Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Serendipity — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in Serendipity, with AI-generated Chinese analysis, references, and POCs.

Vendor: serendipity

CVE IDTitleCVSSSeverityPublished
CVE-2026-39971 Serendipity: Host Header Injection leads to SMTP header injection via unvalidated HTTP_HOST CWE-113 7.2 High2026-04-14
CVE-2026-39963 Serendipity: Host Header Injection enables authentication cookie scoping to an attacker-controlled domain CWE-565 6.9 Medium2026-04-14
CVE-2023-53933 Serendipity 2.4.0 Authenticated Remote Code Execution via File Upload CWE-434 8.8 High2025-12-17
CVE-2023-53932 Serendipity 2.4.0 Stored Cross-Site Scripting via Admin Entry Creation CWE-79 5.4 Medium2025-12-17
CVE-2024-58282 Serendipity 2.5.0 Remote Code Execution via Authenticated Media Upload CWE-434 7.2AIHighAI2025-12-10
CVE-2011-4090 Serendipity karma插件跨站脚本漏洞 6.1 -2019-11-26

All 6 known CVE vulnerabilities affecting Serendipity with full Chinese analysis, references, and POCs where available.