CVE-2026-4640
- EPSS 0.08%
- Veröffentlicht 24.03.2026 04:20:47
- Zuletzt bearbeitet 15.04.2026 16:27:42
Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute certain functions to obtain sensitive information.
CVE-2026-4639
- EPSS 0.12%
- Veröffentlicht 24.03.2026 04:17:21
- Zuletzt bearbeitet 15.04.2026 16:29:24
Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges.
CVE-2025-14255
- EPSS 0.07%
- Veröffentlicht 08.12.2025 07:43:22
- Zuletzt bearbeitet 15.01.2026 01:41:52
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVE-2025-14254
- EPSS 0.07%
- Veröffentlicht 08.12.2025 07:41:01
- Zuletzt bearbeitet 15.01.2026 01:42:14
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVE-2025-14253
- EPSS 0.08%
- Veröffentlicht 08.12.2025 07:38:09
- Zuletzt bearbeitet 15.01.2026 01:42:38
Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traversal to download arbitrary system files.