Browse all 4 CVE security advisories affecting StrongDM. AI-powered Chinese analysis, POCs, and references for each vulnerability.
StrongDM provides centralized access control for infrastructure, enabling secure connections to databases, servers, and cloud resources through a zero-trust approach. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access control flaws. The platform's security focus on least privilege and audit trails contrasts with its own CVE history, which includes authentication bypass and session management issues. While no major public incidents have been widely reported, the presence of four CVEs highlights potential risks in complex access management systems where misconfigurations could expose critical infrastructure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-6183 | Configd Injection — sdm-cliCWE-78 | 7.5AI | HighAI | 2025-08-20 |
| CVE-2025-6182 | Root Certificate Injection — sdmCWE-269 | 7.5AI | HighAI | 2025-08-20 |
| CVE-2025-6181 | StrongDM Client 安全漏洞 — sdm-cliCWE-78 | 7.8AI | HighAI | 2025-08-20 |
| CVE-2025-6180 | Authentication Hijack — sdm-cliCWE-319 | 7.4AI | HighAI | 2025-08-20 |
This page lists every published CVE security advisory associated with StrongDM. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.