Browse all 15 CVE security advisories affecting Santesoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Santesoft develops enterprise resource planning (ERP) software for supply chain management. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and access controls. While no major public security incidents have been widely documented, the 15 CVEs on record indicate persistent security challenges, particularly in authentication mechanisms and third-party integrations. Their software's complex architecture and extensive permissions model create multiple attack surfaces, making regular security assessments critical for organizations using their solutions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-54759 | Santesoft Sante PACS Server Cross-site Scripting — Sante PACS ServerCWE-79 | 6.1 | Medium | 2025-08-18 |
| CVE-2025-54862 | Santesoft Sante PACS Server Cross-site Scripting — Sante PACS ServerCWE-79 | 5.4 | Medium | 2025-08-18 |
| CVE-2025-54156 | Santesoft Sante PACS Server Cleartext Transmission of Sensitive Information — Sante PACS ServerCWE-319 | 7.4 | High | 2025-08-18 |
| CVE-2025-53948 | Santesoft Sante PACS Server Double Free — Sante PACS ServerCWE-415 | 7.5 | High | 2025-08-18 |
| CVE-2025-2284 | Santesoft Sante PACS Server Access of Uninitialized Pointer DoS — Sante PACS ServerCWE-824 | 7.5 | High | 2025-03-13 |
| CVE-2025-2265 | Santesoft Sante PACS Server HTTP.db SHA1 Hash Truncation — Sante PACS ServerCWE-916 | 7.8 | High | 2025-03-13 |
| CVE-2025-2264 | Santesoft Sante PACS Server Path Traversal Information Disclosure — Sante PACS ServerCWE-22 | 7.5 | High | 2025-03-13 |
| CVE-2025-2263 | Santesoft Sante PACS Server Stack-based Buffer Overflow — Sante PACS ServerCWE-121 | 9.8 | Critical | 2025-03-13 |
This page lists every published CVE security advisory associated with Santesoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.