Browse all 4 CVE security advisories affecting Ercom. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ercom specializes in secure communication solutions, providing encryption and identity management products for government and enterprise sectors. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and access control weaknesses. While no major public security incidents have been widely documented, their CVE history indicates consistent vulnerabilities in web interfaces and authentication mechanisms. The company's focus on sensitive communications makes their security posture particularly critical, as breaches could expose classified or proprietary information. Their vulnerability patterns suggest a need for stronger secure coding practices and regular security assessments to address recurring issues in their software development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-6805 | Vulnerability on Cryptobox external sharing feature — CryptoboxCWE-280 | 5.9AI | MediumAI | 2026-05-07 |
| CVE-2026-5794 | Vulnerability in Cryptobox allows an authenticated user to trigger an account lockout — CryptoboxCWE-694 | 7.1AI | HighAI | 2026-04-28 |
| CVE-2026-0873 | Privilege Elevation in Ercom Cryptobox administration console — CryptoboxCWE-79 | 7.2AI | HighAI | 2026-02-04 |
| CVE-2025-14266 | CSRF in Ercom Cryptobox administration console — CryptoboxCWE-352 | 8.8AI | HighAI | 2025-12-17 |
This page lists every published CVE security advisory associated with Ercom. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.