Browse all 40 CVE security advisories affecting Pegasystems. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Pegasystems provides enterprise software focused on business process management and customer relationship automation, primarily serving large organizations requiring complex workflow orchestration. With forty recorded Common Vulnerabilities and Exposures (CVEs), the platform has historically been susceptible to critical security flaws, most notably remote code execution (RCE) and cross-site scripting (XSS). These vulnerabilities often stem from insufficient input validation within its web-based interfaces and API endpoints, allowing attackers to bypass authentication or escalate privileges. While specific major public breaches are not widely documented in open sources, the high volume of CVEs indicates persistent challenges in securing its extensive codebase. The company has issued numerous patches to address these issues, reflecting an ongoing effort to mitigate risks associated with its complex, internet-facing architecture.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-28093 | Pegasystem Synchronization Engine 信任管理问题漏洞 — RPA: Synchronization EngineCWE-295 | 6.5 | - | 2023-04-10 |
| CVE-2023-26467 | Pegasystem PEGA Platform 数据伪造问题漏洞 — RPA: Synchronization EngineCWE-345 | 5.4 | - | 2023-04-10 |
| CVE-2023-26466 | Pegasystem PEGA Platform 安全漏洞 — RPA: Synchronization EngineCWE-285 | 7.1 | - | 2023-04-10 |
| CVE-2022-35656 | Pegasystem PEGA Platform 跨站请求伪造漏洞 — Pega InfinityCWE-352 | 4.5 | - | 2022-08-22 |
| CVE-2022-35655 | Pegasystem PEGA Platform 跨站脚本漏洞 — Pega InfinityCWE-79 | 6.1 | - | 2022-08-22 |
| CVE-2022-35654 | Pegasystem PEGA Platform 跨站脚本漏洞 — Pega InfinityCWE-79 | 6.1 | - | 2022-08-22 |
| CVE-2022-24083 | Pegasystem Pega 安全漏洞 — Pega InfinityCWE-285 | 8.4 | - | 2022-07-25 |
| CVE-2022-24082 | Pegasystem PEGA Platform 代码问题漏洞 — Pega InfinityCWE-502 | 9.8 | - | 2022-07-19 |
| CVE-2021-27654 | Pegasystems Pega 授权问题漏洞 — Pega InfinityCWE-640 | 7.8 | - | 2022-01-28 |
| CVE-2021-27651 | PEGA pega infinity 授权问题漏洞 — Pega InfinityCWE-287 | 7.8 | - | 2021-04-29 |
This page lists every published CVE security advisory associated with Pegasystems. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.