COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Cleo vendor

2
failure events
0
zero-days
2
RCEs
2
on KEV
2
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2024-12-17 CVE-2024-55956 critical ⚡RCE ⌖KEV 95 Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vulnerability that could allow an unauthenticated user to import and execute arbitrary bash or PowerShell commands on the host system by leveraging the default setti
2024-12-13 CVE-2024-50623 critical ⚡RCE ⌖KEV 95 Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code execution with elevated privileges.