Secuavail Logstare Collector — known CVE vulnerabilities
Every CVE whose affected-product data names Secuavail Logstare Collector, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2025-58097 — CVSS 7.8 (high): The installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate…
CVE-2025-64695 — CVSS 7.8 (high): Uncontrolled search path element issue exists in the installer of LogStare Collector (for Windows). If exploited, arbitrary code may be…
CVE-2025-62687 — CVSS 6.5 (medium): Cross-site request forgery vulnerability exists in LogStare Collector. If a user views a crafted page while logged, unintended operations…
CVE-2025-61949 — CVSS 5.4 (medium): LogStare Collector contains a stored cross-site scripting vulnerability in UserManagement. If crafted user information is stored, an…
CVE-2025-62189 — CVSS 4.3 (medium): LogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If exploited, a non-administrative user may…
CVE-2025-64299 — CVSS 2.7 (low): LogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes.