Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ProjectDiscovery — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting ProjectDiscovery. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Projectdiscovery operates as an open-source attack surface management platform, enabling organizations to identify and analyze internet-facing assets. The project has contributed to 7 CVE disclosures, primarily focusing on remote code execution, cross-site scripting, and privilege escalation vulnerabilities in web applications and network services. Its tools facilitate automated discovery of misconfigurations and exposed services across various infrastructure components. While no major security incidents have been publicly attributed to the project, its extensive use in security research has led to the identification of vulnerabilities in numerous third-party systems, highlighting both its effectiveness and the critical need for continuous attack surface monitoring in modern environments.

Top products by ProjectDiscovery: nuclei interactsh
CVE IDTitleCVSSSeverityPublished
CVE-2026-41645 Nuclei: Environment variable disclosure via Response-Derived DSL Expressions — nucleiCWE-94 5.3 Medium2026-05-08
CVE-2026-41646 Nuclei: Local File Read via require() Module Loader Bypass — nucleiCWE-284 5.5 Medium2026-05-08
CVE-2026-41282 Nuclei 安全漏洞 — NucleiCWE-94 4.0 Medium2026-04-20
CVE-2024-43405 Nuclei Template Signature Verification Bypass — nucleiCWE-78 7.4 High2024-09-04
CVE-2024-40641 Unsigned code template execution through workflows in projectdiscovery/nuclei — nucleiCWE-78 7.4 High2024-07-17
CVE-2024-5262 ProjectDiscovery Interactsh - Files or Directories Accessible to External Parties — InteractshCWE-552 9.1AICriticalAI2024-06-05
CVE-2024-27920 Unsigned code template execution through workflows in projectdiscovery/nuclei — nucleiCWE-78 7.4 High2024-03-15
CVE-2023-37896 Nuclei Path Traversal vulnerability — nucleiCWE-22 7.5 High2023-08-04
CVE-2023-36474 Interactsh server settings make users vulnerable to Subdomain Takeover — interactshCWE-79 8.2 High2023-06-28

This page lists every published CVE security advisory associated with ProjectDiscovery. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.