Every CVE whose affected-product data names Thm Pilos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-47107 — CVSS 8.8 (high): PILOS is an open source front-end for BigBlueButton servers with a built-in load balancer. The password reset component deployed within…
CVE-2025-62523 — CVSS 6.3 (medium): PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. PILOS before 4.8.0 includes a Cross-Origin Resource…
CVE-2025-62524 — CVSS 5.3 (medium): PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. PILOS before 4.8.0 exposes the PHP version via the…
CVE-2025-62781 — CVSS 5.0 (medium): PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. Prior to 4.8.0, users with a local account can…
CVE-2026-22800 — CVSS 2.4 (low): PILOS (Platform for Interactive Live-Online Seminars) is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery (CSRF)…