Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
11013.3%MEDIUM

Related CVEs

1
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-65328Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF) header as the client IP without validating a trusted proxy chain. An attacker can supply an arbitrary XFF value in a remote request to spoof the client IP, which is then propagated to security-relevant state (e.g., WG_CLIENT_IP cookie). Deployments that rely on this value for IP allowlists may be bypassed.MEDIUM6.513.3%Jan 5, 2026