VDB
CGA-8x43-fp55-w32w
CGA-8x43-fp55-w32w
REJECTED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chainguard | thingsboard | 0, 0, 0 |
| Chainguard | thingsboard-tb-web-ui | 0, 0, 0 |
| Chainguard | thingsboard-tb-js-executor | 0, 0, 0 |
| Wolfi | thingsboard | 0, 0, 0 |
| Wolfi | thingsboard-tb-web-ui | 0, 0, 0 |
| Wolfi | thingsboard-tb-mqtt-transport | 0, 0, 0 |
| Chainguard | thingsboard-tb-mqtt-transport | 0, 0, 0 |
| Chainguard | thingsboard-tb-node | 0, 0, 0 |
| Wolfi | thingsboard-tb-js-executor | 0, 0, 0 |
| Wolfi | thingsboard-tb-node | 0, 0, 0 |
Exploit Intelligence
- Apache's commons-lang2 v2.6 with a backported fix for CVE-2025-48924 (github-poc)
- pom-common.xml (github-poc)
- VulnerableDependencies.kt (github-poc)
- EncryptionUtil.java (github-poc)
- druid-612f0710.json (github-poc)
- dockerscan.yml (github-poc)
- owasp-suppressions-pending.xml (github-poc)
- pom.xml (github-poc)
- pom.xml (github-poc)
- dependencyCheckSuppression.xml (github-poc)
…and 3 more exploits
Timeline
- Jan 28, 2026 CVE Rejected