Browse all 6 CVE security advisories affecting polarnl. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Polarnl develops network security solutions focusing on threat detection and vulnerability management. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with six CVEs documented. Security researchers have identified authentication bypass flaws and insecure default configurations in their offerings. While no major public security incidents have been reported, the consistent presence of critical vulnerabilities in their software suggests potential risks for organizations relying on their technology. Their core use case involves providing network visibility and protection, though the historical vulnerability patterns indicate a need for stronger security validation in their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39322 | PolarLearn: Any password authenticates banned accounts and grants API access — PolarLearnCWE-287 | 9.8AI | CriticalAI | 2026-04-07 |
| CVE-2026-35610 | PolarLearn has a Server Action Admin Bypass in Account Management Actions — PolarLearnCWE-285 | 8.8 | High | 2026-04-07 |
| CVE-2026-25885 | PolarLearn allows Unauthenticated WebSocket access allows subscribing to and posting in arbitrary group chats — PolarLearnCWE-285 | 6.5AI | MediumAI | 2026-02-09 |
| CVE-2026-25222 | PolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In Endpoint — PolarLearnCWE-200 | 3.7AI | LowAI | 2026-02-02 |
| CVE-2026-25221 | PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google) — PolarLearnCWE-352 | 8.1AI | HighAI | 2026-02-02 |
| CVE-2026-25126 | PolarLearn's unvalidated vote direction allows vote count manipulation — PolarLearnCWE-20 | 7.1 | High | 2026-01-29 |
This page lists every published CVE security advisory associated with polarnl. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.