CNNVD-202506-1726 Information
CNNVD ID
CNNVD-202506-1726
Related CVE
- CNNVD Published: 2025-06-13
Description (Chinese)
OpenC3 COSMOS是OpenC3开源的一个应用程序。 OpenC3 COSMOS v6.0.2之前版本存在安全漏洞,该漏洞源于环境变量中存储的服务凭据泄露,可能导致攻击者访问凭据。
Description (English)
OpenC3 COSMOS is an application of OpenC3 open source. The previous version of OpenC3 COSMOS v. 6.2 had a security loophole, which stemmed from the disclosure of service documents stored in environmental variables, which could lead to access by the attackers.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
OpenC3
Published
2025-06-13
Last Modified
2026-02-24
References
https://openc3.com/ https://github.com/OpenC3/cosmos/pull/1816/commits/cce64c213fd2e6a70e2ccbf3622949fe8f9dcaef https://github.com/OpenC3/cosmos/releases/tag/v6.0.2 https://visionspace.com/openc3-cosmos-a-security-assessment-of-an-open-source-mission-framework/ https://access.redhat.com/security/cve/cve-2025-28381
Patch
https://github.com/OpenC3/cosmos/releases
Share on: