dragonflyoss

Top products

The 13 most recently published vulnerabilities affecting dragonflyoss.

• CVE-2026-24124Dragonfly Manager Job API Allows Unauthenticated Access9.8Jan 22, 2026
• CVE-2025-59410Dragonfly tiny file download uses hard coded HTTP protocol3.7Sep 17, 2025
• CVE-2025-59354Dragonfly has weak integrity checks for downloaded files5.3Sep 17, 2025
• CVE-2025-59353Manager generates mTLS certificates for arbitrary IP addresses7.5Sep 17, 2025
• CVE-2025-59352Dragonfly allows arbitrary file read and write on a peer machine9.8Sep 17, 2025
• CVE-2025-59351Dragonfly possibly panics due to nil pointer dereference when using variables created alongside an error5.3Sep 17, 2025
• CVE-2025-59350Timing attacks against Proxy’s basic authentication are possible5.3Sep 17, 2025
• CVE-2025-59349Directories created via os.MkdirAll are not checked for permissions3.3Sep 17, 2025
• CVE-2025-59348Dragonfly incorrectly handles a task structure’s usedTraffic field7.5Sep 17, 2025
• CVE-2025-59347Dragonfly Manager makes requests to external endpoints with disabled TLS authentication6.5Sep 17, 2025
• CVE-2025-59346Dragonfly server-side request forgery vulnerability5.3Sep 17, 2025
• CVE-2025-59345Dragonfly did not enable authentication for some Manager’s endpoints9.1Sep 17, 2025
• CVE-2023-27584Dragonfly2 vulnerable to hard coded cyptographic key9.8Sep 19, 2024