Browse all 5 CVE security advisories affecting Mercku. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mercku operates as a proximity marketing platform enabling businesses to engage customers via Bluetooth beacons. Historically, the platform has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. These weaknesses have allowed attackers to potentially compromise systems, execute arbitrary code, or gain unauthorized access. Mercku's security posture has been inconsistent, with five CVEs recorded to date, reflecting ongoing challenges in secure development practices. While no major public incidents have been widely reported, the pattern of vulnerabilities suggests potential risks for organizations relying on their proximity marketing solutions, particularly those deployed in security-sensitive environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62771 | Mercku M6a 跨站请求伪造漏洞 — M6aCWE-352 | 7.5 | High | 2025-10-22 |
| CVE-2025-62774 | Mercku M6a 安全特征问题漏洞 — M6aCWE-331 | 3.1 | Low | 2025-10-22 |
| CVE-2025-62772 | Mercku M6a 安全漏洞 — M6aCWE-305 | 3.1 | Low | 2025-10-22 |
| CVE-2025-62775 | Mercku M6a 安全漏洞 — M6aCWE-669 | 8.0 | High | 2025-10-22 |
| CVE-2025-62773 | Mercku M6a 安全漏洞 — M6aCWE-912 | 2.4 | Low | 2025-10-22 |
This page lists every published CVE security advisory associated with Mercku. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.