Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

NationalSecurityAgency — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting NationalSecurityAgency. AI-powered Chinese analysis, POCs, and references for each vulnerability.

The NationalSecurityAgency is primarily responsible for signals intelligence and information assurance for the United States. Historically, common vulnerability classes in its systems include remote code execution, cross-site scripting, and privilege escalation, often stemming from complex software architectures. The agency maintains robust security protocols but has faced notable incidents, including the 2013 breach by Edward Snowden and alleged vulnerabilities in its own encryption tools. With 10 CVEs on record, these typically involve legacy systems or third-party integrations rather than core intelligence platforms. The agency's dual mandate of collecting foreign intelligence and securing national communications creates unique security challenges, balancing offensive capabilities with defensive imperatives.

Top products by NationalSecurityAgency: emissary skills-service
CVE IDTitleCVSSSeverityPublished
CVE-2026-35582 Emissary has an OS Command Injection via Unvalidated IN_FILE_ENDING / OUT_FILE_ENDING in Executrix — emissaryCWE-78 8.8 High2026-04-18
CVE-2026-35583 Emissary has a Path Traversal via Blacklist Bypass in Configuration API — emissaryCWE-22 5.3 Medium2026-04-07
CVE-2026-35581 Emissary has a Command Injection via PLACE_NAME Configuration in Executrix — emissaryCWE-78 7.2 High2026-04-07
CVE-2026-35580 Emissary has GitHub Actions Shell Injection via Workflow Inputs — emissaryCWE-77 9.1 Critical2026-04-07
CVE-2026-35571 Emissary has Stored XSS via Navigation Template Link Injection — emissaryCWE-79 4.8 Medium2026-04-07
CVE-2025-27508 Emissary Use of a Broken or Risky Cryptographic Algorithm — emissaryCWE-327 7.5 High2025-03-05
CVE-2024-39326 SkillTree CSRF Vulnerability allows an attacker to modify the Video and Captions of a Skill — skills-serviceCWE-352 4.4 Medium2024-07-02
CVE-2021-32639 Server-Side Request Forgery (SSRF) in emissary:emissary — emissaryCWE-918 7.2 High2021-07-02
CVE-2021-32647 Post-authentication Remote Code Execution (RCE) in emissary:emissary — emissaryCWE-74 8.0 High2021-05-28
CVE-2021-32634 Deserialization of Untrusted Data in Emissary — emissaryCWE-502 7.2 High2021-05-21

This page lists every published CVE security advisory associated with NationalSecurityAgency. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.