| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-35404 | Open edX Platform has an Open Redirect in Survey Views via Unvalidated redirect_url Parameter | openedx | openedx-platform | Medium | 4.7 | 2026-04-06 21:22:30 | Deep Dive |
| CVE-2026-34736 | Open edX Platform: Account Activation Bypass via activation_key Exposure in REST API | openedx | openedx-platform | Medium | 5.3 | 2026-04-02 18:29:02 | Deep Dive |
| CVE-2025-68270 | CourseLimitedStaff Role Allows Studio Access | openedx | edx-platform | Critical | 9.9 | 2025-12-16 18:26:31 | Deep Dive |
| CVE-2025-47942 | Learners on edX Platform can download python_lib.zip | openedx | edx-platform | Medium | 5.3 | 2025-05-21 21:15:06 | Deep Dive |
| CVE-2024-41806 | Open edX Platform's instructor upload CSV for cohort creation not Private by Default | openedx | edx-platform | Medium | 5.3 | 2024-07-25 14:34:13 | Deep Dive |
| CVE-2024-22209 | XBlock custom auth does not respect JWT Scopes | openedx | edx-platform | Medium | 6.4 | 2024-01-13 07:40:44 | Deep Dive |