PyPI/openc3 — 10 CVEs

CRITICAL9.8CVE-2025-28389Weak password requirements in OpenC3 COSMOS v6.0.0 allow attackers to bypass authentication via a brute force attack.

from 0, <= 6.0.0

CRITICAL9.8CVE-2025-28386A remote code execution (RCE) vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrar…

from 0, <= 6.0.0

MEDIUM6.5CVE-2024-46977OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)

from 0, < a34e61aea5a465f0ab3e57d833ae7ff4cafd710b | from 0, < 5.19.0

MEDIUM6.5OpenC3 Path Traversal via screen controller (`GHSL-2024-127`)

from 0, < 5.19.0

MEDIUM6.1OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)

from 0, < 5.19.0

MEDIUM6.1OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)

from 0, < 762d7e0e93bdc2f340b1e42acccedc78994a576e | from 0, < 5.19.0

MEDIUM5.9OpenC3 stores passwords in clear text (`GHSL-2024-129`)

from 0, < 5.19.0

MEDIUM5.9OpenC3 stores passwords in clear text (`GHSL-2024-129`)

from 0, < b5ab34fe7fa54c0c8171c4aa3caf4e03d6f63bd7 | from 0, < 5.19.0

MEDIUM4.6OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender

from 0, < 7.0.0

MEDIUM4.6OpenC3 COSMOS is Vulnerable to Self-XSS Through the Command Sender

from 0, < 7.0.0

pkg:PyPI/openc3

✅ Check your installed version

All known vulnerabilities