Liferay
Security Scorecard
Score
42F
Total CVEs
60
Patch Rate
0%
0 patched
Avg Response
-
days to patch
Critical Gaps
0
exploitable, no detection
Severity Breakdown
Critical1
High4
Medium55
Low0
Patch Status
Patched0 (0%)
Partial/Workaround2 (3%)
Unpatched58 (97%)
CVEs (60)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-43739 | Liferay Portal Phishing Email Vulnerability | MEDIUM | 4.3 | 122d | Unpatched |
| CVE-2025-43740 | Liferay Cross-Site Scripting Vulnerability | MEDIUM | 5.4 | 122d | Unpatched |
| CVE-2025-43733 | Liferay XSS | MEDIUM | 5.4 | 120d | Unpatched |
| CVE-2025-43731 | Liferay Portal XSS Vulnerability | MEDIUM | 5.4 | 123d | Unpatched |
| CVE-2025-43736 | Liferay DOS Vulnerability | MEDIUM | 4.3 | 126d | Unpatched |
| CVE-2025-43735 | Liferay XSS | MEDIUM | 6.1 | 126d | Unpatched |
| CVE-2025-4655 | Liferay SSRF Vulnerability | MEDIUM | 5.0 | 132d | Unpatched |
| CVE-2025-3602 | Liferay GraphQL Denial-of-Service Vulnerability | HIGH | 7.5 | 183d | Unpatched |
| CVE-2025-3526 | Liferay DoS | HIGH | 7.5 | 183d | Unpatched |
| CVE-2025-4388 | Liferay XSS | MEDIUM | 6.1 | 224d | Unpatched |