| CVE-2026-47717 |
high |
— |
8.0 |
|
|
|
7d ago |
FUXA's Unauthenticated Project Data Disclosure Exposes Server-Side Scripts and Device Configurations |
| CVE-2026-43947 |
high |
— |
8.0 |
|
|
|
8d ago |
FUXA Vulnerable to Unauthenticated Remote Code Execution via Script Test Mode Authorization Bypass |
| CVE-2026-43946 |
high |
— |
8.0 |
|
|
|
8d ago |
FUXA has an unauthenticated arbitrary tag value disclosure via /api/getTagValue |
| CVE-2025-69971 |
high |
— |
8.0 |
|
|
|
4mo ago |
FUXA has a hardcoded fallback JWT signing secret |
| CVE-2026-25895 |
unknown |
— |
1.0 |
|
|
|
4mo ago |
FUXA Unauthenticated Remote Code Execution via Arbitrary File Write in Upload API |
| CVE-2026-47718 |
unknown |
— |
— |
|
|
|
6d ago |
FUXA provides guest and invalid-token access to protected read APIs in secure mode |
| CVE-2026-25951 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA Affected by a Path Traversal Sanitization Bypass |
| CVE-2026-25939 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA Unauthenticated Remote Arbitrary Scheduler Write |
| CVE-2026-25938 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA Unauthenticated Remote Code Execution in Node-RED Integration |
| CVE-2026-25752 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA Unauthenticated Remote Arbitrary Device Tag Write |
| CVE-2026-25894 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA Unauthenticated Remote Code Execution via Hardcoded JWT Secret in Default Configuration |
| CVE-2026-25751 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA Unauthenticated Exposure of Plaintext Database Credentials |
| CVE-2026-25893 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA Unauthenticated Remote Code Execution via Admin JWT Minting |
| CVE-2025-69983 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA allows Remote Code Execution (RCE) via the project import functionality. |
| CVE-2025-69981 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA contains an Unrestricted File Upload vulnerability |
| CVE-2025-69970 |
unknown |
— |
— |
|
|
|
4mo ago |
FUXA contains an insecure default configuration vulnerability |
| CVE-2023-31717 |
unknown |
— |
— |
|
|
|
3y ago |
FUXA SQL Injection vulnerability |
| CVE-2023-31719 |
unknown |
— |
— |
|
|
|
3y ago |
FUXA SQL Injection vulnerability |
| CVE-2023-31718 |
unknown |
— |
— |
|
|
|
3y ago |
FUXA local file inclusion vulnerability |
