advisories affecting CocoBasic. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CocoBasic is a lightweight programming framework primarily used for developing simple desktop applications and educational tools. Historically, it has been susceptible to multiple remote code execution vulnerabilities due to unsafe deserialization practices and input validation flaws. Cross-site scripting (XSS) and privilege escalation vulnerabilities have also been commonly recorded, affecting approximately four CVEs to date. The framework's minimal design, while appealing for basic projects, has often resulted in insufficient security controls. No major public security incidents have been documented, though the consistent pattern of vulnerabilities suggests developers should implement additional security measures when using CocoBasic for production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-48090 | WordPress Blanka - One Page WordPress Theme Theme < 1.5 - Local File Inclusion Vulnerability — Blanka - One Page WordPress ThemeCWE-35 | 8.1 | High | 2025-11-06 |
| CVE-2025-49383 | WordPress Neresa Theme <= 1.3 - Local File Inclusion Vulnerability — NeresaCWE-98 | 8.1 | High | 2025-08-28 |
| CVE-2025-49436 | WordPress Anotte theme <= 1.8 - Local File Inclusion vulnerability — AnotteCWE-98 | 8.1 | High | 2025-08-20 |
| CVE-2025-48160 | WordPress Caliris <= 1.5 - Local File Inclusion Vulnerability — CalirisCWE-98 | 8.1 | High | 2025-08-20 |
This page lists every published CVE security advisory associated with CocoBasic. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.