Browse all 4 CVE security advisories affecting nko. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Nko is a network monitoring tool primarily used for real-time traffic analysis and security event detection. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. The application's security posture has been compromised through insufficient input validation and improper access controls, though no major public incidents have been widely documented. Nko's architecture exposes potential attack vectors through its web interface and communication protocols, requiring regular patching to mitigate risks associated with its common vulnerability classes.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1560 | Custom Block Builder – Lazy Blocks <= 4.2.0 - Authenticated (Contributor+) Remote Code Execution — Custom Block Builder – Lazy BlocksCWE-94 | 8.8 | High | 2026-02-11 |
| CVE-2025-9992 | Ghost Kit <= 3.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting — Ghost Kit – Page Builder Blocks, Motion Effects & ExtensionsCWE-79 | 6.4 | Medium | 2025-09-18 |
| CVE-2024-8045 | Advanced WordPress Backgrounds <= 1.12.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via imageTag Parameter — Advanced WordPress BackgroundsCWE-79 | 6.4 | Medium | 2024-09-11 |
| CVE-2024-4363 | Visual Portfolio, Photo Gallery & Post Grid <= 3.3.2 - Authenticated (Author+) Stored Cross-Site Scripting via title_tag Parameter — Visual Portfolio, Photo Gallery & Post GridCWE-79 | 6.4 | Medium | 2024-05-14 |
This page lists every published CVE security advisory associated with nko. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.