Every CVE whose affected-product data names Mecha-cms Mecha, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2024-46446 — CVSS 9.8 (critical): Mecha CMS 3.0.0 is vulnerable to Directory Traversal. An attacker can construct cookies and URIs that bypass user identity checks…