Browse all 3 CVE security advisories affecting nofearinc. AI-powered Chinese analysis, POCs, and references for each vulnerability.
nofearinc develops security-focused software with a core use case in vulnerability management and penetration testing tools. Historically, their products have been associated with common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. The organization currently maintains three CVE records on its public disclosures. While no major security incidents have been widely documented, their software's security characteristics emphasize defensive capabilities rather than offensive functionality, with a focus on identifying and mitigating vulnerabilities rather than exploiting them. Their CVE history primarily stems from input validation weaknesses and improper access control implementations in their testing platforms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4138 | DX Unanswered Comments <= 1.7 - Cross-Site Request Forgery via Settings Update — DX Unanswered CommentsCWE-352 | 4.3 | Medium | 2026-04-22 |
| CVE-2025-14854 | WP-CRM System – Manage Clients and Projects <= 3.4.5 - Missing Authorization to Authenticated (Subscriber+) CRM Data Exposure and Task Modification — WP-CRM System – Manage Clients and ProjectsCWE-862 | 5.4 | Medium | 2026-01-14 |
| CVE-2022-2001 | DX Share Selection <= 1.4 - Cross-Site Request Forgery to Cross-Site Scripting — DX Share SelectionCWE-352 | 8.8 | High | 2022-07-18 |
This page lists every published CVE security advisory associated with nofearinc. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.