Simstudioai Sim
11 CVEs affecting Simstudioai Sim. Latest disclosed: 2026-06-28. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-3431 | Critical | 9.8 | 2026-03-02 | On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrict… |
CVE-2026-3432 | Critical | 9.1 | 2026-03-02 | On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint contains a code path that bypasses all authorization checks when provided with `cred… |
CVE-2025-15099 | High | 7.3 | 2025-12-26 | A vulnerability was identified in simstudioai sim up to 0.5.27. This vulnerability affects unknown code of the file apps/sim/lib/auth/internal.ts of the compon… |
CVE-2025-7114 | High | 7.3 | 2025-07-07 | A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It has been declared as critical. Affected by this vulnerability i… |
CVE-2025-10097 | Medium | 6.3 | 2025-09-08 | A vulnerability was identified in SimStudioAI sim up to 1.0.0. This impacts an unknown function of the file apps/sim/app/api/function/execute/route.ts. The man… |
CVE-2025-10096 | Medium | 6.3 | 2025-09-08 | A vulnerability was determined in SimStudioAI sim up to 1.0.0. This affects an unknown function of the file apps/sim/app/api/files/parse/route.ts. Executing ma… |
CVE-2025-9805 | Medium | 6.3 | 2025-09-02 | A vulnerability was found in SimStudioAI sim up to 51b1e97fa22c48d144aef75f8ca31a74ad2cfed2. This issue affects some unknown processing of the file apps/sim/ap… |
CVE-2025-9800 | Medium | 6.3 | 2025-09-01 | A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. Affected by this issue is the function Import of the file app… |
CVE-2025-9801 | Medium | 5.4 | 2025-09-01 | A security vulnerability has been detected in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af. This affects an unknown part. The manipulation of… |
CVE-2025-7107 | Medium | 5.3 | 2025-07-07 | A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected is the function handleLocalFile of the file apps/sim/app/api/fi… |
CVE-2026-13510 | Low | 3.7 | 2026-06-28 | A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security… |