ByteOS Network

yacy

Source -

CNA

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

1Vulnerabilities found

CVE-2026-24824

Assigner-Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)

View Details

Assigner-Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)

CVSS Score-6.9||MEDIUM

EPSS-0.07% / 20.71%

7 Day CHG+0.01%

Published-27 Jan, 2026 | 09:01

Updated-27 Jan, 2026 | 16:58

A XSS in yacy/yacy_search_server

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java. This issue affects yacy_search_server.

Vendor-yacy

Product-yacy_search_server

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')