Browse all 5 CVE security advisories affecting bugsink. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Bugsink operates as a vulnerability coordination platform connecting security researchers with organizations to identify and remediate software flaws. Historically, the service has primarily facilitated reporting of remote code execution, cross-site scripting, and privilege escalation vulnerabilities across various software ecosystems. While no major public security incidents have been directly attributed to bugsink, the platform's model inherently handles sensitive vulnerability data, requiring robust security measures to protect both researchers and organizations from potential data breaches or exploitation of disclosed flaws before patching.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-40162 | Bugsink affected by authenticated arbitrary file write in artifactbundle/assemble — bugsinkCWE-20 | 7.1 | High | 2026-04-10 |
| CVE-2026-27614 | Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering — bugsinkCWE-79 | 9.3 | Critical | 2026-02-25 |
| CVE-2025-64509 | Bugsink vulnerable to unauthenticated remote DoS via crafted Brotli input (via CPU) — bugsinkCWE-770 | 7.5 | High | 2025-11-10 |
| CVE-2025-64508 | Bugsink vulnerable to unauthenticated remote DoS via crafted Brotli input — bugsinkCWE-770 | 7.5 | High | 2025-11-10 |
| CVE-2025-54433 | Bugsink is vulnerable to Path Traversal attacks via event_id in ingestion — bugsinkCWE-22 | 8.3AI | HighAI | 2025-07-30 |
This page lists every published CVE security advisory associated with bugsink. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.