Browse all 4 CVE security advisories affecting StrangeBee. AI-powered Chinese analysis, POCs, and references for each vulnerability.
StrangeBee is a penetration testing tool primarily used for identifying security vulnerabilities in web applications and network infrastructure. Historically, it has been associated with Remote Code Execution (RCE), Cross-Site Scripting (XSS), and privilege escalation vulnerabilities in its own implementations. The tool has demonstrated security characteristics including improper input validation and insecure default configurations. While no major public incidents have been widely documented, StrangeBee has accumulated four CVEs, highlighting recurring security flaws in its design. These vulnerabilities have primarily stemmed from insufficient sanitization of user inputs and inadequate access controls, making it a concern for security professionals relying on such tools for defensive assessments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-48741 | StrangeBee TheHive 安全漏洞 — TheHiveCWE-266 | 6.5AI | MediumAI | 2025-05-23 |
| CVE-2025-48740 | StrangeBee TheHive 跨站请求伪造漏洞 — TheHiveCWE-352 | 8.8AI | HighAI | 2025-05-23 |
| CVE-2025-48738 | StrangeBee TheHive 安全漏洞 — TheHiveCWE-770 | 8.2AI | HighAI | 2025-05-23 |
| CVE-2025-48739 | StrangeBee TheHive 代码问题漏洞 — TheHiveCWE-918 | 5.5AI | MediumAI | 2025-05-23 |
This page lists every published CVE security advisory associated with StrangeBee. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.