CVE Catalog

CVE-2026-6179

MediumCVSS 5.4
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.17%

7th percentile - higher than 7% of all known CVEs

Summary

A Stored Cross-Site Scripting (XSS) vulnerability in the NightWolf Penetration Testing Platform allows an attacker to inject and execute a malicious script in the user's browser.

Risk Assessment

An attacker can hijack user sessions, steal credentials, or perform other malicious actions in the victim's browser context, compromising the confidentiality and integrity of organizational data.

Recommendation

Immediately update the NightWolf Penetration Testing Platform to the latest patched version and implement input validation and sanitization.

Original NVD description (English source)

Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser

Vulnerability data from NVD (NIST) · CISA KEV · EPSS