Skip to main content
Affected Products
Affected Products
Vendor / product matrix with CVE counts sourced from the CPE catalog.
Vendor
Product
in tawk
Min CVSS
Any
Low (0.1+)
Medium (4.0+)
High (7.0+)
Critical (9.0+)
Sort By
Vendor (A–Z)
Most CVEs
Worst Severity
Most KEV
Apply
Clear
Export CSV
Products
1 vendor
Vendor
Products
CVEs
KEV
Avg EPSS
Worst Severity
tawk
1
2
0
33.1%
MEDIUM
← First page
Next page →
Related CVEs
2
Sort
Newest first
Highest EPSS
Highest CVSS
Severity
CVE ID
Description
Severity
CVSS
KEV
EPSS
Published
CVE-2025-45960
Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web application stores and displays user-supplied input without proper input validation or encoding
MEDIUM
6.1
—
34.6%
Jul 25, 2025
CVE-2024-57026
TawkTo Widget Version <= 1.3.7 is vulnerable to Cross Site Scripting (XSS) due to processing user input in a way that allows JavaScript execution.
MEDIUM
6.1
—
31.6%
Feb 24, 2025