hamastar 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は パス処理の欠陥 に関連することが多く、自動展開、アーカイブ処理, and ファイル処理 の文脈で ファイル上書き などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2026-1332 | MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to access specific API functions and obtain meeting-related information. | [email protected] | 6.9 | 0.42% | 2026-01-22 | 2026-06-17 |
| CVE-2026-1331 | MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. | [email protected] | 9.3 | 0.69% | 2026-01-22 | 2026-06-17 |
| CVE-2026-1330 | MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files. | [email protected] | 8.7 | 0.61% | 2026-01-22 | 2026-06-17 |
| CVE-2024-6118 | A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file. | [email protected] | 9.3 | 0.48% | 2024-08-05 | 2026-06-17 |
| CVE-2024-6117 | A Unrestricted upload of file with dangerous type vulnerability in meeting management function in Hamastar MeetingHub Paperless Meetings 2021 allows remote authenticated users to perform arbitrary system commands via a crafted ASP file. | [email protected] | 9.3 | 0.52% | 2024-08-05 | 2026-06-17 |