Avo
This hub aggregates every CVE we track for Avo, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
HIGH4MEDIUM2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
1
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Avo.
- CVE-2026-42205Avo: Broken Access Control: Unauthorized Execution of Arbitrary Action Classes Across Resources8.8
- CVE-2026-33209Avo has a XSS vulnerability on `return_to` param6.1
- CVE-2024-22411Cross site scripting in Action messages on Avo6.5
- CVE-2024-22191Stored cross-site scripting (XSS) in `key_value` field in Avo7.3
- CVE-2023-34102Possible unsafe reflection / partial denial of service in avo8.3
- CVE-2023-34103Stored XSS (Cross Site Scripting) in html content based fields of avo7.3
Product normalization is registry-driven with AI assist and human review. How it works