Every CVE whose affected-product data names Its-a-feature Mythic, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2026-57951 — CVSS 6.5 (medium): Mythic before 3.4.0.60 contains a broken hasura permission filter on the payload_build_step table with an always-satisfied _or condition…
CVE-2026-57953 — CVSS 5.4 (medium): Mythic before 3.4.0.60 contains an authorization bypass vulnerability that allows authenticated spectator-role users to perform…
CVE-2026-57952 — CVSS 5.3 (medium): Mythic before 3.4.0.60 contains an authorization bypass vulnerability in four REST endpoints (c2profile_config_check_webhook…