Yeti-platform Yeti
3 CVEs affecting Yeti-platform Yeti. Latest disclosed: 2026-05-08. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-46508 | High | 7.5 | 2026-05-08 | yeti-platform yeti before 2.1.12 allows attackers to generate valid JWT tokens is the secret is not changed (by setting YETI_AUTH_SECRET_KEY to a value other t… |
CVE-2024-46507 | High | 7.3 | 2026-05-08 | A SSTI (server side template injection) vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute co… |
CVE-2024-45412 | Medium | 5.3 | 2024-09-10 | Yeti bridges the gap between CTI and DFIR practitioners by providing a Forensics Intelligence platform and pipeline. Remote user-controlled data tags can reach… |