Every CVE whose affected-product data names Keyfactor Signserver, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-47222 — CVSS 6.5 (medium): A class name enumeration was found in Keyfactor SignServer versions prior to 7.3.2. Setting any chosen class name to any of the properties…
CVE-2025-47220 — CVSS 5.3 (medium): A local file enumeration was found in Keyfactor SignServer versions prior to 7.3.2 .The property VISIBLE_SIGNATURE_CUSTOM_IMAGE_PATH, which…
CVE-2025-47221 — CVSS 5.3 (medium): An arbitrary file write was found in Keyfactor SignServer versions prior to 7.3.2. The properties ARCHIVETODISK_FILENAME-PATTERN…
CVE-2025-26787 — CVSS 4.7 (medium): An error in the SignServer container startup logic was found in Keyfactor SignServer versions prior to 7.2. The Admin CLI command used to…