Every CVE whose affected-product data names Homebrew Jan, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-36858 — CVSS 9.8 (critical): An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via…
CVE-2024-37273 — CVSS 9.8 (critical): An arbitrary file upload vulnerability in the /v1/app/appendFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code…
CVE-2024-36857 — CVSS 7.5 (high): Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface.