| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-35057 | XenForo Stored Cross-Site Scripting via Structured Text Mentions | XenForo | XenForo | Medium | 6.4 | 2026-04-01 00:30:15 | Deep Dive |
| CVE-2026-35056 | XenForo Remote Code Execution via Authenticated Admin | XenForo | XenForo | High | 7.2 | 2026-04-01 00:30:14 | Deep Dive |
| CVE-2026-35055 | XenForo Cross-Site Scripting via Lightbox in Posts | XenForo | XenForo | Medium | 6.1 | 2026-04-01 00:30:13 | Deep Dive |
| CVE-2025-71282 | XenForo Path Disclosure via open_basedir Exceptions | XenForo | XenForo | High | 7.5 | 2026-04-01 00:30:12 | Deep Dive |
| CVE-2026-35054 | XenForo Stored Cross-Site Scripting via BB Code Rendering | XenForo | XenForo | Medium | 6.4 | 2026-04-01 00:30:12 | Deep Dive |
| CVE-2025-71281 | XenForo Template Method Call Restriction Bypass | XenForo | XenForo | High | 8.8 | 2026-04-01 00:30:11 | Deep Dive |
| CVE-2025-71280 | XenForo Local Account Page Caching Information Disclosure | XenForo | XenForo | Medium | 6.2 | 2026-04-01 00:30:10 | Deep Dive |
| CVE-2025-71279 | XenForo Passkey Security Bypass | XenForo | XenForo | Critical | 9.8 | 2026-04-01 00:30:09 | Deep Dive |
| CVE-2025-71278 | XenForo OAuth2 Unauthorized Scope Request | XenForo | XenForo | High | 8.8 | 2026-04-01 00:30:08 | Deep Dive |
| CVE-2024-58342 | XenForo Open Redirect via getDynamicRedirect | XenForo | XenForo | Medium | 6.3 | 2026-04-01 00:30:07 | Deep Dive |
| CVE-2023-53904 | Xenforo 2.2.13 Authenticated Stored Cross-Site Scripting via Smilie Categories | Xenforo | Xenforo | Medium | 4.6 | 2025-12-17 22:44:44 | Deep Dive |