The remote host has a version of figma-developer-mcp prior to 0.6.3.  A command injection vulnerability exists in the figma-developer-mcp MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Cursor installed on the remote host is prior to 1.7. It is, therefore, affected by a remote code execution vulnerability. Versions 1.6.23 and below contain case-sensitive checks in the way Cursor IDE protects its sensitive files (e.g., */.cursor/mcp.json), which allows attackers to modify the content of these files through prompt injection and achieve remote code execution. A prompt injection can lead to full RCE through modifying sensitive files on case-insensitive fileystems. 

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Google Gemini CLI, a Node.js package providing CLI support for Google's artificial intelligence, is installed on the remote host.

Note that enabling the 'Perform thorough tests' setting will search the file system for the product.

The version of Ollama installed on the remote host is 0.9.6 or earlier. It is, therefore, affected by a vulnerability. Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.9.6 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Ollama installed on the remote host is prior or equal to 0.3.3. It is, therefore, affected by a vulnerability. A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for `block_count` in the Modelfile. This can lead to a denial of service (DoS) condition when the server processes the model, causing it to crash.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Cursor installed on the remote host is prior to 1.2.4. It is, therefore, affected by a remote code execution vulnerability. Attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a collaborator accepts a harmless MCP, the attacker can silently swap it for a malicious command (e.g., calc.exe) without triggering any warning or re-prompt. If an attacker has write permissions on a user's active branches of a source repository that contains existing MCP servers the user has previously approved, or allows an attacker has arbitrary file-write locally, the attacker can achieve arbitrary code execution. 

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Cursor installed on the remote host is 1.2.1 or prior. It is, therefore, affected by a remote code execution vulnerability. An attacker could achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a collaborator accepts a harmless MCP, the attacker could silently swap it for a malicious command (e.g., calc.exe) without triggering any warning or re-prompt.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

A MCP Server using Server Sent Events (SSE) was detected on the remote host.

An Model Context Protocol Python library is installed on the remote host. 

Note that Nessus has relied upon on the application's self-reported version number.

The remote host has a 'ModelContextProtocol' with a Verified NuGet package status and is installed on the remote host.

Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of the BentoML library installed on the remote host has an arbitrary code execution vulnerability. BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.8, there was an insecure deserialization in BentoML's runner server. By setting specific headers and parameters in the POST request, it is possible to execute any unauthorized arbitrary code on the server, which will grant the attackers to have the initial access and information disclosure on the server.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Ollama is installed on the remote Windows host.

The version of Ollama installed on the remote host is prior or equal to 0.3.14. It is, therefore, affected by multiple vulnerabilities, including the following:

  - A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized     GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding     function, causing the server to crash and resulting in a Denial of Service (DoS) attack. (CVE-2025-0317)     
  - A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file,     upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory,     leading to a Denial of Service (DoS) attack. (CVE-2025-0315)

  - A vulnerability in Ollama versions <=0.3.14 allows a malicious user to create a customized gguf model     file that can be uploaded to the public Ollama server. When the server processes this malicious model,     it crashes, leading to a Denial of Service (DoS) attack. The root cause of the issue is an out-of-bounds     read in the gguf.go file. (CVE-2024-12055)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Ollama is installed on the remote Linux host.

The remote web server hosts Gradio UI web application

Granola, an app that uses AI to create meeting notes, is installed on the remote macOS host.

The version of Gradio installed on the remote host is prior to 4.19.2. It is, therefore, affected by a Cross-Site Request Forgery (CSRF) vulnerability in gradio-app/gradio which allows attackers to upload multiple large files to a victim's system if they are running Gradio locally. By crafting a malicious HTML page that triggers an unauthorized file upload to the victim's server, an attacker can deplete the system's disk space, potentially leading to a denial of service. This issue affects the file upload functionality as implemented in gradio/routes.py.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An Gradio Python library is installed on the remote host. 

Note that Nessus has relied upon on the application's self-reported version number.

The version of Gradio installed on the remote host is prior to 4.13.0. It is, therefore, affected by a local file access vulnerability. An issue was discovered in gradio-app/gradio, where the `/component_server` endpoint improperly allows the invocation of any method on a `Component` class with attacker-controlled arguments. Specifically, by exploiting the `move_resource_to_block_cache()` method of the `Block` class, an attacker can copy any file on the filesystem to a temporary directory and subsequently retrieve it. This vulnerability enables unauthorized local file read access, posing a significant risk especially when the application is exposed to the internet via `launch(share=True)`, thereby allowing remote attackers to read files on the host machine. Furthermore, gradio apps hosted on `huggingface.co` are also affected, potentially leading to the exposure of sensitive information such as API keys and credentials stored in environment variables.

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Gradio installed on the remote host is prior to 4.19.2. It is, therefore, affected by a local file inclusion vulnerability due to improper validation of user-supplied input in the UploadButton component. Attackers can exploit this vulnerability to read arbitrary files on the filesystem, such as private SSH keys, by manipulating the file path in the request to the `/queue/join` endpoint. This issue could potentially lead to remote code execution. The vulnerability is present in the handling of file upload paths, allowing attackers to redirect file uploads to unintended locations on the server.

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Gradio installed on the remote host is prior to 4.18.0. It is, therefore, affected by an SSRF vulnerability exists in the gradio-app/gradio due to insufficient validation of user-supplied URLs in the `/proxy` route. Attackers can exploit this vulnerability by manipulating the `self.replica_urls` set through the `X-Direct-Url` header in requests to the `/` and `/config` routes, allowing the addition of arbitrary URLs for proxying. This flaw enables unauthorized proxying of requests and potential access to internal endpoints within the Hugging Face space. The issue arises from the application's inadequate checking of safe URLs in the `build_proxy_request` function.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Gradio installed on the remote host is prior to 4.42.0. It is, therefore, affected by a hidden server-side request forgery (SSRF) vulnerability. The reason is that within the save_url_to_cache function, there are no restrictions on the URL, which allows access to local target resources. This can lead to the download of local resources and sensitive information.

    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a Denial-of-Service (DoS) vulnerability in the `SitemapLoader` class. The `parse_sitemap` method, responsible for parsing sitemaps and extracting URLs, lacks a mechanism to prevent infinite recursion when a sitemap URL refers to the current sitemap itself. This oversight allows for the possibility of an infinite loop, leading to a crash by exceeding the maximum recursion depth in Python. This vulnerability can be exploited to occupy server socket/port resources and crash the Python process, impacting the availability of services relying on this functionality.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a   path traversal vulnerability which exists in the `getFullPath` method. This vulnerability allows attackers   to save files anywhere in the filesystem, overwrite existing text files, read `.txt` files, and delete   files. The vulnerability is exploited through the `setFileContent`,  `getParsedFile`, and `mdelete`   methods, which do not properly sanitize user input.

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.1.35. It is, therefore, affected by a XML External Entity (XXE) vulnerability in the langchain-ai/langchain repository allows for a Billion Laughs Attack, a type of XML External Entity (XXE) exploitation. By nesting multiple layers of entities within an XML document, an attacker can cause the XML parser to consume excessive CPU and memory resources, leading to a denial of service (DoS).

    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.0.27. It is, therefore, affected by a server-side request forgery (SSRF) vulnerability in the function load_local in the library libs/community/langchain_community/retrievers/tfidf.py of the component TFIDFRetriever. 

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a vulnerability in the GraphCypherQAChain class which allows for SQL injection through prompt injection. This vulnerability can lead to unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.1.0. It is, therefore, affected by a SSRF vulnerability.  An attacker in control of the contents of 'https://example.com' could place a malicious HTML file in there with links like 'https://example.completely.different/my_file.html' and the crawler would proceed to download that file as well even though `prevent_outside=True`.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.9. It is, therefore, affected by a deserialization vulnerability in the FAISS.deserialize_from_bytes function. This can lead to the execution of arbitrary commands via the os.system function.

    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.1.5. It is, therefore, affected by a Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This flaw enables attackers to execute port scans, access local services, and in some scenarios, read instance metadata from cloud environments. The vulnerability is particularly concerning as it can be exploited to abuse the Web Explorer server as a proxy for web attacks on third parties and interact with servers in the local network, including reading their response data. This could potentially lead to arbitrary code execution, depending on the nature of the local services. The vulnerability is limited to GET requests, as POST requests are not possible, but the impact on confidentiality, integrity, and availability is significant due to the potential for stolen credentials and state-changing interactions with internal APIs.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a prompt injection vulnerability in the GraphCypherQAChain class which leads to SQL injection. This vulnerability permits unauthorized data manipulation, data exfiltration, denial of service (DoS) by deleting all data, breaches in multi-tenant security environments, and data integrity issues. Attackers can create, update, or delete nodes and relationships without proper authorization, extract sensitive data, disrupt services, access data across different tenants, and compromise the integrity of the database.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.57.1. It is, therefore, affected by a denial of service (DoS) vulnerability exists in zenml-io/zenml version due to improper handling of line feed (`\n`) characters in component names. When a low-privileged user adds a component through the API endpoint `api/v1/workspaces/default/components` with a name containing a `\n` character, it leads to uncontrolled resource consumption. This vulnerability results in the inability of users to add new components in certain categories (e.g., 'Image Builder') and to register new stacks through the UI, thereby degrading the user experience and potentially rendering the ZenML Dashboard unusable. The issue does not affect component addition through the Web UI, as `\n` characters are properly escaped in that context. The vulnerability was tested on ZenML running in Docker, and it was observed in both Firefox and Chrome browsers. The project maintainers disputed the exposure with NVD and claim it is only a QA bug.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.57.0. It is, therefore, affected by an account takeover exposure due to the lack of rate-limiting in the password change function. An attacker can brute-force the current password in the 'Update Password' function, allowing them to take over the user's account. This vulnerability is due to the absence of rate-limiting on the '/api/v1/current-user' endpoint, which does not restrict the number of attempts an attacker can make to guess the current password. Successful exploitation results in the attacker being able to change the password and take control of the account.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.3. It is, therefore, affected by a vulnerability which allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire after a password change, enabling an attacker to maintain access to a compromised account without the victim's ability to revoke this access. This issue was observed in a self-hosted ZenML deployment via Docker, where after changing the password from one browser, the session remained active and usable in another browser without requiring re-authentication.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.55.5. It is, therefore, affected by a race condition vulnerability which allows for the creation of multiple users with the same username when requests are sent in parallel. The vulnerability arises due to insufficient handling of concurrent user creation requests, leading to data inconsistencies and potential authentication problems. Specifically, concurrent processes may overwrite or corrupt user data, complicating user identification and posing security risks. This issue is particularly concerning for APIs that rely on usernames as input parameters, such as PUT /api/v1/users/test_race, where it could lead to further complications.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.3. It is, therefore, affected by a clickjacking vulnerability due to the application's failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. This vulnerability allows an attacker to embed the application UI within an iframe on a malicious page, potentially leading to unauthorized actions by tricking users into interacting with the interface under the attacker's control.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.2. It is, therefore, affected by An improper authorization vulnerability exists in the API /api/v1/users/id endpoint. This vulnerability allows any authenticated user to modify the information of other users, including changing the `active` status of user accounts to false, effectively deactivating them. The impact of this vulnerability is significant as it allows for the deactivation of admin accounts, potentially disrupting the functionality and security of the application.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.57.1. It is, therefore, affected by a     A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. The vulnerability exists due to improper neutralization of input during web page generation, specifically within the survey redirect parameter. This flaw allows an attacker to redirect users to a specified URL after completing a survey, without proper validation of the 'redirect' parameter. Consequently, an attacker can execute arbitrary JavaScript code in the context of the user's browser session. This vulnerability could be exploited to steal cookies, potentially leading to account takeover.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.3. It is, therefore, affected by an improper authentication mechanisms. An attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized account takeover by bypassing the standard password change verification process.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.55.5. It is, therefore, affected by an arbitrary file upload vulnerability in the load function at /materializers/cloudpickle_materializer.py. This vulnerability allows attackers to execute arbitrary code via uploading a crafted file.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of ZenML installed on the remote host is prior to 0.56.2. It is, therefore, affected by a stored Cross-Site Scripting (XSS) vulnerability was identified within the 'logo_url' field. By injecting malicious payloads into this field, an attacker could send harmful messages to other users, potentially compromising their accounts. The impact of exploiting this vulnerability could lead to user account compromise.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of the Pandas library installed on the remote host has an unpatched exposure. It is, therefore, affected by a code injection vulnerability in the pandas.DataFrame.query function.  The function is intended to allow querying the columns of a DataFrame using a boolean expression. A malicious attacker can constructs a malicious query to bypass input validation mechanisms and trigger a code injection vulnerability which can lead to command execution if the code passes untrusted input into self.eval().

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An arbitrary file overwrite vulnerability exists in H2O-3. The endpoint that allows for exporting models & does not limit where models can be exported to. As such an attacker can export a model to any file in the server file structure, overwriting it, by simply using the force flag.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with a JSON document containing a connection_url property with any typical JDBC Connection URL attack payload such as one that uses queryInterceptors. (CVE-2024-45758)

A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
(CVE-2024-8862)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Intel Neural Compressor installed on the remote host is prior to 3.0. It is, therefore, affected by the following:

  - Improper neutralization of special elements used in an SQL command ('SQL Injection') in some Intel Neural     Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of     privilege via adjacent access. (CVE-2024-39368)

  - Improper input validation in some Intel Neural Compressor software before version v3.0 may allow an     unauthenticated user to potentially enable escalation of privilege via adjacent access. (CVE-2024-28028)

  - Improper neutralization of special elements used in SQL command in some Intel Neural Compressor software before     version v3.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
    (CVE-2024-39766)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of the LightGBM library installed on the remote host is prior to 4.6.0. It is, therefore, affected by a remote code execution vulnerability.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of the torchgeo Python library installed on the remote host is prior to 0.6.1. It is, therefore, affected by a remote code execution vulnerability. The usage of 'eval()' in torchgeo's 'get_weight()' API function could allow an unauthenticated, remote attacker to execute arbitrary commands.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.

  Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Severity
271839	Figma Developer MCP < 0.6.3 RCE (GHSA-gxw4-4fc5-9gr5)	high
270574	Cursor < 1.7 RCE (GHSA-xcwh-rrwj-gxc7)	high
265760	Google Gemini CLI Installed (macOS)	info
265759	Google Gemini CLI Installed (Windows)	info
265758	Google Gemini CLI Installed (Linux/UNIX)	info
250293	Ollama <= 0.9.6 Cross-Domain Token Exposure	medium
250292	Ollama <= 0.3.3 DoS	high
243972	Cursor < 1.2.4 RCE (GHSA-24mc-g4xr-4395)	high
243971	Cursor <= 1.2.1 RCE (GHSA-4cxx-hrm3-49rm)	high
243280	MCP Server using Server Sent Events Detected	info
241433	Model Context Protocol (MCP) Python Library Detection	info
241432	NuGet Package 'ModelContextProtocol' Detection	info
235353	BentoML 1.x < 1.4.8 Arbitrary Code Execution	critical
233770	Ollama Installed (Windows)	info
233434	Ollama <= 0.3.14 Multiple Vulnerabilities	high
233180	Ollama Installed (Linux)	info
232290	Gradio UI Detection	info
214856	Granola Installed (macOS)	info
213711	Gradio < 4.19.2 CSRF	medium
213710	Gradio Detection	info
213709	Gradio < 4.13.0 Local File Access	high
213708	Gradio < 4.19.2 Vulnerability - CVE-2024-1728	high
213707	Gradio < 4.18.0 Vulnerability - CVE-2024-2206	medium
213706	Gradio < 4.42.0 SSRF	medium
213567	LangChain < 0.2.5 DoS	medium
213566	LangChain < 0.2.5 Arbitrary File Write	critical
213565	LangChain < 0.1.35 XXE	medium
213564	LangChain < 0.0.27 SSRF	medium
213563	LangChain < 0.2.5 SQLi through Prompt Injection	critical
213562	LangChain < 0.1.0 SSRF	high
213561	LangChain < 0.2.9 Vulnerability - CVE-2024-5998	high
213560	LangChain < 0.1.5 SSRF	high
213559	LangChain < 0.2.5 SQLi through Prompt Injection	critical
213485	ZenML < 0.57.1 DoS (CVE-2024-4460)	medium
213484	ZenML < 0.57.0 Password Reset Brute Force (CVE-2024-4311)	medium
213483	ZenML < 0.56.3 Unpatched Session Expiration Exposure (CVE-2024-4680)	high
213482	ZenML < 0.55.5 Vulnerability - CVE-2024-2032	low
213481	ZenML < 0.56.3 Vulnerability - CVE-2024-2383	medium
213480	ZenML < 0.56.2 Vulnerability - CVE-2024-2035	medium
213479	ZenML < 0.58.0 XSS	medium
213478	ZenML < 0.56.3 Vulnerability - CVE-2024-2213	low
213477	ZenML < 0.55.5 Arbitrary File Upload	high
213476	ZenML < 0.56.2 Vulnerability - CVE-2024-2171	medium
213084	Pandas DataFrame.query Code Injection (Unpatched)	high
213042	H2O-3 Arbitrary File Overwrite (CVE-2024-6854)	high
213041	H2O-3 Multiple Deserialization Vulnerabilities	critical
211955	Intel Neural Compressor < 3.0 Multiple Vulnerabilities	high
211682	LightGBM < 4.6.0 RCE	high
211464	torchgeo Python Library < 0.6.1 RCE	high
210769	MLflow < 2.9.2 Path Traversal Vulnerability	high

Detections

Analytics

Artificial Intelligence Family for Nessus

high

high

info

info

info

medium

high

high

high

info

info

info

critical

info

high

info

info

info

medium

info

high

high

medium

medium

medium

critical

medium

medium

critical

high

high

high

critical

medium

medium

high

low

medium

medium

medium

low

high

medium

high

high

critical

high

high

high

high