Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

LitmusChaos — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting LitmusChaos. AI-powered Chinese analysis, POCs, and references for each vulnerability.

LitmusChaos is a chaos engineering platform designed to test system resilience by injecting failures. Historically, it has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, with eight CVEs documented. Security researchers have identified issues in its API endpoints and web interface that could allow unauthorized access or system compromise. The platform's complexity and broad permissions have made it a target for exploitation, particularly in misconfigured environments. While no major public incidents have been widely reported, the accumulation of CVEs suggests potential risks in deployment and maintenance, emphasizing the need for proper configuration and access controls when implementing chaos engineering tools.

Top products by LitmusChaos: Litmus
CVE IDTitleCVSSSeverityPublished
CVE-2025-14261 Lack of entropy allows registered low-privileged users of Litmus to crack valid JWT tokens and gain admin privileges — litmusCWE-331 7.1 High2025-12-08
CVE-2025-8797 LitmusChaos Litmus LocalStorage permission — LitmusCWE-275 6.3 Medium2025-08-10
CVE-2025-8796 LitmusChaos Litmus Delete Request delete_project authorization — LitmusCWE-862 5.4 Medium2025-08-10
CVE-2025-8795 LitmusChaos Litmus login access control — LitmusCWE-284 6.3 Medium2025-08-10
CVE-2025-8794 LitmusChaos Litmus LocalStorage authorization — LitmusCWE-639 5.3 Medium2025-08-10
CVE-2025-8793 LitmusChaos Litmus resource injection — LitmusCWE-99 4.3 Medium2025-08-10
CVE-2025-8792 LitmusChaos Litmus client-side enforcement of server-side security — LitmusCWE-602 4.3 Medium2025-08-10
CVE-2025-8791 LitmusChaos Litmus list_projects improper authorization — LitmusCWE-285 6.3 Medium2025-08-10

This page lists every published CVE security advisory associated with LitmusChaos. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.