[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-57726":6},{"stargazers_count":4,"fetched_at":5},5,"2026-04-25T12:20:59.409Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":31,"aliases":32,"duplicate_of":9,"upstream":33,"downstream":34,"duplicates":35,"related":36,"reserved_at":9,"published_at":37,"modified_at":38,"state":39,"summary":40,"references_raw":51,"kevs":78,"epss":88,"epss_history":90,"metrics":350,"affected":358},"CVE-2024-57726","SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.",null,[11,18],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],{"_key":19,"id":19,"name":20,"description":21,"type":22,"status":23,"abstraction":24,"likelihood_of_exploit":25,"capec":26},"CWE-862","Missing Authorization","The product does not perform an authorization check when an actor attempts to access a resource or perform an action.","weakness","Incomplete","Class","High",[27],{"id":28,"name":29,"techniques":30},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[],[],[],[],[],[],[],"2025-01-15T00:00:00.000Z","2026-04-25T03:55:35.185Z","Analyzed",{"cisa_kev":41,"cisa_ransomware":42,"cisa_vendor":43,"epss_severity":44,"epss_score":45,"severity":46,"severity_score":47,"severity_version":48,"severity_source":49,"severity_vector":50,"severity_status":39},true,false,"SimpleHelp","low",0.00308,"critical",9.9,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",[52,58,63,68,72],{"url":53,"sources":54,"tags":56},"https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/",[49,55],"nvd",[57],"Third Party Advisory",{"url":59,"sources":60,"tags":61},"https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier",[49,55],[62],"Release Notes",{"url":64,"sources":65,"tags":66},"https://www.microsoft.com/en-us/security/blog/2026/04/06/storm-1175-focuses-gaze-on-vulnerable-web-facing-assets-in-high-tempo-medusa-ransomware-operations/",[49,55],[57,67],"Technical Description",{"url":69,"sources":70,"tags":71},"https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-dragonforce",[49,55],[57],{"url":73,"sources":74,"tags":75},"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-57726",[49,55],[76,77],"Government Resource","US Government Resource",[79],{"source":80,"vendor":43,"product":43,"date_added":81,"vulnerability_name":82,"short_description":83,"required_action":84,"due_date":85,"known_ransomware_campaign_use":86,"notes":87,"exploitation_type":9},"cisa","2026-04-24","SimpleHelp Missing Authorization Vulnerability","SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.","Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","2026-05-08","Unknown","https://simple-help.com/kb---security-vulnerabilities-01-2025#security-vulnerabilities-in-simplehelp-5-5-7-and-earlier ; https://nvd.nist.gov/vuln/detail/CVE-2024-57726",{"date":81,"score":45,"percentile":89},0.53983,[91,95,98,101,104,106,109,111,115,118,121,124,127,130,133,137,140,143,147,150,153,156,159,162,165,168,171,174,177,180,183,186,189,192,195,198,201,203,206,209,212,215,218,221,224,228,231,234,237,240,243,246,249,252,255,258,260,263,265,268,271,274,277,280,283,286,289,292,295,297,300,303,305,308,311,313,316,319,321,323,326,328,331,333,335,338,340,342,345,347],{"date":92,"score":93,"percentile":94},"2025-11-04",0.00243,0.47469,{"date":96,"score":93,"percentile":97},"2025-11-05",0.47457,{"date":99,"score":93,"percentile":100},"2025-11-06",0.47473,{"date":102,"score":93,"percentile":103},"2025-11-07",0.47502,{"date":105,"score":93,"percentile":103},"2025-11-08",{"date":107,"score":93,"percentile":108},"2025-11-09",0.47484,{"date":110,"score":93,"percentile":97},"2025-11-10",{"date":112,"score":113,"percentile":114},"2025-11-11",0.00291,0.52108,{"date":116,"score":113,"percentile":117},"2025-11-12",0.52133,{"date":119,"score":113,"percentile":120},"2025-11-13",0.52139,{"date":122,"score":113,"percentile":123},"2025-11-14",0.5214,{"date":125,"score":113,"percentile":126},"2025-11-15",0.52134,{"date":128,"score":113,"percentile":129},"2025-11-16",0.52113,{"date":131,"score":113,"percentile":132},"2025-11-17",0.52095,{"date":134,"score":135,"percentile":136},"2025-11-18",0.00169,0.32866,{"date":138,"score":135,"percentile":139},"2025-11-19",0.32883,{"date":141,"score":135,"percentile":142},"2025-11-20",0.32867,{"date":144,"score":145,"percentile":146},"2025-11-21",0.00316,0.54201,{"date":148,"score":145,"percentile":149},"2025-11-22",0.54196,{"date":151,"score":145,"percentile":152},"2025-11-23",0.54161,{"date":154,"score":145,"percentile":155},"2025-11-24",0.54153,{"date":157,"score":145,"percentile":158},"2025-11-25",0.54159,{"date":160,"score":145,"percentile":161},"2025-11-26",0.54162,{"date":163,"score":145,"percentile":164},"2025-11-27",0.54166,{"date":166,"score":145,"percentile":167},"2025-11-28",0.5414,{"date":169,"score":145,"percentile":170},"2025-11-29",0.54121,{"date":172,"score":145,"percentile":173},"2025-11-30",0.54116,{"date":175,"score":145,"percentile":176},"2025-12-01",0.54267,{"date":178,"score":145,"percentile":179},"2025-12-02",0.54283,{"date":181,"score":145,"percentile":182},"2025-12-03",0.54276,{"date":184,"score":145,"percentile":185},"2025-12-04",0.54119,{"date":187,"score":145,"percentile":188},"2025-12-05",0.54137,{"date":190,"score":145,"percentile":191},"2025-12-06",0.54136,{"date":193,"score":145,"percentile":194},"2025-12-07",0.54126,{"date":196,"score":145,"percentile":197},"2025-12-08",0.54128,{"date":199,"score":145,"percentile":200},"2025-12-09",0.54144,{"date":202,"score":145,"percentile":146},"2025-12-10",{"date":204,"score":145,"percentile":205},"2025-12-11",0.54225,{"date":207,"score":145,"percentile":208},"2025-12-12",0.54252,{"date":210,"score":145,"percentile":211},"2025-12-13",0.54247,{"date":213,"score":145,"percentile":214},"2025-12-14",0.54238,{"date":216,"score":145,"percentile":217},"2025-12-15",0.54228,{"date":219,"score":145,"percentile":220},"2025-12-16",0.54241,{"date":222,"score":145,"percentile":223},"2025-12-17",0.54261,{"date":225,"score":226,"percentile":227},"2025-12-18",0.00265,0.49836,{"date":229,"score":226,"percentile":230},"2025-12-19",0.49841,{"date":232,"score":145,"percentile":233},"2025-12-20",0.54289,{"date":235,"score":145,"percentile":236},"2025-12-21",0.54271,{"date":238,"score":145,"percentile":239},"2025-12-22",0.54249,{"date":241,"score":145,"percentile":242},"2025-12-23",0.54251,{"date":244,"score":145,"percentile":245},"2025-12-24",0.5426,{"date":247,"score":145,"percentile":248},"2025-12-25",0.5431,{"date":250,"score":145,"percentile":251},"2025-12-26",0.54304,{"date":253,"score":145,"percentile":254},"2025-12-27",0.54357,{"date":256,"score":145,"percentile":257},"2025-12-28",0.54281,{"date":259,"score":145,"percentile":223},"2025-12-29",{"date":261,"score":145,"percentile":262},"2025-12-30",0.54254,{"date":264,"score":145,"percentile":236},"2025-12-31",{"date":266,"score":145,"percentile":267},"2026-01-01",0.54437,{"date":269,"score":145,"percentile":270},"2026-01-02",0.54417,{"date":272,"score":145,"percentile":273},"2026-01-03",0.5441,{"date":275,"score":145,"percentile":276},"2026-01-04",0.5424,{"date":278,"score":145,"percentile":279},"2026-01-05",0.54226,{"date":281,"score":145,"percentile":282},"2026-01-06",0.54232,{"date":284,"score":145,"percentile":285},"2026-01-07",0.54257,{"date":287,"score":145,"percentile":288},"2026-01-08",0.54279,{"date":290,"score":145,"percentile":291},"2026-01-09",0.5427,{"date":293,"score":145,"percentile":294},"2026-01-10",0.54268,{"date":296,"score":145,"percentile":239},"2026-01-11",{"date":298,"score":145,"percentile":299},"2026-01-12",0.54204,{"date":301,"score":145,"percentile":302},"2026-01-13",0.54183,{"date":304,"score":145,"percentile":217},"2026-01-14",{"date":306,"score":145,"percentile":307},"2026-01-15",0.5423,{"date":309,"score":145,"percentile":310},"2026-01-16",0.54253,{"date":312,"score":145,"percentile":220},"2026-01-17",{"date":314,"score":145,"percentile":315},"2026-01-18",0.54235,{"date":317,"score":145,"percentile":318},"2026-01-19",0.54227,{"date":320,"score":145,"percentile":217},"2026-01-20",{"date":322,"score":145,"percentile":282},"2026-01-21",{"date":324,"score":145,"percentile":325},"2026-01-22",0.54237,{"date":327,"score":145,"percentile":257},"2026-01-23",{"date":329,"score":145,"percentile":330},"2026-01-24",0.54282,{"date":332,"score":145,"percentile":220},"2026-01-25",{"date":334,"score":145,"percentile":318},"2026-01-26",{"date":336,"score":145,"percentile":337},"2026-01-27",0.54239,{"date":339,"score":145,"percentile":262},"2026-01-28",{"date":341,"score":145,"percentile":242},"2026-01-29",{"date":343,"score":145,"percentile":344},"2026-01-30",0.54256,{"date":346,"score":145,"percentile":245},"2026-01-31",{"date":348,"score":145,"percentile":349},"2026-02-01",0.544,[351,356],{"source":49,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":352,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":353,"vectorString":50,"impactScore":354,"exploitabilityScore":355},"CRITICAL",10,7.9,{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":357,"cvss_v4_0":9},{"baseScore":47,"baseSeverity":353,"vectorString":50,"impactScore":354,"exploitabilityScore":355},[359],{"ecosystem":9,"name":360,"vendor":361,"product":360,"cpe_part":362,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":363},"simplehelp","simple-help","a",[364],{"version":365,"is_range":41,"range_type":366,"version_start":9,"version_start_type":9,"version_end":367,"version_end_type":368,"fixed_in":9},"lt5.5.8","cpe","5.5.8","excluding"]