Approved changes feed: RSS · Atom
cpe:2.3:a:akinsoft:octocloud:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Akinsoft (6086a7fa-182f-56b4-a1ea-f890d32ca26d) |
|---|---|
| Product | Octocloud (6670e766-deba-5c86-afd9-56bd68583670) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-2414 |
vulnerable | 2026-06-08 07:16:57.023330 |
OTP Bypass in Akinsoft's OctoCloud
HIGH (8.6)
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft OctoCloud allows Authentication Bypass.
This issue affects OctoCloud: from s1.09.03 before v1.11.01.
Published: 2025-09-02T11:52:30.213Z
Updated: 2026-06-06T06:02:14.127Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0640 |
vulnerable | 2026-06-08 07:02:25.008781 |
IDOR in Akinsoft's OctoCloud
MEDIUM (4.7)
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft OctoCloud allows Resource Leak Exposure.
This issue affects OctoCloud: from s1.09.02 before v1.11.01.
Published: 2025-09-02T11:48:09.493Z
Updated: 2026-06-06T07:21:20.128Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-12973 |
vulnerable | 2026-06-08 06:25:36.427684 |
Host Header Injection in Akinsoft's OctoCloud
MEDIUM (4.7)
Origin Validation Error vulnerability in Akinsoft OctoCloud allows HTTP Response Splitting, CAPEC - 87 - Forceful Browsing.
This issue affects OctoCloud: from s1.09.01 before v1.11.01.
Published: 2025-09-02T11:43:35.654Z
Updated: 2026-06-01T12:44:46.147Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-12972 |
vulnerable | 2026-06-08 06:25:36.427275 |
XSS in Akinsoft's OctoCloud
MEDIUM (4.3)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft OctoCloud allows Cross-Site Scripting (XSS).
This issue affects OctoCloud: from s1.09.01 before v1.11.01.
Published: 2025-09-02T11:38:30.348Z
Updated: 2026-06-01T12:46:41.802Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.