aEnrich
Security Scorecard
Score
18D
Total CVEs
1,469
Patch Rate
20%
292 patched
Avg Response
99d
days to patch
Critical Gaps
39
exploitable, no detection
Severity Breakdown
Critical27
High196
Medium608
Low28
Patch Status
Patched292 (20%)
Partial/Workaround22 (1%)
Unpatched1155 (79%)
CVEs (1,600)
| CVE ID | Title | Severity | Score | Days | Patch |
|---|---|---|---|---|---|
| CVE-2025-64382 | aEnrich Auth Bypass | Medium | 4.3 | 32d | Patched |
| CVE-2025-64705 | aEnrich HR Token Forgery | Medium | 4.3 | 33d | Patched |
| CVE-2025-60645 | xxl-api Cross-Site Request Forgery (CSRF) Vulnerability | Medium | 6.5 | 33d | Unpatched |
| CVE-2024-45301 | Mintty Terminal Emulator Vulnerability | Medium | 5.3 | 33d | Patched |
| CVE-2025-12872 | aEnrich Auth Bypass | Medium | 5.4 | 33d | Unpatched |
| CVE-2025-12869 | aEnrich Auth Bypass | Medium | 4.8 | 33d | Unpatched |
| CVE-2025-6571 | aEnrich Auth Bypass | Medium | 6.0 | 34d | Unpatched |
| CVE-2025-63617 | Fastjson Deserialization Vulnerability | Medium | 6.5 | 36d | Unpatched |
| CVE-2025-63709 | aEnrich Token Forgery | Medium | 5.4 | 36d | Unpatched |
| CVE-2025-12922 | OpenClinica RCE | Medium | 6.3 | 36d | Patched |