ReportizFlow
Filtered by vendor Brightpick Ai
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-64307 | 1 Brightpick Ai | 1 Internal Logic Control | 2025-11-16 | 6.5 Medium |
| The Brightpick Internal Logic Control web interface is accessible without requiring user authentication. An unauthorized user could exploit this interface to manipulate robot control functions, including initiating or halting runners, assigning jobs, clearing stations, and deploying storage totes. | ||||
| CVE-2025-64309 | 1 Brightpick Ai | 1 Mission Control | 2025-11-16 | 8.6 High |
| Brightpick Mission Control discloses device telemetry, configuration, and credential information via WebSocket traffic to unauthenticated users when they connect to a specific URL. The unauthenticated URL can be discovered through basic network scanning techniques. | ||||
| CVE-2025-64308 | 1 Brightpick Ai | 1 Mission Control | 2025-11-16 | 7.5 High |
| The Brightpick Mission Control web application exposes hardcoded credentials in its client-side JavaScript bundle. | ||||
Page 1 of 1.