HanTul

3 exploits Active since Nov 2025
CVE-2025-56527 GITHUB HIGH WRITEUP
Kotaemon < 0.11.0 - Plaintext Password Storage in LocalStorage
Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
1 stars
CVSS 7.5
CVE-2025-56526 NOMISEC MEDIUM WRITEUP
Kotaemon < 0.11.0 - Stored Cross-Site Scripting via PDF Content Rendering
Cross site scripting (XSS) vulnerability in Kotaemon 0.11.0 allowing attackers to execute arbitrary code via a crafted PDF.
1 stars
CVSS 6.1
CVE-2025-56527 WRITEUP HIGH WRITEUP
Kotaemon < 0.11.0 - Plaintext Password Storage in LocalStorage
Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
CVSS 7.5