Airship Ai Acropolis vulnerabilities
2 known vulnerabilities affecting airship_ai/acropolis.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-35042P2CRITICALCVSS 9.8fixed in 10.2.35fixed in 11.0.21+1 more2025-09-22
CVE-2025-35042 [CRITICAL] CWE-1392 CVE-2025-35042: Airship AI Acropolis includes a default administrative account that uses the same credentials on eve
Airship AI Acropolis includes a default administrative account that uses the same credentials on every installation. Instances of Airship AI that do not change this account password are vulnerable to a remote attacker logging in and gaining the privileges of this account. Fixed in 10.2.35, 11.0.21, and 11.1.9.
nvd
CVE-2025-35041P3HIGHCVSS 7.5fixed in 10.2.35fixed in 11.0.21+1 more2025-09-22
CVE-2025-35041 [HIGH] CWE-307 CVE-2025-35041: Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with va
Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9.
nvd