Browse all 17 CVE security advisories affecting Yandex. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Yandex operates as a major technology company providing internet-related services, including search, email, and cloud solutions. Historically, its products have been susceptible to various vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, as evidenced by the 17 CVEs currently on record. The company has faced security scrutiny over potential government ties and data handling practices, though no major public security incidents have been widely documented. Yandex maintains a security response team to address vulnerabilities, but its broad service ecosystem presents a complex attack surface requiring continuous security assessments and patch management to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-5471 | Dylib Hijacking in Yandex Telemost — TelemostCWE-427 | 7.7AI | HighAI | 2025-12-09 |
| CVE-2024-12168 | DLL Hijacking in Yandex Telemost — TelemostCWE-426 | 7.8AI | HighAI | 2025-06-02 |
This page lists every published CVE security advisory associated with Yandex. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.