Browse all 4 CVE security advisories affecting NXLog. AI-powered Chinese analysis, POCs, and references for each vulnerability.
NXLog serves as a centralized log management and collection solution, enabling organizations to aggregate and process data from diverse sources. Historically, vulnerabilities have included remote code execution and cross-site scripting, often stemming from input validation flaws and improper access controls. While no major public incidents have been widely documented, the product's four recorded CVEs highlight potential risks in its web interface and configuration handling. Security researchers have noted that improper implementation could expose systems to unauthorized access or data exfiltration. The tool's effectiveness depends heavily on secure deployment practices, as its broad access to system logs creates significant attack surfaces if not properly configured and maintained.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-67900 | NXLog Agent 安全漏洞 — NXLog AgentCWE-829 | 8.1 | High | 2025-12-14 |
| CVE-2023-32792 | Cross-Site Request Forgery on NXLog Manager — NXLog ManagerCWE-352 | 6.5 | Medium | 2023-10-03 |
| CVE-2023-32791 | Cross-Site Request Forgery on NXLog Manager — NXLog ManagerCWE-352 | 6.5 | Medium | 2023-10-03 |
| CVE-2023-32790 | XSS on NXLog Manager — NXLog ManagerCWE-79 | 4.6 | Medium | 2023-10-03 |
This page lists every published CVE security advisory associated with NXLog. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.