Browse all 3 CVE security advisories affecting airtower-luna. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Airtower-luna serves as a cloud-based communication platform enabling real-time collaboration and file sharing across organizations. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with three CVEs documented to date. The platform's security posture has been marked by insufficient input validation and inadequate access controls in previous versions. While no major public security incidents have been reported, the consistent pattern of vulnerabilities in authentication and session management components suggests potential risks for organizations relying on this service without implementing additional security layers.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33308 | mod_gnutls missing key purpose check in client certificate verification — mod_gnutlsCWE-295 | 6.8 | Medium | 2026-03-24 |
| CVE-2026-33307 | mod_gnutils has stack-based buffer overflow caused by a long client certificate chain — mod_gnutlsCWE-121 | 7.5 | High | 2026-03-24 |
| CVE-2023-25824 | mod_gnutls contains Infinite Loop on request read timeout — mod_gnutlsCWE-835 | 7.5 | High | 2023-02-23 |
This page lists every published CVE security advisory associated with airtower-luna. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.