Browse all 7 CVE security advisories affecting Galaxy Software Services. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Galaxy Software Services develops enterprise resource planning and customer relationship management solutions for mid-market businesses. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. The company has seven CVEs on record, with several critical flaws allowing unauthorized system access. While no major public security incidents have been documented, their consistent vulnerability pattern suggests a need for enhanced security testing protocols. Their software typically handles sensitive business data, making proper vulnerability remediation essential for their clients' security posture.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4640 | Galaxy Software Services|Vitals ESP - Missing Authentication — Vitals ESPCWE-306 | 7.5 | High | 2026-03-24 |
| CVE-2026-4639 | Galaxy Software Services|Vitals ESP - Incorrect Authorization — Vitals ESPCWE-863 | 8.8 | High | 2026-03-24 |
| CVE-2025-14255 | Galaxy Software Services|Vitals ESP - SQL Injection — Vitals ESPCWE-89 | 6.5 | Medium | 2025-12-08 |
| CVE-2025-14254 | Galaxy Software Services|Vitals ESP - SQL Injection — Vitals ESPCWE-89 | 6.5 | Medium | 2025-12-08 |
| CVE-2025-14253 | Galaxy Software Services|Vitals ESP - Arbitrary File Read — Vitals ESPCWE-36 | 4.9 | Medium | 2025-12-08 |
| CVE-2023-41357 | Galaxy Software Services Vitals ESP - Arbitrary File Upload — Vitals ESP CWE-434 | 8.8 | High | 2023-11-03 |
| CVE-2023-37291 | Galaxy Software Services Vitals ESP - Use of Hard-coded Cryptographic Key — Vitals ESPCWE-321 | 8.6 | High | 2023-07-21 |
This page lists every published CVE security advisory associated with Galaxy Software Services. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.