<0.1% probability · 22.5th percentile — 2026-05-12
Affected versions
All affected e-Sushrut versions, specific versions not disclosed
Summary
This vulnerability occurs due to disclosure of sensitive information and hardcoded AES encryption keys in client-side JavaScript of e-Sushrut. An unauthenticated remote attacker can exploit this issue by accessing client-side code to extract sensitive data and cryptographic keys. Successful exploitation leads to exposure of sensitive data and compromise of cryptographic protections on the targeted system.
Remediation
Apply the latest official security patches from e-Sushrut maintainers immediately. Remove all hardcoded keys and sensitive information from client-side accessible code. Restrict unauthenticated access to sensitive application components where possible.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.