Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

nasa — Vulnerabilities & Security Advisories 35

Browse all 35 CVE security advisories affecting nasa. AI-powered Chinese analysis, POCs, and references for each vulnerability.

NASA operates as the United States’ civilian space agency, managing complex aerospace research, satellite communications, and planetary exploration missions. Its extensive digital infrastructure includes legacy control systems, web-facing public portals, and internal enterprise networks, creating a broad attack surface. Historically, vulnerabilities within its ecosystem have frequently involved remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from outdated software components or misconfigured web applications. While no catastrophic data breaches have publicly compromised critical mission-critical telemetry, the agency has faced scrutiny over data privacy and system integrity. The presence of thirty-four recorded CVEs highlights ongoing challenges in maintaining security across diverse, specialized technical environments. Continuous patching and rigorous access controls remain essential to protect sensitive scientific data and ensure the reliability of critical space operations against evolving cyber threats.

Found 2 results / 35Clear Filters
Top products by nasa: CryptoLib cFS openmct CFITSIO fprime openVSP
High2026-04-22
Omega (#4919) · nasa/fprime@cacdd55 · GitHub
Medium2026-04-04
[SECURITY] CFE_SB_TransmitMsg memcpy trusts CCSDS header size without source buffer validation · Issue #953 · nasa/cFS
Unknown2026-04-04
[SECURITY] Heap over-read via untrusted CCSDS length in TO_LAB sendto · Issue #952 · nasa/cFS
Criticalnasa/cFS#9512026-04-04
[SECURITY] pickle.load() arbitrary code execution in cFS-GroundSystem · Issue #951 · nasa/cFS
HighCVE-2026-219002026-01-20
Out-of-Bounds Read in KMC Encrypt Metadata Parsing via Flawed strtok Pattern · Advisory · nasa/CryptoLib · GitHub
HighCVE-2026-220232026-01-20
Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern · Advisory · nasa/CryptoLib · GitHub
MediumCVE-2026-220242026-01-20
Memory Leak in KMC Encrypt Function Leads to Resource Exhaustion · Advisory · nasa/CryptoLib · GitHub
HighCVE-2026-218982026-01-20
Out-of-bounds Read in Crypto_AOS_ProcessSecurity · Advisory · nasa/CryptoLib · GitHub
CriticalCVE-2026-226972026-01-20
Heap Buffer Overflow in KMC Base64 Decode Handling (KMC JSON base64ciphertext/base64cleartext) · Advisory · nasa/CryptoL
HighCVE-2022-643962025-10-31
Stack Buffer Overflow in `Crypto_Key_Update` due to missing TLV length check for <=v1.3.0 · Advisory · nasa/CryptoLib ·
HighCVE-2025-59342025-09-25
Command Injection vulnerability in initialize_kerberos_keytab_file_login() · Advisory · nasa/CryptoLib · GitHub
High2025-04-09
Heap Buffer Overflow via Incomplete Length Check in `Crypto_TC_ApplySecurity` · Advisory · nasa/CryptoLib · GitHub

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with nasa. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.