This page aggregates publicly disclosed CVE and security risk information related to mcl-collection, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-4990 | Directory traversal vulnerability in MCL-Net versions prior to 4.6 Update Package (P01) may allow attackers to read arbitrary files. | [email protected] | 8.3 | 0.20% | 2023-10-11 | 2025-05-01 |
| CVE-2023-34834 | A Directory Browsing vulnerability in MCL-Net version 4.3.5.8788 webserver running on default port 5080, allows attackers to gain sensitive information about the configured databases via the "/file" endpoint. | [email protected] | 5.3 | 3.30% | 2023-06-29 | 2024-11-26 |