openc3 (RubyGems) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the RubyGems package openc3, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2025-68271 — CVSS 10.0 (critical): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From 5.0.0 to…
CVE-2026-42087 — CVSS 9.6 (critical): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0…
CVE-2026-42084 — CVSS 8.1 (high): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions…
CVE-2024-47529 — CVSS 6.5 (medium): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS…
CVE-2024-46977 — CVSS 6.5 (medium): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal…
CVE-2024-43795 — CVSS 6.1 (medium): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login…
CVE-2026-42086 — CVSS 4.6 (medium): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version…
CVE-2026-42085 — CVSS 4.3 (medium): OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions…