canarytokens — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in canarytokens, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-28355	"PWA" Canarytoken Vulnerable to Stored Self Cross-Site Scripting CWE-79	6.1	-	2026-02-27
CVE-2024-41664	Blind SSRF via Canarytoken Webhook CWE-918	5.4	Medium	2024-07-23
CVE-2024-41663	Canarytoken "Cloned Website" Vulnerable to Stored Cross-Site Scripting CWE-79	3.5	Low	2024-07-23
CVE-2024-28111	CSV Injection in exported history CSV files CWE-1236	6.5	Medium	2024-03-06
CVE-2023-22475	Cross-Site Scripting in Canarytoken history CWE-79	6.3	Medium	2023-01-06
CVE-2022-31113	Cross-Site Scripting in Canarytoken history CWE-79	6.3	Medium	2022-07-01

All 6 known CVE vulnerabilities affecting canarytokens with full Chinese analysis, references, and POCs where available.