Browse all 3 CVE security advisories affecting vrana. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Vrana is a web application firewall primarily used to protect web applications from various attacks. Historically, it has been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation. The product has recorded three CVEs, highlighting potential security flaws in its implementation. While no major public security incidents have been widely documented, the presence of CVEs indicates that the software has had vulnerabilities requiring patches. Organizations implementing Vrana should ensure regular updates and proper configuration to mitigate potential risks. The tool's core function remains defense against web-based threats, though its own security history suggests vigilance is necessary.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25892 | Adminer has an Unauthenticated Persistent DoS via Array Injection in ?script=version Endpoint — adminerCWE-20 | 7.5 | High | 2026-02-09 |
| CVE-2021-29625 | XSS in doc_link — adminerCWE-79 | 7.5 | High | 2021-05-19 |
| CVE-2021-21311 | SSRF in adminer — adminerCWE-918 | 7.2 | High | 2021-02-11 |
This page lists every published CVE security advisory associated with vrana. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.