Every CVE whose affected-product data names Rapid7 Appspider Pro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2017-5233 — CVSS 7.8 (high): Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer…
CVE-2017-5236 — CVSS 7.8 (high): Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for…
CVE-2017-5240 — CVSS 7.5 (high): Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in the FLAnalyzer.exe component. A…
CVE-2025-4951 — CVSS 4.6 (medium): Editions of Rapid7 AppSpider Pro before version 7.5.018 is vulnerable to a stored cross-site scripting vulnerability in the "ScanName"…
CVE-2025-11195 — CVSS 3.3 (low): Rapid7 AppSpider Pro versions below 7.5.021 suffer from a project name validation vulnerability, whereby an attacker can change the project…
CVE-2025-36857 — CVSS 3.3 (low): Rapid7 Appspider Pro versions below 7.5.021, suffer from a broken access control vulnerability in the application's configuration file…