Nozominetworks Vulnerabilities
Comprehensive security vulnerability database for Nozominetworks products
3
0
3
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2025-40896 | 6.3 | An attacker could intercept and manipulate the communication between an Arc agent and its server, allowing them to steal sensitive information or send false data. This vulnerability occurs because the server's identity isn't properly verified when the Arc agent connects, making it easier for the attacker to impersonate the server. | nozominetworksarc | Exploit Available | about 1 month agoMar 4, 2026 |
| CVE-2025-40895 | 2.0 | This vulnerability allows a malicious user with admin access to a connected Guardian to inject harmful HTML into the CMC's Sensor Map feature, which could trick other users into clicking on phishing links. However, this can only happen if the Sensor Map is enabled, and the attack is limited because existing security measures prevent more serious exploits like full account takeover or data theft. | nozominetworkscmc | Exploit Available | about 1 month agoMar 4, 2026 |
| CVE-2025-40894 | 2.1 | This vulnerability allows a malicious user with the right permissions to inject harmful HTML into a node label, which could then be displayed to other users in the Alerted Nodes Dashboard. While the risk of full exploitation is limited by existing security measures, it could still lead to phishing attempts or redirecting users to malicious sites if they interact with the affected alerts. | nozominetworkscmc | Exploit Available | about 1 month agoMar 4, 2026 |
About Nozominetworks Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Nozominetworks products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.