Ascertia Signinghub

8 CVEs affecting Ascertia Signinghub. Latest disclosed: 2026-04-06. Critical: 3, High: 3.

Top CVEs affecting Ascertia Signinghub
CVESeverityScorePublishedSummary
CVE-2025-54321Critical9.82025-11-18In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the reset password function, leading to an email bombing vulnerability. An authentica…
CVE-2025-56221Critical9.82025-10-17A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack.
CVE-2025-56218Critical9.82025-10-17An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file.
CVE-2025-56224High8.12025-10-20A lack of rate limiting in the One-Time Password (OTP) verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce atta…
CVE-2025-56223High7.52025-10-20A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8.6.8 allows attackers to cause a Denial of Service (DoS) via uploading an e…
CVE-2025-56219High7.12025-10-20Incorrect access control in SigningHub v8.6.8 allows attackers to arbitrarily add user accounts without any rate limiting. This can lead to a resource exhausti…
CVE-2025-61166Medium6.12026-04-06An open redirect in Ascertia SigningHub User v10.0 allows attackers to redirect users to a malicious site via a crafted URL.
CVE-2025-54320Medium4.32025-11-18In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email bombing vulnerability. An authenticated…