Browse all 9 CVE security advisories affecting kromitgmbh. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kromitgmbh develops enterprise software solutions with a core focus on business process automation and workflow management. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for their nine recorded CVEs. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in these categories suggests potential weaknesses in input validation and access control mechanisms. Their security posture appears to prioritize functionality over robust protection, resulting in recurring issues that could allow attackers to compromise systems or escalate privileges within their environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-21695 | Titra API Contains Mass Assignment Vulnerability — titraCWE-915 | 4.3 | Medium | 2026-01-07 |
| CVE-2026-21694 | Titra APIs have Improper Access Control — titraCWE-284 | 6.8 | Medium | 2026-01-07 |
| CVE-2025-69288 | Titra has Remote Code Execution in Admin Functionality — titraCWE-20 | 9.1 | Critical | 2025-12-31 |
| CVE-2022-2595 | Improper Authorization in kromitgmbh/titra — kromitgmbh/titraCWE-285 | 8.8 | - | 2022-08-01 |
| CVE-2022-2098 | Weak Password Requirements in kromitgmbh/titra — kromitgmbh/titraCWE-521 | 9.8 | - | 2022-06-16 |
| CVE-2022-2026 | Cross-site Scripting (XSS) - Stored in kromitgmbh/titra — kromitgmbh/titraCWE-79 | 5.4 | - | 2022-06-08 |
| CVE-2022-2027 | Improper Neutralization of Formula Elements in a CSV File in kromitgmbh/titra — kromitgmbh/titraCWE-1236 | 8.8 | - | 2022-06-08 |
| CVE-2022-2028 | Cross-site Scripting (XSS) - Generic in kromitgmbh/titra — kromitgmbh/titraCWE-79 | 5.4 | - | 2022-06-08 |
| CVE-2022-2029 | Cross-site Scripting (XSS) - DOM in kromitgmbh/titra — kromitgmbh/titraCWE-79 | 5.4 | - | 2022-06-08 |
This page lists every published CVE security advisory associated with kromitgmbh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.