Browse all 8 CVE security advisories affecting LoftOcean. AI-powered Chinese analysis, POCs, and references for each vulnerability.
LoftOcean develops cloud-native application security solutions focused on protecting containerized environments and DevOps pipelines. Historically, their products have been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation flaws. The company has recorded 8 CVEs to date, with several critical issues allowing unauthorized access or system compromise. Notable security characteristics include their integration with popular DevOps tools and their emphasis on runtime protection. While no major public security incidents have been documented, the consistent appearance of vulnerabilities in their software highlights the ongoing challenges in securing complex cloud-native architectures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-67988 | WordPress CozyStay theme < 1.9.1 - Local File Inclusion vulnerability — CozyStayCWE-98 | 8.1 | High | 2026-02-20 |
| CVE-2025-49508 | WordPress CozyStay theme < 1.7.1 - Local File Inclusion vulnerability — CozyStayCWE-98 | 8.1 | High | 2025-06-17 |
| CVE-2025-49507 | WordPress CozyStay theme < 1.7.1 - PHP Object Injection vulnerability — CozyStayCWE-502 | 9.8 | Critical | 2025-06-10 |
This page lists every published CVE security advisory associated with LoftOcean. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.