Browse all 3 CVE security advisories affecting Summar Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Summar Software develops enterprise data analytics platforms for business intelligence. Historically, the product has been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and access control weaknesses. While no major public security incidents have been documented, the three recorded CVEs highlight persistent risks in authentication mechanisms and third-party component integrations. The platform's complex architecture increases attack surface, particularly in API endpoints and data processing pipelines. Organizations implementing Summar Software should prioritize regular patching and network segmentation to mitigate potential exploitation vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-40678 | Unrestricted upload vulnerability for dangerous file types on Summar Software´s Portal del Empleado — Portal del EmpleadoCWE-434 | 9.8AI | CriticalAI | 2025-09-18 |
| CVE-2025-40677 | SQL injection vulnerability in Summar Software´s Portal del Empleado — Portal del EmpleadoCWE-89 | 9.8AI | CriticalAI | 2025-09-18 |
| CVE-2024-5675 | Unreliable data deserialization vulnerability in Mentor — Mentor – Employee PortalCWE-502 | 10.0 | Critical | 2024-06-06 |
This page lists every published CVE security advisory associated with Summar Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.