Every CVE whose affected-product data names Altium Altium Live, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-1009 — CVSS 9.0 (critical): A stored cross-site scripting (XSS) vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post…
CVE-2026-1008 — CVSS 7.6 (high): A stored cross-site scripting (XSS) vulnerability exists in the user profile text fields of Altium 365. Insufficient server-side input…
CVE-2026-1011 — CVSS 6.1 (medium): A stored cross-site scripting (XSS) vulnerability exists in the Altium Support Center AddComment endpoint due to missing server-side input…