COOEY // HUBcompliance · community · intelligence

FAIL › dossier

SimpleHelp vendor

3
failure events
0
zero-days
1
RCEs
3
on KEV
2
critical
85
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 6 events

DateEventSevFlagsShameSummary
2026-04-24 CVE-2024-57726 critical ⌖KEV 85 SimpleHelp allows low-privileged technicians to create API keys with server admin privileges, enabling privilege escalation.
2026-04-24 CVE-2024-57726 critical ⌖KEV 85 SimpleHelp allows low-privileged technicians to create API keys with server admin privileges, enabling privilege escalation.
2026-04-24 CVE-2024-57728 critical ⚡RCE ⌖KEV 85 SimpleHelp's SimpleHelp product allows admin users to execute arbitrary code via a zip-slip path traversal vulnerability.
2026-04-24 CVE-2024-57728 critical ⚡RCE ⌖KEV 85 SimpleHelp's SimpleHelp product allows admin users to execute arbitrary code via a zip-slip path traversal vulnerability.
2026-06-29 CVE-2026-48558 high ⌖KEV 65 SimpleHelp's OIDC authentication flow accepts unsigned tokens, allowing remote attackers to forge credentials and bypass MFA.
2026-06-29 CVE-2026-48558 high ⌖KEV 65 SimpleHelp's OIDC authentication flow accepts unsigned tokens, allowing remote attackers to forge credentials and bypass MFA.