Browse all 13 CVE security advisories affecting hoppscotch. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Hoppscotch serves as an API development and testing tool, allowing developers to construct and send HTTP requests. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 13 recorded CVEs. Notable security characteristics include its client-side nature, which limits some attack surfaces, though vulnerabilities have often stemmed from improper input validation and insecure default configurations. While no major public security incidents have been widely documented, the consistent discovery of RCE and XSS vulnerabilities in its versions highlights ongoing security challenges that require careful implementation and regular updates.
CVE-2026-282152026-02-27Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with hoppscotch. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.