Every CVE whose affected-product data names Stefanprodan Podinfo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-70849 — CVSS 6.1 (medium): Arbitrary File Upload in podinfo thru 6.9.0 allows unauthenticated attackers to upload arbitrary files via crafted POST request to the…
CVE-2026-43644 — CVSS 5.4 (medium): podinfo through 6.11.2 contains a reflected cross-site scripting vulnerability in the /echo and /api/echo endpoints where the echoHandler…