Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

kalcaddle — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting kalcaddle. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Kalcaddle operates as a provider of mathematical software solutions, primarily known for its symbolic computation engine and graphing calculator applications used in educational and professional environments. Security audits have identified twenty-one distinct Common Vulnerabilities and Exposures (CVEs) associated with its software ecosystem, revealing a pattern of legacy code issues. Historically, these flaws predominantly involve remote code execution, cross-site scripting, and improper access control mechanisms that allow privilege escalation. Notable incidents include critical buffer overflow vulnerabilities in earlier desktop versions and insecure default configurations in web-based interfaces. While the company has issued patches for several high-severity issues, the accumulation of unresolved or partially mitigated defects suggests inconsistent security maintenance practices. Users are advised to verify version integrity and apply updates promptly to prevent exploitation of these known attack vectors, particularly in networked deployment scenarios.

Top products by kalcaddle: kodbox KodExplorer
CVE IDTitleCVSSSeverityPublished
CVE-2026-5618 kalcaddle kodbox shareMake/shareCheck server-side request forgery — kodboxCWE-918 5.6 Medium2026-04-06
CVE-2026-4831 kalcaddle kodbox Password-protected Share auth.class.php can improper authentication — kodboxCWE-287 3.7 Low2026-03-26
CVE-2026-4830 kalcaddle kodbox Public Share userShare.class.php add privilege escalation — kodboxCWE-434 5.6 Medium2026-03-26
CVE-2026-4592 kalcaddle kodbox Password Login index.class.php tfaVerify improper authentication — kodboxCWE-287 5.6 Medium2026-03-23
CVE-2026-4591 kalcaddle kodbox fileThumb Endpoint app.php checkBin os command injection — kodboxCWE-78 4.7 Medium2026-03-23
CVE-2026-4590 kalcaddle kodbox loginSubmit API index.class.php cross-site request forgery — kodboxCWE-352 3.1 Low2026-03-23
CVE-2026-4589 kalcaddle kodbox fileGet Endpoint editor.class.php PathDriverUrl server-side request forgery — kodboxCWE-918 6.3 Medium2026-03-23
CVE-2026-4588 kalcaddle kodbox Site-level API key shareOut.class.php shareSafeGroup hard-coded key — kodboxCWE-321 3.7 Low2026-03-23
CVE-2026-2560 kalcaddle kodbox Media File Preview Plugin VideoResize.class.php run os command injection — kodboxCWE-78 6.3 Medium2026-02-16
CVE-2026-1066 kalcaddle kodbox Compression zip command injection — kodboxCWE-77 6.3 Medium2026-01-17
CVE-2025-11016 kalcaddle kodbox index.class.php fileOut path traversal — kodboxCWE-22 4.3 Medium2025-09-26
CVE-2025-10233 kalcaddle kodbox editor.class.php fileSave path traversal — kodboxCWE-22 6.3 Medium2025-09-10
CVE-2025-9414 kalcaddle kodbox Download from Link serverDownload server-side request forgery — kodboxCWE-918 4.7 Medium2025-08-25
CVE-2023-6853 kalcaddle KodExplorer app.php index server-side request forgery — KodExplorerCWE-918 6.3 Medium2023-12-16
CVE-2023-6852 kalcaddle KodExplorer app.php server-side request forgery — KodExplorerCWE-918 6.3 Medium2023-12-16
CVE-2023-6851 kalcaddle KodExplorer ZIP Archive app.php unzipList code injection — KodExplorerCWE-94 6.3 Medium2023-12-16
CVE-2023-6850 kalcaddle KodExplorer API Endpoint unrestricted upload — KodExplorerCWE-434 6.3 Medium2023-12-16
CVE-2023-6849 kalcaddle kodbox app.php cover server-side request forgery — kodboxCWE-918 7.3 High2023-12-16
CVE-2023-6848 kalcaddle kodbox index.class.php check command injection — kodboxCWE-77 7.3 High2023-12-16
CVE-2022-4944 kalcaddle KodExplorer cross-site request forgery — KodExplorerCWE-352 4.3 Medium2023-04-22
CVE-2022-46154 Arbitrary file access in KodExplorer — KodExplorerCWE-22 8.6 High2022-12-06

This page lists every published CVE security advisory associated with kalcaddle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.