Sync-in Sync-in Server — known CVE vulnerabilities
Every CVE whose affected-product data names Sync-in Sync-in Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2025-67438 — CVSS 6.1 (medium): A Stored Cross-Site Scripting (XSS) vulnerability in Sync-in Server before 1.9.3 allows an authenticated attacker to execute arbitrary…
CVE-2025-56869 — CVSS 5.3 (medium): Directory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system…
CVE-2026-41161 — CVSS 5.3 (medium): Sync-in Server is a secure, open-source platform for file storage, sharing, collaboration, and syncing. Prior to version 2.2.0, the…