Welcome to the Arbit known vulnerabilities and CVEs site
Here you will find information on known vulnerabilities and CVEs.
CVE-2026-31431 (Copy Fail),
see here
This is an OS level vulnerability. Recommended action: Update the OS with the latest OS patches (see link above for OS kernel versions.)
Arbit offline installation images versions 6.4.0.1654 are affected. We are working on updated offline install images. Until updated images are released it is strongly adviced to update the OS manually with official OS patches.
[ Updated 2026-05-12 ]
AD-1961 axios Remote Access Trojan (RAT),
see here
Arbit products are not affected. The vulnerable versions of axios are not used by the Arbit Data Diode.
[ Updated 2026-04-07 ]
CVE-2026-31431 (Copy Fail),
see here
This is an OS level vulnerability. Arbit firmware versions 6.4.0.94 are affected. We are working on updated firmware images. Note that the exploit requires login access to a lower privileged account which is not possible on Arbit firmware since both local and remote login is disabled in production.
[ Updated 2026-05-12 ]
AD-1961 axios Remote Access Trojan (RAT), see here
Arbit products are not affected. The vulnerable versions of axios are not used by the Arbit TRUST Gateway.
[ Updated 2026-04-07 ]
No known vulnerabilitites
No known vulnerabilitites