Browse all 35 CVE security advisories affecting nasa. AI-powered Chinese analysis, POCs, and references for each vulnerability.
NASA operates as the United States’ civilian space agency, managing complex aerospace research, satellite communications, and planetary exploration missions. Its extensive digital infrastructure includes legacy control systems, web-facing public portals, and internal enterprise networks, creating a broad attack surface. Historically, vulnerabilities within its ecosystem have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from outdated software components or misconfigured web applications. While no catastrophic data breaches have publicly compromised critical mission-critical telemetry, the agency has faced scrutiny over data privacy and system integrity. The presence of thirty-four recorded CVEs highlights ongoing challenges in maintaining security across diverse, specialized technical environments. Continuous patching and rigorous access controls remain essential to protect sensitive scientific data and ensure the reliability of critical space operations against evolving cyber threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-25367 | NASA openVSP 3.16.1 Denial of Service via Buffer Overflow — openVSPCWE-120 | 6.2 | Medium | 2026-05-25 |
This page lists every published CVE security advisory associated with nasa. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.