Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

51 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:11 a.m.5 views

CVE-2022-35925

BookWyrm is a social network for tracking reading. Versions prior to 0.4.5 were found to lack rate limiting on authentication views which allows brute-force attacks. This issue has been patched in version 0.4.5. Admins with existing instances will need to update their nginx.conf file that was...

9.8CVSS7AI score0.00517EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 8:44 a.m.6 views

CVE-2022-23644

BookWyrm is a decentralized social network for tracking reading habits and reviewing books. The functionality to load a cover via url is vulnerable to a server-side request forgery attack. Any BookWyrm instance running a version prior to v0.3.0 is susceptible to attack from a logged-in user. The...

8.8CVSS6.8AI score0.00299EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-28592

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00299EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-38798

Malicious code in bioql PyPI...

7.1CVSS6.3AI score0.00254EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-52764

Malicious code in bioql PyPI...

6.3CVSS6.3AI score0.0024EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 12:58 a.m.4 views

CVE-2022-31136

Bookwyrm is an open source social reading and reviewing program. Versions of Bookwyrm prior to 0.4.1 did not properly sanitize html being rendered to users. Unprivileged users are able to inject scripts into user profiles, book descriptions, and statuses. These vulnerabilities may be exploited as...

6.3CVSS6.3AI score0.0024EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/02/05 9:15 p.m.4 views

CVE-2022-2651

Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5...

9.8CVSS6.7AI score0.16939EPSS
Exploits4References1
RedhatCVE
RedhatCVEadded 2025/02/05 7:0 p.m.6 views

CVE-2022-35953

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...

7.1CVSS6.5AI score0.00254EPSS
Exploits1References1
Packet Storm
Packet Stormadded 2022/09/20 12:0 a.m.322 views

Bookwyrm 0.4.3 Authentication Bypass

Exploit Title: Bookwyrm v0.4.3 - Authentication Bypass Date: 2022-08-4 Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/bookwyrm-social/bookwyrm Software Link: https://github.com/bookwyrm-social/bookwyrm/releases/tag/v0.4.3 Version: = 4.0.3 Tested on: MacOS Monterey CVE:...

9.8CVSS0.5AI score0.16939EPSS
Exploits4
Exploit DB
Exploit DBadded 2022/09/20 12:0 a.m.95 views

Bookwyrm v0.4.3 - Authentication Bypass

Exploit Title: Bookwyrm v0.4.3 - Authentication Bypass Date: 2022-08-4 Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/bookwyrm-social/bookwyrm Software Link: https://github.com/bookwyrm-social/bookwyrm/releases/tag/v0.4.3 Version: = 4.0.3 Tested on: MacOS Monterey CVE:...

9.8CVSS9.7AI score0.16939EPSS
Exploits4
0day.today
0day.todayadded 2022/09/20 12:0 a.m.264 views

Bookwyrm v0.4.3 - Authentication Bypass Vulnerability

Exploit Title: Bookwyrm v0.4.3 - Authentication Bypass Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/bookwyrm-social/bookwyrm Software Link: https://github.com/bookwyrm-social/bookwyrm/releases/tag/v0.4.3 Version: = 4.0.3 Tested on: MacOS Monterey CVE: CVE-2022-2651 Original...

9.8CVSS0.2AI score0.16939EPSS
Exploits4
NVD
NVDadded 2022/08/12 9:15 p.m.10 views

CVE-2022-35953

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...

7.1CVSS0.00254EPSS
Exploits1References2
Prion
Prionadded 2022/08/12 9:15 p.m.11 views

Code injection

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...

5.8CVSS6AI score0.00254EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2022/08/12 8:15 p.m.10 views

CVE-2022-35953 URL Redirection to Untrusted Site ('Open Redirect') in bookwyrm

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...

7.1CVSS7AI score0.00254EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2022/08/12 8:15 p.m.4 views

CVE-2022-35953 URL Redirection to Untrusted Site ('Open Redirect') in bookwyrm

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...

7.1CVSS7AI score0.00254EPSS
Exploits1References2
CVE
CVEadded 2022/08/12 8:15 p.m.66 views

CVE-2022-35953

BookWyrm (open-source social network) contains a tabnabbing/open redirect issue affecting links opened with target="_blank", which can allow a newly opened tab to redirect the original page via window.opener. The vulnerability is documented across multiple sources and is noted as patched in versi...

7.1CVSS6.2AI score0.00254EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2022/08/12 8:15 p.m.8 views

CVE-2022-35953 URL Redirection to Untrusted Site ('Open Redirect') in bookwyrm

BookWyrm is a social network for tracking your reading, talking about books, writing reviews, and discovering what to read next. Some links in BookWyrm may be vulnerable to tabnabbing, a form of phishing that gives attackers an opportunity to redirect a user to a malicious site. The issue was...

7.1CVSS6AI score0.00254EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2022/08/12 12:0 a.m.2 views

PT-2022-23054 · Bookwyrm · Bookwyrm

Name of the Vulnerable Software and Affected Versions: BookWyrm versions prior to 0.4.5 Description: The issue in BookWyrm is related to tabnabbing, a form of phishing that allows attackers to redirect users to malicious sites through vulnerable links. Recommendations: For versions prior to 0.4.5...

7.1CVSS6.1AI score0.00254EPSS
Exploits1References5
CNNVD
CNNVDadded 2022/08/12 12:0 a.m.1 views

BookWyrm 输入验证错误漏洞

BookWyrm is a social reading platform. BookWyrm suffers from an input validation error vulnerability that stems from the fact that certain links may be susceptible to tabnabbing attacks...

7.1CVSS6.2AI score0.00254EPSS
Exploits1References3
NVD
NVDadded 2022/08/04 9:15 a.m.8 views

CVE-2022-2651

Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to 0.4.5...

9.8CVSS0.16939EPSS
Exploits4References3
Rows per page
Query Builder