9 Total advisories
9 Vulnerabilities
0 Malware
Vulnerabilities
CRITICAL 9.6
CVE-2026-42087
OpenC3 COSMOS has SQL Injection in QuestDB Time-Series Database
MEDIUM 4.6
CVE-2026-42086
OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender
HIGH 8.1
CVE-2026-42084
OpenC3 COSMOS: Hijacked session token can be used to reset password for persistence
MEDIUM 4.3
CVE-2026-42085
OpenC3 COSMOS allows arbitrary writes to plugins directory via path-traversed config filenames
CRITICAL 9.6
GHSA-2wvh-87g2-89hr
OpenC3 COSMOS: Permissions Bypass Provides User Access to Unassigned Administrative Actions via Script Runner Tool
CRITICAL 10.0
CVE-2025-68271
openc3-api Vulnerable to Unauthenticated Remote Code Execution
MEDIUM 5.9
CVE-2024-47529
OpenC3 stores passwords in clear text (`GHSL-2024-129`)
MEDIUM 6.1
CVE-2024-43795
OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)
MEDIUM 6.5
CVE-2024-46977
OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)
Ready to move
Start Securing
Free, no credit card | First findings in minutes