Known Vulnerabilities for products from Digiwin
Listed below are 3 of the newest known vulnerabilities associated with the vendor "Digiwin".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-5964 json | Not Provided | 2026-04-20 | 2026-04-20 | |
| CVE-2026-5963 json | Not Provided | 2026-04-20 | 2026-04-20 | |
| CVE-2022-32458 json | Digiwin BPM has a XML External Entity Injection (XXE) vulnerability due to insufficient validation for user input. An unauthe... | 7.5 - HIGH | 2022-07-20 | 2022-09-14 |
| CVE-2022-32457 json | Digiwin BPM has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform Blind SSRF attack to d... | 5.3 - MEDIUM | 2022-07-20 | 2022-09-14 |
| CVE-2022-32456 json | Digiwin BPM’s function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary ... | 9.8 - CRITICAL | 2022-07-20 | 2022-09-14 |