Browse all 33 CVE security advisories affecting EVerest. AI-powered Chinese analysis, POCs, and references for each vulnerability.
EVerest functions as an enterprise-grade identity and access management solution, primarily facilitating single sign-on and user lifecycle automation for large organizations. Security audits have identified thirty-three Common Vulnerabilities and Exposures (CVEs) associated with the platform, indicating a persistent attack surface. Historically, these flaws predominantly involve remote code execution and cross-site scripting, allowing attackers to inject malicious scripts or execute arbitrary commands within the application environment. Additionally, several incidents highlight privilege escalation vulnerabilities, where authenticated users could bypass authorization controls to access restricted administrative functions. While specific major breaches involving EVerest remain less publicized compared to broader identity provider outages, the cumulative nature of these CVEs suggests systemic weaknesses in input validation and session management. Organizations utilizing this software must prioritize rigorous patching and continuous monitoring to mitigate risks associated with these documented exploitation vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-59399 | libocpp 安全漏洞 — libocppCWE-460 | 3.1 | Low | 2025-09-15 |
| CVE-2025-59398 | libocpp 安全漏洞 — libocppCWE-392 | 3.1 | Low | 2025-09-15 |
This page lists every published CVE security advisory associated with EVerest. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.