Browse all 6 CVE security advisories affecting polarnl. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-39322 | PolarLearn: Any password authenticates banned accounts and grants API access — PolarLearnCWE-287 | 9.8AI | CriticalAI | 2026-04-07 |
| CVE-2026-35610 | PolarLearn has a Server Action Admin Bypass in Account Management Actions — PolarLearnCWE-285 | 8.8 | High | 2026-04-07 |
| CVE-2026-25885 | PolarLearn allows Unauthenticated WebSocket access allows subscribing to and posting in arbitrary group chats — PolarLearnCWE-285 | 6.5AI | MediumAI | 2026-02-09 |
| CVE-2026-25222 | PolarLearn Affected by User Enumeration via Argon2 Timing Attack on Sign-In Endpoint — PolarLearnCWE-200 | 3.7AI | LowAI | 2026-02-02 |
| CVE-2026-25221 | PolarLearn has Multiple Login CSRFs via Missing OAuth state Parameter (GitHub & Google) — PolarLearnCWE-352 | 8.1AI | HighAI | 2026-02-02 |
| CVE-2026-25126 | PolarLearn's unvalidated vote direction allows vote count manipulation — PolarLearnCWE-20 | 7.1 | High | 2026-01-29 |
This page lists every published CVE security advisory associated with polarnl. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.