| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33693 | Lemmy's Activitypub-Federation has SSRF via 0.0.0.0 bypass in activitypub-federation-rust v4_is_invalid() | LemmyNet | lemmy | Medium | 6.5 | 2026-03-27 00:03:36 | Deep Dive |
| CVE-2026-29178 | Lemmy: Unauthenticated SSRF via file_type query parameter injection in image endpoint | LemmyNet | lemmy | 高危 | - | 2026-03-06 17:56:09 | Deep Dive |
| CVE-2025-25194 | Server-Side Request Forgery (SSRF) in activitypub_federation | LemmyNet | lemmy | Medium | 4.0 | 2025-02-10 22:14:32 | Deep Dive |
| CVE-2024-23649 | Any authenticated user may obtain private message details from other users on the same instance | LemmyNet | lemmy | High | 7.5 | 2024-01-24 18:09:30 | Deep Dive |