Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 40 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-26058 Zulip: Path Traversal in Import zulipzulip Medium 6.1 2026-04-03 20:59:09 Deep Dive
CVE-2026-25742 Zulip: Anonymous File Access After Disabling Spectator Access zulipzulip Medium 5.3 2026-04-03 20:12:07 Deep Dive
CVE-2026-25741 Zulip Vulnerable to Modification of Payment Method (Stripe Default Card) by Non-Billing Users zulipzulip High 7.1 2026-02-26 21:44:34 Deep Dive
CVE-2026-24050 Zulip affected by Stored XSS in user profile modal zulipzulip--2026-02-06 18:20:33 Deep Dive
CVE-2025-52559 Zulip XSS in digest preview URL zulipzulip Medium 6.8 2025-07-02 19:31:12 Deep Dive
CVE-2025-47930 Zulip Server has access control bypass for restrictions on creation of specific channel types zulipzulip--2025-05-15 23:17:30 Deep Dive
CVE-2025-31478 Zulip Authentication Backend Configuration Bypass zulipzulip High 8.2 2025-04-16 21:28:23 Deep Dive
CVE-2025-30369 Zulip allows the deletion of Custom profile fields by administrators of a different organization zulipzulip Low 2.7 2025-03-31 16:32:54 Deep Dive
CVE-2025-30368 Zulip allows the deletion of organization by administrators of a different organization zulipzulip Low 2.7 2025-03-31 16:26:49 Deep Dive
CVE-2025-27149 Zulip exports can leak private data zulipzulip 低危 -2025-03-31 15:33:39 Deep Dive
CVE-2025-25195 Zulip events can leak private channel names zulipzulip Medium 4.3 2025-02-13 21:47:25 Deep Dive
CVE-2024-56136 /api/v1/jwt/fetch_api_key endpoint can leak if an email address has an account in Zulip server zulipzulip 中危 -2025-01-16 19:25:33 Deep Dive
CVE-2024-27286 Moving single messages from public to private streams leaves them accessible zulipzulip Medium 6.5 2024-03-20 19:35:59 Deep Dive
CVE-2024-21630 Zulip non-admins can invite new users to streams they would not otherwise be able to add existing users to zulipzulip Medium 4.3 2024-01-25 19:30:09 Deep Dive
CVE-2023-47642 Stream description leaks to ex-subscribers in Zulip zulipzulip Medium 4.3 2023-11-16 21:41:47 Deep Dive
CVE-2023-32678 Zulip vulnerable to insufficient authorization check for edition/deletion of messages and topics in private streams by former subscribers zulipzulip Medium 6.5 2023-08-25 20:04:49 Deep Dive
CVE-2023-33186 Cross-site scripting vulnerability in Zulip Server development branch via topic tooltip zulipzulip High 8.2 2023-05-30 05:31:37 Deep Dive
CVE-2023-28623 Unauthorized user can register an account in specific configurations in Zulip zulipzulip Medium 6.5 2023-05-19 21:04:52 Deep Dive
CVE-2023-32677 Users who can send invitations can erroneously add users to streams during invitation in Zulip zulipzulip Low 3.1 2023-05-19 20:44:47 Deep Dive
CVE-2023-22735 User uploads proxied from S3 lack `Content-Security-Policy` headers, may be served with `Content-Disposition: inline` in zulip zulipzulip Medium 4.4 2023-02-07 18:48:30 Deep Dive