Every CVE whose affected-product data names Heroiclabs Nakama, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-2321 — CVSS 9.8 (critical): Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login…
CVE-2022-2306 — CVSS 7.5 (high): Old session tokens can be used to authenticate to the application and send authenticated requests.