Every CVE whose affected-product data names Ehang-io Nps, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-40494 — CVSS 9.8 (critical): NPS before v0.26.10 was discovered to contain an authentication bypass vulnerability via constantly generating and sending the Auth key and…
CVE-2019-15119 — CVSS 5.5 (medium): lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file…