Every CVE whose affected-product data names Tp-link Tapo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2025-9293 — CVSS 8.1 (high): A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities…
CVE-2023-38907 — CVSS 7.5 (high): An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application…
CVE-2025-9292 — CVSS 7.5 (high): A permissive web security configuration may allow cross-origin restrictions enforced by modern browsers to be bypassed under specific…
CVE-2023-38908 — CVSS 6.5 (medium): An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application…
CVE-2023-38909 — CVSS 6.5 (medium): An issue in TPLink Smart Bulb Tapo series L530 before 1.2.4, L510E before 1.1.0, L630 before 1.0.4, P100 before 1.5.0, and Tapo Application…
CVE-2023-38906 — CVSS 6.5 (medium): An issue in TPLink Smart Bulb Tapo series L530 1.1.9, L510E 1.0.8, L630 1.0.3, P100 1.4.9, Smart Camera Tapo series C200 1.1.18, and Tapo…
CVE-2023-34829 — CVSS 6.5 (medium): Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user credentials in plaintext.