Browse all 3 CVE security advisories affecting kybernetikservices. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kybernetikservices develops network security tools focusing on vulnerability assessment and penetration testing. Their products have historically been associated with remote code execution and cross-site scripting vulnerabilities, with three CVEs currently documented. Security researchers have identified authentication bypass issues in their software, allowing unauthorized access to sensitive functions. While no major public security incidents have been reported, the consistent pattern of input validation flaws suggests potential for exploitation. Their tools require privileged system access, increasing the risk of lateral movement if compromised. The company has not publicly disclosed a comprehensive vulnerability disclosure program, leaving security researchers limited channels for responsibly reporting findings.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-11980 | Quick Featured Images <= 13.7.3 - Authenticated (Editor+) SQL Injection via delete_orphaned — Quick Featured ImagesCWE-89 | 4.9 | Medium | 2025-11-08 |
| CVE-2025-11176 | Quick Featured Images <= 13.7.2 - Insecure Direct Object Reference to Image Manipulation — Quick Featured ImagesCWE-639 | 4.3 | Medium | 2025-10-15 |
| CVE-2024-3664 | Quick Featured Images <= 13.7.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Thumbnail Deletion/Setting — Quick Featured ImagesCWE-862 | 4.3 | Medium | 2024-04-23 |
This page lists every published CVE security advisory associated with kybernetikservices. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.