Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.2 views

CVE-2026-25742

Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access enablespectatoraccess / WEBPUBLICSTREAMSENABLED is disabled, attachments originating from web-public...

5.3CVSS5.8AI score0.00312EPSS
Exploits1References1
NVD
NVD
added 2026/04/03 9:17 p.m.9 views

CVE-2026-25742

Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access enablespectatoraccess / WEBPUBLICSTREAMSENABLED is disabled, attachments originating from web-public...

5.3CVSS0.00312EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/03 8:12 p.m.2 views

CVE-2026-25742

Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access enablespectatoraccess / WEBPUBLICSTREAMSENABLED is disabled, attachments originating from web-public...

5.3CVSS5.8AI score0.00312EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/03 8:12 p.m.1 views

CVE-2026-25742 Zulip: Anonymous File Access After Disabling Spectator Access

Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access enablespectatoraccess / WEBPUBLICSTREAMSENABLED is disabled, attachments originating from web-public...

5.3CVSS5.8AI score0.00312EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/03 8:12 p.m.16 views

CVE-2026-25742 Zulip: Anonymous File Access After Disabling Spectator Access

Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access enablespectatoraccess / WEBPUBLICSTREAMSENABLED is disabled, attachments originating from web-public...

5.3CVSS0.00312EPSS
Exploits1References4
CVE
CVE
added 2026/04/03 8:12 p.m.11 views

CVE-2026-25742

Zulip CVE-2026-25742 affects versions before 11.6. Before 11.6, even with spectator access disabled (enable_spectator_access / WEB_PUBLIC_STREAMS_ENABLED), attachments from web-public streams could be retrieved anonymously, and the endpoint /users/me//topics remained reachable to expose topic his...

5.3CVSS5.8AI score0.00312EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.4 views

PT-2026-30211

Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access enable spectator access / WEB PUBLIC STREAMS ENABLED is disabled, attachments originating from web-public...

5.3CVSS5.8AI score0.00312EPSS
Exploits1References5
Rows per page
Query Builder