THA-PSIRT
CVE Numbering Authority
Latest CVE published
Overview
THA-PSIRT is a CVE Numbering Authority that has published 13 CVE records since 2021. It is currently classified as active, with 6 CVEs published in the last two years. Its CVE data quality is graded A (98.1% overall completeness).
Among the 370 CNAs tracked here, THA-PSIRT ranks #278 by CVE volume and reports more complete records than 49% of all CNAs.
Data quality report card
How complete and consistent THA-PSIRT's CVE records are, scored across vendor, product, CVSS, and CWE coverage.
A CVE record only requires a description to be published. “Completeness” measures how often THA-PSIRT also fills in the optional — but extremely useful — fields that make a vulnerability actually actionable: the affected vendor and product, a CVSS severity score, and a CWE weakness type. A higher score means more of this CNA’s CVEs include those details, so defenders spend less time enriching records by hand.
Report card grade
98.1%
Overall score
What these scores mean
- Vendor completeness
- The share of this CNA's CVEs that name an affected vendor.
- Product completeness
- The share that name a specific affected product.
- CVSS completeness
- The share that include a CVSS severity score.
- CWE completeness
- The share mapped to a CWE weakness type.
- Update rate
- How often this CNA revises CVE records after first publishing them.
- Vendor diversity
- How many distinct vendors this CNA publishes CVEs for.
Severity and exploitation
How the CVSS severity of THA-PSIRT's published CVEs breaks down, and how many are known to be exploited in the wild.
In CISA’s Known Exploited Vulnerabilities catalog
0
None of THA-PSIRT's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.
Common weakness types
The CWE weakness categories THA-PSIRT most often assigns to its CVEs. Follow any weakness to its full explanation.
- CWE-269Improper Privilege Management3 CVEs
- CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')2 CVEs
- CWE-280Improper Handling of Insufficient Permissions or Privileges1 CVE
- CWE-284Improper Access Control1 CVE
- CWE-295Improper Certificate Validation1 CVE
- CWE-336Same Seed in Pseudo-Random Number Generator (PRNG)1 CVE
- CWE-338Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)1 CVE
- CWE-352Cross-Site Request Forgery (CSRF)1 CVE
Publishing activity by year
How many CVEs THA-PSIRT has published each year.
Top vendors
The vendors THA-PSIRT publishes the most CVEs for.
- Thales13 CVEs
- thalesgroup12 CVEs
- microsoft6 CVEs
- Ercom4 CVEs
- Thales CERT1 CVEs
Top products
The products THA-PSIRT publishes the most CVEs for.
- windows6 CVEs
- Cryptobox4 CVEs
- SafeNet Authentication Service3 CVEs
- SafeNet Authentication Client2 CVEs
- Sentinel Protection Installer2 CVEs
- Luna EFT1 CVEs
- ercom cryptobox1 CVEs
- Citadel Web Client1 CVEs
Latest CVEs
The most recent CVEs assigned by THA-PSIRT.
- CVE-2026-13014CWE-22
Remote Code Execution vulnerability in "Suspicious" application
Critical · CVSS 9.2EPSS 0.5%2026-07-13 - CVE-2026-6805CWE-280
Vulnerability on Cryptobox external sharing feature
Medium · CVSS 6.9EPSS 0.2%2026-05-07 - CVE-2026-5794CWE-694
Vulnerability in Cryptobox allows an authenticated user to trigger an account lockout
Medium · CVSS 4.9EPSS 0.3%2026-04-28 - CVE-2026-3457CWE-79
Stored XSS vulnerability in Sentinel ACC
High · CVSS 7.0EPSS 0.1%2026-03-27 - CVE-2026-0872CWE-295
Improper Certificate Validation vulnerability in Thales SafeNet Agent for Windows Logon
Low · CVSS 2.5EPSS 0.2%2026-02-13 - CVE-2026-0873CWE-1220
Privilege Elevation in Ercom Cryptobox administration console
Medium · CVSS 4.8EPSS 0.2%2026-02-04 - CVE-2025-14266CWE-352
CSRF in Ercom Cryptobox administration console
Low · CVSS 0.6EPSS 0.2%2025-12-17 - CVE-2024-5264CWE-338Medium · CVSS 6.5EPSS 0.4%2024-05-23
- CVE-2024-0197CWE-269High · CVSS 7.8EPSS 0.4%2024-02-27
- CVE-2023-7016CWE-269
Privilege Escalation in SafeNet Authentication Client
High · CVSS 7.8EPSS 0.3%2024-02-27 - CVE-2023-5993CWE-269High · CVSS 7.8EPSS 0.2%2024-02-27
- CVE-2023-2737CWE-276
Improper securing of log directory may allow a denial of service
Medium · CVSS 5.7EPSS 0.1%2023-08-16
Track new THA-PSIRT CVEs as they are published and get AI-written analysis and remediation guidance.
Monitor THA-PSIRT CVEsOther CNAs
Compare data quality across other CVE Numbering Authorities.
Frequently asked questions
Common questions about the THA-PSIRT CNA.
- What is the THA-PSIRT CNA?
- THA-PSIRT is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 13 CVE records since 2021.
- How many CVEs has THA-PSIRT published?
- THA-PSIRT has published 13 CVE records, including 6 in the last two years.
- What is THA-PSIRT's CVE data quality grade?
- RadicalNotion.AI grades THA-PSIRT's CVE data quality as A, with an overall completeness score of 98.1%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (92.3%) information.
- What products does THA-PSIRT publish CVEs for?
- THA-PSIRT most frequently publishes CVEs for windows, Cryptobox, SafeNet Authentication Service, SafeNet Authentication Client, Sentinel Protection Installer.
- Which vendors does THA-PSIRT cover?
- THA-PSIRT publishes CVEs across 4 distinct vendors, most often Thales, thalesgroup, microsoft, Ercom, Thales CERT.
- Is THA-PSIRT actively publishing CVEs?
- THA-PSIRT is currently active, based on 6 CVEs in the last two years.
- What is the average severity of THA-PSIRT's CVEs?
- The average CVSS base score across THA-PSIRT's scored CVEs is 6.0.
- How many critical CVEs has THA-PSIRT published?
- THA-PSIRT has published 1 critical-severity CVEs and 7 high-severity CVEs.
- Are any of THA-PSIRT's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of THA-PSIRT's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in THA-PSIRT's CVEs?
- THA-PSIRT's CVEs most often map to these CWE weakness types: CWE-269 (Improper Privilege Management), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-280 (Improper Handling of Insufficient Permissions or Privileges), CWE-284 (Improper Access Control).
- How does THA-PSIRT rank among CNAs?
- By total CVE volume, THA-PSIRT ranks #278 of 370 CNAs, and it reports more complete CVE records than 49% of all CNAs.
References
- Official CVE.org list of CNA partners (opens in a new tab)
- Learn: What is a CNA?
- CWE directory: the weakness types this CNA maps its CVEs to
CNA report-card grades are computed by RadicalNotion.AI from published CVE records. CVE data is sourced from the CVE Program.
Track THA-PSIRT CVEs
Monitor new vulnerabilities as this CNA publishes them, with AI-written analysis and remediation guidance.