Lynxtechnology Twonky Server — known CVE vulnerabilities
Every CVE whose affected-product data names Lynxtechnology Twonky Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2025-13315 — CVSS 9.8 (critical): Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API…
CVE-2025-13316 — CVSS 8.1 (high): Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded cryptographic keys. An attacker with…
CVE-2018-7171 — CVSS 7.5 (high): Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary…
CVE-2018-7203 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML…