Nasa Security Vulnerabilities (CVEs)

Track 20 security vulnerabilities affecting Nasa products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

8 Critical

10 High

2 Medium

Sort by:

🔔 Get Alerts for Nasa

CVE-2025-64096 8.8

A stack-based buffer overflow vulnerability in CryptoLib's Crypto_Key_update() function allows remote attackers to trigger memory corruption by sendin...

Oct 30, 2025

CVE-2025-59534 7.3

CVE-2025-59534 is a command injection vulnerability in CryptoLib's initialize_kerberos_keytab_file_login() function that allows attackers to execute a...

Sep 23, 2025

CVE-2025-54878 8.6

A heap buffer overflow vulnerability in NASA CryptoLib versions 1.4.0 and prior allows attackers to corrupt heap memory by sending specially crafted t...

Aug 11, 2025

CVE-2025-46673 4.9

NASA CryptoLib versions before 1.3.2 fail to verify the operational state of Security Associations (SAs) before use, potentially allowing attackers to...

Apr 27, 2025

CVE-2025-30356 9.8

A heap buffer overflow vulnerability in CryptoLib's SDLS-EP implementation allows attackers to craft malicious frames that cause negative payload leng...

Apr 1, 2025

CVE-2025-25372 7.5

CVE-2025-25372 is a memory corruption vulnerability in NASA cFS Aquila's Memory Management Module that allows remote attackers to cause a segmentation...

Mar 25, 2025

CVE-2025-25373 9.8

The Memory Management Module in NASA cFS Aquila has insecure permissions that allow attackers to gain remote code execution on affected systems. This ...

Mar 25, 2025

CVE-2024-55029 6.1

NASA Fprime v3.4.3 contains multiple cross-site scripting (XSS) vulnerabilities that allow attackers to inject malicious scripts into web pages viewed...

Mar 25, 2025

CVE-2024-55030 9.8

A command injection vulnerability in NASA Fprime v3.4.3's Command Dispatcher Service allows attackers to execute arbitrary commands on affected system...

Mar 25, 2025

CVE-2025-30216 9.4

A heap overflow vulnerability in CryptoLib's TM protocol processing allows attackers to trigger arbitrary memory overwrites by sending specially craft...

Mar 25, 2025

CVE-2025-29911 9.8

A critical heap buffer overflow vulnerability in CryptoLib versions 1.3.3 and prior allows attackers to cause denial of service or potentially execute...

Mar 17, 2025

CVE-2025-29913 9.8

A critical heap buffer overflow vulnerability in CryptoLib versions 1.3.3 and prior allows attackers to cause denial of service or potentially execute...

Mar 17, 2025

CVE-2025-29909 9.8

A heap buffer overflow vulnerability in CryptoLib's Crypto_TC_ApplySecurity() function allows attackers to craft malicious Telecommand frames that cau...

Mar 17, 2025

CVE-2024-44912 7.5

NASA CryptoLib v1.3.0 contains an out-of-bounds read vulnerability in the TM subsystem (crypto_tm.c) that could allow attackers to read sensitive memo...

Sep 27, 2024

CVE-2024-44910 7.5

CVE-2024-44910 is an out-of-bounds read vulnerability in NASA CryptoLib v1.3.0's AOS subsystem that could allow attackers to read sensitive memory con...

Sep 27, 2024

CVE-2024-35059 7.5

This vulnerability in NASA AIT-Core's Python Pickle library allows attackers to execute arbitrary code through deserialization of untrusted data. It a...

May 21, 2024

CVE-2024-35061 7.3

NASA AIT-Core v2.5.2 uses unencrypted network channels, enabling man-in-the-middle attacks. When combined with CVE-2024-35059, this allows unauthentic...

May 21, 2024

CVE-2024-35056 9.8

NASA AIT-Core v2.5.2 contains SQL injection vulnerabilities in the query_packets and insert functions that allow attackers to execute arbitrary SQL co...

May 21, 2024

CVE-2024-35058 7.5

This vulnerability in NASA AIT-Core's API wait function allows attackers to execute arbitrary code by sending a specially crafted string. It affects N...

May 21, 2024

CVE-2023-45282 7.5

CVE-2023-45282 is a prototype pollution vulnerability in NASA Open MCT (openmct) that allows attackers to modify JavaScript object prototypes through ...

Oct 6, 2023

Why Monitor Nasa Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 20+ known vulnerabilities affecting Nasa products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Nasa packages in under 60 seconds. No agents required - completely agentless scanning that works across Nasa deployments.

Free vulnerability database: Access detailed information about every Nasa CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Nasa CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Nasa CVEs Free