| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-27974 | Audiobooksheld VUlnerable to Stored XSS in WrappingMarquee.js via Audiobook Metadata (Mobile App Audio Player) | advplyr | audiobookshelf-app | Medium | 4.8 | 2026-02-26 02:10:31 | Deep Dive |
| CVE-2026-27963 | Audiobookshelf has Stored XSS in Tooltip.vue via Audiobook Metadata | advplyr | audiobookshelf | Medium | 4.8 | 2026-02-26 02:08:21 | Deep Dive |
| CVE-2026-27973 | Audiobookshelf has Stored XSS in ItemSearchCard.vue via Audiobook Metadata (Search Results on Mobile App) | advplyr | audiobookshelf | Medium | 4.0 | 2026-02-26 02:06:49 | Deep Dive |
| CVE-2025-57800 | Audiobookshelf vulnerable to OIDC token exfiltration and account takeover | advplyr | audiobookshelf | High | 8.8 | 2025-08-22 17:02:04 | Deep Dive |
| CVE-2025-46338 | Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected via POST Request in /api/upload | advplyr | audiobookshelf | - | - | 2025-04-29 04:34:45 | Deep Dive |
| CVE-2025-25205 | Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching | advplyr | audiobookshelf | High | 8.2 | 2025-02-12 18:16:01 | Deep Dive |
| CVE-2024-43797 | Path Traversal in audiobookshelf | advplyr | audiobookshelf | Medium | 6.3 | 2024-09-02 16:21:07 | Deep Dive |
| CVE-2024-35236 | Audiobookshelf Cross-Site-Scripting vulnerability via crafted ebooks | advplyr | audiobookshelf | Medium | 4.8 | 2024-05-27 17:03:46 | Deep Dive |
| CVE-2023-51665 | Audiobookshelf vulnerable to Blind SSRF in `Auth.js` | advplyr | audiobookshelf | Medium | 4.3 | 2023-12-27 17:26:57 | Deep Dive |
| CVE-2023-51697 | Audiobookshelf vulnerable to Blind SSRF in `podcastUtils.js` | advplyr | audiobookshelf | Medium | 4.3 | 2023-12-27 17:26:55 | Deep Dive |
| CVE-2023-47624 | Audiobookshelf Arbitrary File Read Vulnerability | advplyr | audiobookshelf | High | 7.5 | 2023-12-13 21:09:01 | Deep Dive |
| CVE-2023-47619 | Audiobookshelf Server-Side Request Forgery and Arbitrary File Read Vulnerability | advplyr | audiobookshelf | High | 8.1 | 2023-12-13 21:02:34 | Deep Dive |