Browse all 5 CVE security advisories affecting Kingsoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kingsoft develops productivity software and security solutions, with its antivirus and office suites serving core use cases. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and insecure design. The company has addressed security incidents, including patches for critical flaws in its products. With five CVEs on record, Kingsoft maintains a moderate security profile, though its software remains a target for exploitation due to widespread adoption. Security researchers have identified vulnerabilities in its office suite and security products, highlighting the importance of regular updates and robust input sanitization to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-2516 | Use of a weak cryptographic key in the signature verification process in WPS Office — WPS OfficeCWE-326 | 5.9AI | MediumAI | 2025-03-27 |
| CVE-2024-11957 | Arbitrary Code Execution in WPS Office — WPS OfficeCWE-347 | 7.8 | - | 2025-03-04 |
| CVE-2024-13187 | Kingsoft WPS Office TCC code injection — WPS OfficeCWE-94 | 5.3 | Medium | 2025-01-08 |
| CVE-2024-7263 | Arbitrary Code Execution in WPS Office — WPS OfficeCWE-22 | 7.8AI | HighAI | 2024-08-15 |
| CVE-2024-7262 | Arbitrary Code Execution in WPS Office — WPS OfficeCWE-22 | 7.1AI | HighAI | 2024-08-15 |
This page lists every published CVE security advisory associated with Kingsoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.