Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

grist-core — Vulnerabilities & Security Advisories 6

All 6 CVE vulnerabilities found in grist-core, with AI-generated Chinese analysis, references, and POCs.

Vendor: gristlabs

CVE IDTitleCVSSSeverityPublished
CVE-2026-24002 pyodide sandbox option is insecure CWE-74 9.1 Critical2026-01-22
CVE-2025-64753 grist-core has insufficient access control in endpoints for comparisons between documents and versions CWE-863 5.3 Medium2025-11-13
CVE-2025-64752 grist-core has path to server-side requests via websocket CWE-918 6.8 Medium2025-11-13
CVE-2024-56359 Cross-site Scripting vulnerability through HyperLink cells in grist-core CWE-79 8.1 High2024-12-20
CVE-2024-56358 Cross-site Scripting vulnerability through svg attachment previews in grist-core CWE-79 8.1 High2024-12-20
CVE-2024-56357 Cross-site Scripting vulnerability through custom widget URLs and form redirect URLs in grist-core CWE-79 8.1 High2024-12-20

All 6 known CVE vulnerabilities affecting grist-core with full Chinese analysis, references, and POCs where available.