its-a-feature
3 exploits
Active since Jun 2026
Mythic < 3.4.0.60 - Broken Permission Filter in payload_build_step Table
CVSS 6.5
Mythic < 3.4.0.60 - Unauthorized C2 Profile Configuration Access via Unverified Payload UUID
CVSS 5.3
Mythic < 3.4.0.60 - Unauthorized Automation Workflow Modification via eventing_import_automatic_webhook Endpoint
CVSS 5.4