Nablarch Project Nablarch — known CVE vulnerabilities
Every CVE whose affected-product data names Nablarch Project Nablarch, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-5918 — CVSS 9.1 (critical): Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
CVE-2019-5919 — CVSS 9.1 (critical): An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to…