Every CVE whose affected-product data names Opencode Ussd Gateway, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2025-65235 — CVSS 9.8 (critical): OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discovered to contain a SQL injection vulnerability via the ID parameter in…
CVE-2025-65236 — CVSS 9.8 (critical): OpenCode Systems USSD Gateway OC Release: 5 was discovered to contain a SQL injection vulnerability via the Session ID parameter in the…
CVE-2025-70614 — CVSS 8.1 (high): OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control vulnerability in the web-based control…
CVE-2025-65238 — CVSS 6.5 (medium): Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 allows…
CVE-2025-65237 — CVSS 6.1 (medium): A reflected cross-site scripted (XSS) vulnerability in OpenCode Systems USSD Gateway OC Release: 5 allows attackers to execute arbitrary…
CVE-2025-65239 — CVSS 4.3 (medium): Incorrect access control in the /aux1/ocussd/trace endpoint of OpenCode Systems USSD Gateway OC Release:5, version 6.13.11 allows attackers…