Hypr Server

hypr_server

Vendor: Hypr • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-8273 1Hypr 1Hypr Server Feb 19, 2026 Dec 11, 2025 7.1 HIGH· v4 8.8 HIGH· v3 N/A· v2 Authentication Bypass by Spoofing vulnerability in HYPR Server allows Identity Spoofing.This issue affects Server: before 10.1.
CVE-2023-1837 1Hypr 1Hypr Server Nov 21, 2024 May 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs)
CVE-2022-2193 1Hypr 1Hypr Server Nov 21, 2024 Jul 19, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager p...Show more Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1.Show less
CVE-2022-2192 1Hypr 1Hypr Server Nov 21, 2024 Jul 19, 2022 N/A· v4 8.8 HIGH· v3 N/A· v2 Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR S...Show more Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR Server versions later than 6.10; version 6.15.1 and prior versions.Show less