Every CVE whose affected-product data names Nerves-hub Nerveshub, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-64097 — CVSS 9.8 (critical): NervesHub is a web service that allows users to manage over-the-air (OTA) firmware updates of devices in the field. A vulnerability present…
CVE-2026-28806 — CVSS 8.8 (high): Improper Authorization vulnerability in nerves-hub nerves_hub_web allows cross-organization device control via device bulk actions and…