Package analytics
This hub aggregates every CVE we track for Package analytics, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
16
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM12HIGH2LOW1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
3
0
0
0
10
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Package analytics.
- CVE-2025-58579Username Disclosure Through Missing Authentication5.3
- CVE-2025-58591Path Traversal6.5
- CVE-2025-58590Path traversal6.5
- CVE-2025-58589Information Disclosure Through Stacktrace2.7
- CVE-2025-58587Improper Restriction of Excessive Authentication Attempts6.5
- CVE-2025-58586User Enumeration by excessive error output5.3
- CVE-2025-58585Sensitive Information Disclosure Through Missing Authentication5.3
- CVE-2025-58584Plain Text Transmission of Username and Password in the URL5.3
- CVE-2025-9914The credentials of the users stored in the system's local database can be used for the log in, making it possible for an attacker to gain unauthorized access. This could potentially affect the conf...4.3
- CVE-2025-9913Cross Site Scripting: Session Hijacking4.5
- CVE-2025-49193Missing HTTP Security Headers4.2
- CVE-2025-49186No brute-force protection5.3
- CVE-2025-49184Information disclosure to unauthorized user7.5
- CVE-2020-2078Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials an...6.5
- CVE-2020-2077SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system ...7.5
Product normalization is registry-driven with AI assist and human review. How it works