| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-34828 | listmonk: Active sessions remain valid after password reset and password change | knadh | listmonk | High | 7.1 | 2026-04-02 17:32:25 | Deep Dive |
| CVE-2026-34584 | listmonk: Broken Access Control in CSV Import (Unauthorized List Assignment) | knadh | listmonk | Medium | 5.4 | 2026-04-02 17:31:38 | Deep Dive |
| CVE-2026-21483 | listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover | knadh | listmonk | 中危 | - | 2026-01-02 20:57:29 | Deep Dive |
| CVE-2025-58430 | listmonk Vulnerable to CSRF to XSS Chain That Can Lead to Admin Account Takeover | knadh | listmonk | - | - | 2025-09-09 19:37:45 | Deep Dive |
| CVE-2025-49136 | listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user | knadh | listmonk | Critical | 9.0 | 2025-06-09 16:21:48 | Deep Dive |