Browse all 5 CVE security advisories affecting The-Scratch-Channel. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The-Scratch-Channel primarily develops interactive educational content and creative tools, with its core use case centered on providing accessible programming environments for learning and experimentation. Historically, vulnerabilities associated with this channel include remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and insecure design patterns. While no major public security incidents have been documented, the presence of five CVEs indicates consistent security challenges in handling user-generated content and sandbox execution environments. These vulnerabilities highlight ongoing risks in balancing functionality with security in educational platforms that prioritize open interaction and code execution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-59416 | The Scratch Channel forks can publish articles — tsc-web-clientCWE-862 | 9.1AI | CriticalAI | 2025-09-17 |
| CVE-2025-57805 | The Scratch Channel's Publish Articles POST Request Can Upload Articles Without Validation — tsc-web-clientCWE-20 | 5.3AI | MediumAI | 2025-08-25 |
This page lists every published CVE security advisory associated with The-Scratch-Channel. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.