pkg:PyPI/openc3

10 total CVEsCRITICAL2MEDIUM8

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2025-28389Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack.
    from 0, <= 6.0.0
  • CRITICAL9.8CVE-2025-28386A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrar…
    from 0, <= 6.0.0
  • MEDIUM6.5CVE-2024-46977OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)
    from 0, < a34e61aea5a465f0ab3e57d833ae7ff4cafd710b | from 0, < 5.19.0
  • MEDIUM6.5CVE-2024-46977OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)
    from 0, < 5.19.0
  • MEDIUM6.1CVE-2024-43795OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)
    from 0, < 5.19.0
  • MEDIUM6.1CVE-2024-43795OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)
    from 0, < 762d7e0e93bdc2f340b1e42acccedc78994a576e | from 0, < 5.19.0
  • MEDIUM5.9CVE-2024-47529OpenC3 stores passwords in clear text (`GHSL-2024-129`)
    from 0, < 5.19.0
  • MEDIUM5.9CVE-2024-47529OpenC3 stores passwords in clear text (`GHSL-2024-129`)
    from 0, < b5ab34fe7fa54c0c8171c4aa3caf4e03d6f63bd7 | from 0, < 5.19.0
  • MEDIUM4.6CVE-2026-42086OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender
    from 0, < 7.0.0
  • MEDIUM4.6CVE-2026-42086OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender
    from 0, < 7.0.0