Gss Vitalsesp
5 CVEs affecting Gss Vitalsesp. Latest disclosed: 2026-03-24. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-4639 | High | 8.8 | 2026-03-24 | Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain admini… |
CVE-2026-4640 | High | 7.5 | 2026-03-24 | Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to execute certain funct… |
CVE-2025-14255 | Medium | 6.5 | 2025-12-08 | Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to… |
CVE-2025-14254 | Medium | 6.5 | 2025-12-08 | Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to… |
CVE-2025-14253 | Medium | 4.9 | 2025-12-08 | Vitals ESP developed by Galaxy Software Services has an Arbitrary File Read vulnerability, allowing privileged remote attackers to exploit Absolute Path Traver… |