Browse all 3 CVE security advisories affecting Mercury. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Mercury is a workflow automation tool primarily used for integrating disparate systems and streamlining business processes. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insecure default configurations. The tool's extensive integration capabilities increase its attack surface, with past incidents involving unauthorized access and data breaches. Security researchers have noted that Mercury's complex architecture can lead to misconfigurations, while its broad permissions model has facilitated privilege escalation in multiple CVEs. Organizations implementing Mercury should prioritize hardening configurations and applying security patches to mitigate these recurring risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-8655 | Mercury MNVR816 web-static file access — MNVR816CWE-552 | 5.3 | Medium | 2024-09-10 |
This page lists every published CVE security advisory associated with Mercury. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.