Ymfe CVEs & Vulnerabilities
3 CVEs affecting Ymfe products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
3 CVEs→ All vendors
Most Affected Products
yapi 3
CVE-2025-70060MEDIUM
An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in YMFE yapi v1.12.0.
9 Mar 2026
5.4
CVSS
CVE-2025-70059HIGH
An issue pertaining to CWE-400: Uncontrolled Resource Consumption was discovered in YMFE yapi v1.12.0 and allows attackers to cause a denial of service.
9 Mar 2026
7.5
CVSS
CVE-2025-70058HIGH
An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in the HTTPS agent configuration for Axios requests
23 Feb 2026
7.4
CVSS
← PrevPage 1 / 1Next →