| CVE |
Severity |
CVSS |
Risk |
Published |
Description |
Impact |
| CVE-2026-45087 |
critical |
10.0 |
10.0 |
12h ago |
Dalfox Server Mode Vulnerable to Unauthenticated Remote Code Execution via `found-action` |
|
| CVE-2026-45089 |
high |
8.2 |
8.2 |
12h ago |
Dalfox Server Mode has an Unauthenticated Arbitrary File Create/Append via `output` Option |
|
| CVE-2026-45088 |
high |
7.5 |
7.5 |
12h ago |
Dalfox Server Mode has an Unauthenticated Arbitrary File Read with Out-of-Band Exfiltration via `custom-payload-file` |
|
| CVE-2026-45090 |
high |
7.5 |
7.5 |
12h ago |
Dalfox has an Unauthenticated Remote DoS via Closed-Channel Write in `ParameterAnalysis` (server mode) |
|