| CVE-2026-42086 |
medium |
4.6 |
4.6 |
|
|
|
1mo ago |
OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender |
| CVE-2025-28389 |
unknown |
— |
— |
|
|
|
1y ago |
Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack. |
| CVE-2025-28386 |
unknown |
— |
— |
|
|
|
1y ago |
A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file. |
| CVE-2024-43795 |
unknown |
— |
— |
|
|
|
2y ago |
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting (XSS) vulnera… |
| CVE-2024-46977 |
unknown |
— |
— |
|
|
|
2y ago |
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method all… |
| CVE-2024-47529 |
unknown |
— |
— |
|
|
|
2y ago |
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of … |