Browse all 5 CVE security advisories affecting GOG.COM. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GOG.COM operates as a digital distribution platform for DRM-free games and software, primarily serving PC gamers. Historically, the platform has been susceptible to remote code execution and cross-site scripting vulnerabilities, often stemming from improper input validation and insecure session management. While no major security incidents have been widely documented, the five recorded CVEs highlight potential risks in web application components and user data handling. The platform's DRM-free model introduces unique security considerations, though its relatively smaller scale compared to competitors may limit exposure. Security efforts appear focused on maintaining integrity of digital downloads and user account systems, with periodic patching addressing identified vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-4049 | GOG Galaxy 权限许可和访问控制问题漏洞 — GOG Galaxy | 7.8 | - | 2019-04-02 |
| CVE-2018-4053 | GOG Galaxy 输入验证错误漏洞 — GOG Galaxy | 5.5 | - | 2019-04-02 |
| CVE-2018-4051 | GOG Galaxy 权限许可和访问控制问题漏洞 — GOG Galaxy | 5.5 | - | 2019-04-02 |
| CVE-2018-4052 | GOG Galaxy 信息泄露漏洞 — GOG Galaxy | 5.5 | - | 2019-04-02 |
| CVE-2018-3974 | GOG Galaxy 权限许可和访问控制问题漏洞 — GOG Galaxy | 7.8 | - | 2019-04-02 |
This page lists every published CVE security advisory associated with GOG.COM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.