Vulnerabilities > Beekeeperstudio > Beekeeper Studio > 3.7.2

DATE CVE VULNERABILITY TITLE RISK
2023-05-23 CVE-2023-28394 OS Command Injection vulnerability in Beekeeperstudio Beekeeper-Studio
Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed.
network
low complexity
beekeeperstudio CWE-78
8.8
8.8
2022-03-21 CVE-2022-26174 Improper Encoding or Escaping of Output vulnerability in Beekeeperstudio Beekeeper-Studio
A remote code execution (RCE) vulnerability in Beekeeper Studio v3.2.0 allows attackers to execute arbitrary code via a crafted payload injected into the display fields.
network
low complexity
beekeeperstudio CWE-116
critical
 9.8
9.8