CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2026/03/11 7:8 a.m.•3 views

CVE-2026-30913

Flarum is open-source forum software. When the flarum/nicknames extension is enabled, a registered user can set their nickname to a string that email clients interpret as a hyperlink. The nickname is inserted verbatim into plain-text notification emails, and recipients may be misled into visiting...

4.6CVSS5.8AI score0.00165EPSS

Exploits0References1

NVD•added 2026/03/10 5:40 p.m.•10 views

CVE-2026-30913

4.6CVSS0.00165EPSS

Exploits0References3

EUVD•added 2026/03/10 12:56 a.m.•6 views

EUVD-2026-10423

flarum/nicknames extension has display name injection in notification emails autolink & markdown...

4.6CVSS5.8AI score0.00165EPSS

Exploits0References4

OSV•added 2026/03/10 12:56 a.m.•1 views

GHSA-3C4M-J3G4-HH25 flarum/nicknames extension has display name injection in notification emails (autolink & markdown)

Summary When the flarum/nicknames extension is enabled, a registered user can set their nickname to a string that email clients interpret as a hyperlink. The nickname is inserted verbatim into plain-text notification emails, and recipients may be misled into visiting attacker-controlled domains...

4.6CVSS5.8AI score0.00165EPSS

Exploits0References6

Github Security Blog•added 2026/03/10 12:56 a.m.•7 views

flarum/nicknames extension has display name injection in notification emails (autolink & markdown)

4.6CVSS5.8AI score0.00165EPSS

Exploits0References6Affected Software1

CNNVD•added 2026/03/10 12:0 a.m.•8 views

Flarum 安全漏洞

Flarum is an open-source forum software developed by Flarum for building communities. There is a security vulnerability in Flarum. This vulnerability arises when the flarum/nicknames extension is enabled, allowing registered users to set their nicknames as strings that can be interpreted by email...

4.6CVSS5.8AI score0.00165EPSS

Exploits0References4

ATTACKERKB•added 2026/03/09 10:42 p.m.•3 views

CVE-2026-30913

4.6CVSS5.8AI score0.00165EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2026/03/09 12:0 a.m.•5 views

PT-2026-24146

Name of the Vulnerable Software and Affected Versions Flarum affected versions not specified Description The Flarum forum software, when used with the flarum/nicknames extension, allows a registered user to set a nickname that email clients may interpret as a hyperlink. This nickname is directly...

4.6CVSS5.8AI score0.00165EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by