Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

#ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a

Security Advisories

Reported CVEsVendorsProductsReports
3Vulnerabilities found
CVE-2025-15586
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
ShareView Details
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
CVSS Score-10||CRITICAL
EPSS-0.07% / 22.56%
||
7 Day CHG~0.00%
Published-19 Feb, 2026 | 03:41
Updated-19 Feb, 2026 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a type juggling flaw which if exploited can result in authentication bypass without knowledge of the victim account's password.

Action-Not Available
Vendor-OpenGamePanel
Product-OGP-Website
CWE ID-CWE-287
Improper Authentication
CVE-2025-15585
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
ShareView Details
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.57%
||
7 Day CHG~0.00%
Published-18 Feb, 2026 | 23:44
Updated-19 Feb, 2026 | 17:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the underlying database and could result in privilege escalation or data exfiltration.

Action-Not Available
Vendor-fileflows
Product-fileflows
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-15581
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
ShareView Details
Assigner-ab69c47f-b95e-4bf2-b2d9-4b1fd1b24b4a
CVSS Score-4.7||MEDIUM
EPSS-0.02% / 6.51%
||
7 Day CHG~0.00%
Published-18 Feb, 2026 | 22:59
Updated-19 Feb, 2026 | 16:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Orthanc versions before 1.12.10 are affected by an authorisation logic flaw in the application's HTTP Basic Authentication implementation. Successful exploitation could result in Privilege Escalation, potentially allowing full administrative access.

Action-Not Available
Vendor-orthanc-server
Product-orthanc
CWE ID-CWE-287
Improper Authentication