All 3 CVE vulnerabilities found in genealogy, with AI-generated Chinese analysis, references, and POCs.
Vendor: MGeurts
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39355 | Genealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control) CWE-862 | 10.0 | Critical | 2026-04-07 |
| CVE-2025-55288 | Genealogy has a Reflected XSS Vulnerability CWE-79 | 5.5 | Medium | 2025-08-18 |
| CVE-2025-55287 | Genealogy has a stored XSS vulnerability CWE-79 | 5.4AI | MediumAI | 2025-08-18 |
All 3 known CVE vulnerabilities affecting genealogy with full Chinese analysis, references, and POCs where available.