danswer-ai
Security Risk Profile
45
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 10 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from March 20, 2025 to present
10
Total CVEs
7
Critical+High
0
Exploited
7
Unpatched
Threat Assessment
Avg CVSS
7.3
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
7
Critical/High
Risk Level
45/100
medium
Severity Distribution
Critical
1High
6Medium
3Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
0Age Distribution
Common Weaknesses (CWE)
1
CSRF
1
Most Affected Products
1. danswer-ai danswer10
2. Onyx onyx2
3. starlette starlette1
4. fastapi fastapi1
Recent Vulnerabilities
See more →CVE-2024-7767
CVSS 8.1high
Improper Access Control in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2024-9612
CVSS 6.5medium
Unauthorized Access in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2024-8057
CVSS 4.3medium
Improper Access Control in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2024-9617
CVSS 6.5medium
IDOR in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2024-7957
CVSS 9.1critical
Arbitrary File Overwrite in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2024-8065
CVSS 8.1high
CSRF in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2025-0182
CVSS 7.5high
Denial of Service in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2024-8028
CVSS 7.5high
Denial of Service in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2024-7819
CVSS 7.4high
CORS Misconfiguration in danswer-ai/danswer
3/20/2025🔧 No Patch
CVE-2024-7779
CVSS 7.5high
ReDoS (Regular Expression Denial of Service) in danswer-ai/danswer
3/20/2025🔧 No Patch
Monitor danswer-ai in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.