Factionsecurity Faction
5 CVEs affecting Factionsecurity Faction. Latest disclosed: 2026-05-26. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-44668 | Critical | 9.8 | 2026-05-26 | FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, AccessControlInterceptor, the authentication gate for all Struts2 action… |
CVE-2025-66022 | Critical | 9.7 | 2025-11-26 | FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to version 1.7.1, an extension execution path in Faction’s extension framework per… |
CVE-2026-44669 | High | 8.7 | 2026-05-26 | FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachmen… |
CVE-2026-44667 | High | 8.7 | 2026-05-26 | FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting (XSS) via attachmen… |
CVE-2025-27422 | High | 7.5 | 2025-03-03 | FACTION is a PenTesting Report Generation and Collaboration Framework. Authentication is bypassed when an attacker registers a new user with admin privileges… |