| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-39322 | PolarLearn: Any password authenticates banned accounts and grants API access | polarnl | PolarLearn | - | - | 2026-04-07 19:03:29 | Deep Dive |
| CVE-2026-35610 | PolarLearn has a Server Action Admin Bypass in Account Management Actions | polarnl | PolarLearn | High | 8.8 | 2026-04-07 16:56:57 | Deep Dive |
| CVE-2026-25885 | PolarLearn allows Unauthenticated WebSocket access allows subscribing to and posting in arbitrary group chats | polarnl | PolarLearn | - | - | 2026-02-09 21:15:33 | Deep Dive |
| CVE-2026-25222 | PolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In Endpoint | polarnl | PolarLearn | - | - | 2026-02-02 23:01:03 | Deep Dive |
| CVE-2026-25221 | PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google) | polarnl | PolarLearn | - | - | 2026-02-02 22:59:39 | Deep Dive |
| CVE-2026-25126 | PolarLearn's unvalidated vote direction allows vote count manipulation | polarnl | PolarLearn | High | 7.1 | 2026-01-29 22:06:37 | Deep Dive |