Wso2 Enterprise Service Bus — known CVE vulnerabilities
Every CVE whose affected-product data names Wso2 Enterprise Service Bus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-9804 — CVSS 9.6 (critical): An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal…
CVE-2025-9955 — CVSS 5.7 (medium): An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on…