Every CVE whose affected-product data names Apache Kvrocks, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-26413 — CVSS 7.5 (high): Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if the `offset` input is a positive integer…
CVE-2025-25069 — CVSS 6.5 (medium): A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP…
CVE-2025-59790 — CVSS 5.4 (medium): Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are…
CVE-2025-59792 — CVSS 5.3 (medium): Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through…