All 9 CVE vulnerabilities found in HumHub, with AI-generated Chinese analysis, references, and POCs.
Vendor: unspecified
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2026-29048 | HumHub: XSS in Button component CWE-79 | 5.4 | - | 2026-03-06 |
| CVE-2025-64442 | HumHub is vulnerable to XSS through its Meta Search component CWE-79 | 6.1 | - | 2025-11-07 |
| CVE-2024-52043 | User enumeration in HubHub CWE-209 | 5.3AI | MediumAI | 2024-11-06 |
| CVE-2022-31133 | Cross site scripting in HumHub CWE-79 | 5.9 | Medium | 2022-07-07 |
| CVE-2017-20028 | HumHub privileges management CWE-269 | 5.6 | Medium | 2022-06-09 |
| CVE-2017-20027 | HumHub DOM cross site scriting CWE-80 | 4.3 | Medium | 2022-06-09 |
| CVE-2017-20026 | HumHub Reflected cross site scriting CWE-80 | 4.3 | Medium | 2022-06-09 |
| CVE-2022-24865 | Improper access control in humhub CWE-200 | 6.5 | Medium | 2022-04-20 |
| CVE-2021-43847 | Authorization Bypass in Space Invite in HumHub CWE-285 | 6.5 | Medium | 2021-12-20 |
All 9 known CVE vulnerabilities affecting HumHub with full Chinese analysis, references, and POCs where available.