Browse all 5 CVE security advisories affecting PMB Services. AI-powered Chinese analysis, POCs, and references for each vulnerability.
PMB Services provides project management and business workflow solutions, with five CVEs recorded to date. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access control weaknesses. The organization has faced security incidents involving unauthorized access and data exposure due to these vulnerabilities. PMB Services' security posture has been characterized by delayed patching cycles and inconsistent vulnerability remediation practices, leaving customer deployments at risk. The company's products remain attractive targets due to their widespread use in business environments, necessitating improved security development lifecycles and more timely vulnerability management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-36970 | PMB 5.6 - 'chemin' Local File Disclosure — PMB ServicesCWE-22 | 8.4 | High | 2026-01-28 |
| CVE-2025-0473 | Incomplete Cleanup vulnerability in PMB platform — PMB platformCWE-459 | 6.5 | Medium | 2025-01-16 |
| CVE-2025-0472 | Information exposure vulnerability in PMB platform — PMB platformCWE-200 | 7.5 | High | 2025-01-16 |
| CVE-2025-0471 | Unrestricted Upload of File with Dangerous Type vulnerability in PMB platform — PMB platformCWE-434 | 9.9 | Critical | 2025-01-16 |
| CVE-2024-26289 | Remote Code Inclusion Vulnerability in Multiple PMB Versions — PMBCWE-502 | 9.8 | Critical | 2024-05-27 |
This page lists every published CVE security advisory associated with PMB Services. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.