Browse all 3 CVE security advisories affecting Morelitea. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28276 | Initiative Allows Unauthenticated Access to Uploaded Documents via Public /uploads/ Endpoint — initiativeCWE-200 | 7.5 | High | 2026-02-26 |
| CVE-2026-28275 | Initiative Vulnerable to Improper Session Invalidation (JWT Remains Valid) — initiativeCWE-613 | 8.1 | High | 2026-02-26 |
| CVE-2026-28274 | Initiative Vulnerable to Token Theft via Stored XSS in Document Uploads — initiativeCWE-79 | 8.7 | High | 2026-02-26 |
This page lists every published CVE security advisory associated with Morelitea. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.