Browse all 5 CVE security advisories affecting kurudrive. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kurudrive is a cloud-based file synchronization and sharing platform primarily used for enterprise data management and collaboration. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. The platform's security characteristics include integration with third-party services and reliance on web technologies, which have introduced attack surfaces. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in its web interface and authentication mechanisms suggests ongoing challenges in secure coding practices, requiring organizations to implement compensating controls when deploying this solution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-11737 | VK All in One Expansion Unit <= 9.112.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via SNS Title — VK All in One Expansion UnitCWE-79 | 6.4 | Medium | 2026-02-18 |
| CVE-2025-11265 | VK All in One Expansion Unit <= 9.112.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — VK All in One Expansion UnitCWE-80 | 6.4 | Medium | 2025-11-18 |
| CVE-2025-11267 | VK All in One Expansion Unit <= 9.112.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — VK All in One Expansion UnitCWE-80 | 6.4 | Medium | 2025-11-18 |
| CVE-2024-2093 | VK All in One Expansion Unit <= 9.95.0.1 - Information Exposure — VK All in One Expansion UnitCWE-200 | 6.5 | Medium | 2024-04-09 |
| CVE-2024-2170 | VK All in One Expansion Unit <= 9.96.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via className — VK All in One Expansion UnitCWE-79 | 6.4 | Medium | 2024-03-26 |
This page lists every published CVE security advisory associated with kurudrive. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.