Vulnerabilities in mykiot
4 resultsCVE-2025-12674CRITICALKiotViet Sync <= 1.8.5 - Unauthenticated Arbitrary File UploadEPSS 0.7%CVE-2025-12676MEDIUMKiotViet Sync <= 1.8.5 - Use of Hard-coded Password to Authorization BypassEPSS 0.3%CVE-2025-12677MEDIUMKiotViet Sync <= 1.8.5 - Unauthenticated Webhook Key ExposureEPSS 0.2%CVE-2025-12675MEDIUMKiotViet Sync <= 1.8.5 - Missing Authorization to Authenticated (Subscriber+) Settings UpdateEPSS 0.2%