Browse all 3 CVE security advisories affecting mockoon. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-59149 | Mockoon: Path traversal in templated `filePath` lets a request escape the served directory (prefix-only base check) — mockoonCWE-22 | 6.5 | Medium | 2026-07-09 |
| CVE-2026-59148 | Mockoon: Unauthenticated admin API + wildcard CORS allows mock-state hijack and secret theft — mockoonCWE-306 | 8.8 | High | 2026-07-09 |
| CVE-2025-59049 | Mockoon has a Path Traversal and LFI in the static file serving endpoint — mockoonCWE-73 | 7.5 | High | 2025-09-10 |
This page lists every published CVE security advisory associated with mockoon. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.