| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-5205 | chatwoot Webhook API trigger.rb Trigger server-side request forgery | - | chatwoot | Medium | 6.3 | 2026-03-31 16:30:11 | Deep Dive |
| CVE-2026-4990 | chatwoot Signup Endpoint login improper authorization | - | chatwoot | High | 7.3 | 2026-03-27 21:27:18 | Deep Dive |
| CVE-2025-12246 | chatwoot Admin IframeLoader.vue cross site scripting | - | chatwoot | Medium | 4.3 | 2025-10-27 07:32:10 | Deep Dive |
| CVE-2025-12245 | chatwoot Widget IFrameHelper.js initPostMessageCommunication origin validation | - | chatwoot | Medium | 5.3 | 2025-10-27 07:32:08 | Deep Dive |
| CVE-2024-0640 | Stored XSS in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 中危 | - | 2025-03-20 10:10:52 | Deep Dive |
| CVE-2025-21628 | Chatwoot has a Blind SQL-injection in Conversation and Contacts filters | chatwoot | chatwoot | Critical | 9.1 | 2025-01-09 17:10:05 | Deep Dive |
| CVE-2021-3740 | Session Fixation in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | - | - | 2024-11-15 10:57:09 | Deep Dive |
| CVE-2021-3742 | Server-Side Request Forgery (SSRF) in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | - | - | 2024-11-15 10:51:26 | Deep Dive |
| CVE-2021-3741 | Stored Cross-site Scripting (XSS) in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | - | - | 2024-11-15 10:51:23 | Deep Dive |
| CVE-2023-2109 | Cross-site Scripting (XSS) - DOM in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 中危 | - | 2023-04-17 00:00:00 | Deep Dive |
| CVE-2022-3741 | Improper Restriction of Excessive Authentication Attempts in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 超危 | - | 2022-10-28 00:00:00 | Deep Dive |
| CVE-2022-2901 | Improper Authorization in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 高危 | - | 2022-09-06 09:15:12 | Deep Dive |
| CVE-2022-0542 | Cross-site Scripting (XSS) - DOM in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 中危 | - | 2022-08-19 17:55:09 | Deep Dive |
| CVE-2022-1021 | Insecure Storage of Sensitive Information in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 中危 | - | 2022-08-19 12:40:10 | Deep Dive |
| CVE-2022-1022 | Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 中危 | - | 2022-04-21 14:25:12 | Deep Dive |
| CVE-2021-3813 | Improper Privilege Management in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 中危 | - | 2022-02-09 14:15:11 | Deep Dive |
| CVE-2022-0527 | Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 中危 | - | 2022-02-09 04:20:11 | Deep Dive |
| CVE-2022-0526 | Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 中危 | - | 2022-02-09 04:15:10 | Deep Dive |
| CVE-2021-3649 | Inefficient Regular Expression Complexity in chatwoot/chatwoot | chatwoot | chatwoot/chatwoot | 高危 | - | 2021-07-16 13:33:25 | Deep Dive |