N2ws CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-59706	1 N2ws	1 N2w	2026-03-26	N/A
In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution.
CVE-2025-59707	1 N2ws	1 N2w	2026-03-26	N/A
In N2W before 4.3.2 and 4.4.x before 4.4.1, there is potential remote code execution and account credentials theft because of a spoofing vulnerability.
CVE-2025-32991	1 N2ws	1 Backup And Recovery	2026-03-26	9 Critical
In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution.

Page 1 of 1.