Security Vulnerabilities
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade Kiteworks to version 9.3.0 or later to receive a patch.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-06-01
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to access metadata of resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade Kiteworks to version 9.3.0 or later to receive a patch.
CVSS Score
3.7
EPSS Score
0.0
Published
2026-06-01
Memory Corruption when processing display command line information due to improper initialization of a variable.
CVSS Score
7.2
EPSS Score
0.0
Published
2026-06-01
Memory corruption while processing fastboot OEM commands.
CVSS Score
7.2
EPSS Score
0.0
Published
2026-06-01
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
CVSS Score
8.2
EPSS Score
0.0
Published
2026-06-01
Memory corruption while processing fastboot commands with invalid input.
CVSS Score
7.2
EPSS Score
0.0
Published
2026-06-01
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow.
CVSS Score
7.1
EPSS Score
0.0
Published
2026-06-01
Memory corruption while processing fastboot commands with improperly formatted input.
CVSS Score
7.2
EPSS Score
0.0
Published
2026-06-01
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-06-01
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
CVSS Score
6.4
EPSS Score
0.0
Published
2026-06-01