Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

yandex — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting yandex. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Yandex operates as a major technology company providing internet-related services, including search, email, and cloud solutions. Historically, its products have been susceptible to various vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, as evidenced by the 17 CVEs currently on record. The company has faced security scrutiny over potential government ties and data handling practices, though no major public security incidents have been widely documented. Yandex maintains a security response team to address vulnerabilities, but its broad service ecosystem presents a complex attack surface requiring continuous security assessments and patch management to mitigate risks.

Top products by yandex: clickhouse Browser Browser Lite Telemost Yandex Browser Messenger Disk
CVE IDTitleCVSSSeverityPublished
CVE-2025-5469 Dylib Hijacking in Yandex Messenger — MessengerCWE-427 6.8AIMediumAI2025-12-09
CVE-2025-5471 Dylib Hijacking in Yandex Telemost — TelemostCWE-427 7.7AIHighAI2025-12-09
CVE-2025-5470 Dylib Hijacking in Yandex Disk — DiskCWE-427 7.7AIHighAI2025-12-09
CVE-2024-12168 DLL Hijacking in Yandex Telemost — TelemostCWE-426 7.8AIHighAI2025-06-02
CVE-2023-26226 A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682 — BrowserCWE-416 9.8AICriticalAI2025-05-30
CVE-2021-25262 Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack. — BrowserCWE-116 4.3AIMediumAI2025-05-21
CVE-2021-25255 Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service. — Browser LiteCWE-20 7.5AIHighAI2025-05-21
CVE-2021-25254 Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar. — Browser LiteCWE-116 5.3AIMediumAI2025-05-21
CVE-2024-6473 DLL Hijacking in Yandex Browser — BrowserCWE-426 7.8AIHighAI2024-09-03
CVE-2021-42391 Yandex ClickHouse 数字错误漏洞 — clickhouseCWE-369 6.5 -2022-03-14
CVE-2021-42390 Yandex ClickHouse 数字错误漏洞 — clickhouseCWE-369 6.5 -2022-03-14
CVE-2021-42389 Yandex ClickHouse 数字错误漏洞 — clickhouseCWE-369 6.5 -2022-03-14
CVE-2021-43305 Yandex ClickHouse 缓冲区错误漏洞 — clickhouseCWE-122 8.8 -2022-03-14
CVE-2021-43304 Yandex ClickHouse 缓冲区错误漏洞 — clickhouseCWE-122 8.8 -2022-03-14
CVE-2021-42388 Yandex ClickHouse 缓冲区错误漏洞 — clickhouseCWE-125 8.1 -2022-03-14
CVE-2021-42387 Yandex ClickHouse 缓冲区错误漏洞 — clickhouseCWE-125 8.1 -2022-03-14
CVE-2020-7369 Yandex Browser Address Bar Spooofing — Yandex BrowserCWE-451 4.3 Medium2020-10-20

This page lists every published CVE security advisory associated with yandex. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.