Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Cure53 — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Cure53. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Cure53 operates as an independent security consultancy specializing in application and network penetration testing, with a focus on identifying critical vulnerabilities in web applications, APIs, and enterprise systems. Historically, they have commonly discovered remote code execution, cross-site scripting, and privilege escalation flaws, contributing to their 10 CVE records. The firm is known for thorough manual testing methodologies and has been involved in high-profile assessments for major organizations. While no major security incidents directly involving cure53 have been widely reported, their work has consistently uncovered significant vulnerabilities that could lead to system compromises, data breaches, or unauthorized access if left unaddressed.

Found 10 results / 10Clear Filters
Top products by Cure53: DOMPurify
CVE IDTitleCVSSSeverityPublished
CVE-2026-41240 DOMPurify: FORBID_TAGS bypassed by function-based ADD_TAGS predicate (asymmetry with FORBID_ATTR fix) — DOMPurifyCWE-183 7.2AIHighAI2026-04-23
CVE-2026-41239 DOMPurify has a SAFE_FOR_TEMPLATES bypass in RETURN_DOM mode — DOMPurifyCWE-79 6.8 Medium2026-04-23
CVE-2026-41238 DOMPurify: Prototype Pollution to XSS Bypass via CUSTOM_ELEMENT_HANDLING Fallback — DOMPurifyCWE-79 6.9 Medium2026-04-23
CVE-2026-0540 DOMPurify XSS via Missing Rawtext Elements in SAFE_FOR_XML — DOMPurifyCWE-79 6.1 Medium2026-03-03
CVE-2025-15599 DOMPurify XSS via Textarea Rawtext Bypass in SAFE_FOR_XML — DOMPurifyCWE-79 6.1 Medium2026-03-03
CVE-2025-48050 DOMPurify 安全漏洞 — DOMPurifyCWE-24 7.5 High2025-05-15
CVE-2025-26791 DOMPurify 安全漏洞 — DOMPurifyCWE-79 4.5 Medium2025-02-14
CVE-2024-48910 DOMPurify vulnerable to tampering by prototype polution — DOMPurifyCWE-1321 9.1 Critical2024-10-31
CVE-2024-47875 DOMPurify nesting-based mXSS — DOMPurifyCWE-79 10.0 Critical2024-10-11
CVE-2024-45801 Tampering by prototype polution in DOMPurify — DOMPurifyCWE-1333 7.3 High2024-09-16

This page lists every published CVE security advisory associated with Cure53. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.