📦

emissary

Vendor: nsa

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 6 Remote Access

Total CVEs 18 Total Indexed

Avg. EPSS 0.66% Exploit Prob.

Latest CVE CVE-2026-35582 Apr 18

Security Vulnerability Index

Page 2 / 2

8.8 CVSS

CVE-2021-32096

The ConsoleAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows a CSRF attack that results in injecting arbitrary Ruby code (for an eval call) via the CONSOLE_COMMAND_STRING parameter.

EPSS: 0.14%

Severity: HIGH

May 07, 2021

8.1 CVSS

CVE-2021-32095

U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to delete arbitrary files.

EPSS: 0.29%

Severity: HIGH

May 07, 2021

8.8 CVSS

CVE-2021-32094

RCE

U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to upload arbitrary files.

EPSS: 0.91%

Severity: HIGH

May 07, 2021

Displaying 3 of 18 Total Entries

1 2

Total 2 Sections