CVE-2026-25808

Hollo is a federated single-user microblogging software designed to be federated through ActivityPub. Prior to 0.6.20 and 0.7.2, there is a security vulnerability where DMs and followers-only posts were exposed through the ActivityPub outbox endpoint without authorization. This vulnerability is...

PT-2026-7177

Name of the Vulnerable Software and Affected Versions Hollo versions prior to 0.6.20 Hollo versions prior to 0.7.2 Description Hollo is a federated single-user microblogging software that utilizes ActivityPub for federation. A security issue exists where direct messages DMs and posts restricted t...

EUVD-2023-1336

Malicious code in bioql PyPI...

CVE-2023-2106 Weak Password Requirements in janeczku/calibre-web

Weak Password Requirements in GitHub repository janeczku/calibre-web prior to 0.6.20...

ALPINE-CVE-2012-2841

Integer underflow in the exifentrygetvalue function in exif-entry.c in the EXIF Tag Parsing Library aka libexif 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer...

DEBIAN-CVE-2007-3372

The Avahi daemon in Avahi before 0.6.20 allows attackers to cause a denial of service exit via empty TXT data over D-Bus, which triggers an assert error...