| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-21885 | Miniflux Media Proxy SSRF via /proxy endpoint allows access to internal network resources | miniflux | v2 | Medium | 6.5 | 2026-01-08 13:57:25 | Deep Dive |
| CVE-2025-67713 | Miniflux 2 has an Open Redirect via protocol-relative `redirect_url` | miniflux | v2 | - | - | 2025-12-11 00:17:00 | Deep Dive |
| CVE-2025-31483 | Stored XSS in Miniflux Media Proxy due to improper Content-Security-Policy configuration | miniflux | v2 | - | - | 2025-04-03 18:07:32 | Deep Dive |
| CVE-2023-27591 | Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics | miniflux | v2 | High | 7.5 | 2023-03-17 19:04:04 | Deep Dive |
| CVE-2023-27592 | Stored XSS in Miniflux when opening a broken image due to unescaped ServerError in proxy handler | miniflux | v2 | Medium | 4.8 | 2023-03-17 19:04:01 | Deep Dive |