Mybb Security Vulnerabilities and Issues — Mybb CVE List

Lucene search

MybbMybb

4 matches found

CVE•added 2025/04/17 10:15 p.m.•53 views

CVE-2025-29458

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.

7.6CVSS7.3AI score0.00227EPSS

CVE•added 2025/04/17 10:15 p.m.•53 views

CVE-2025-29460

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add Mycode function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.

7.6CVSS7.3AI score0.00195EPSS

CVE•added 2025/04/17 10:15 p.m.•50 views

CVE-2025-29457

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.

7.6CVSS7.3AI score0.00227EPSS

CVE•added 2025/04/17 10:15 p.m.•48 views

CVE-2025-29459

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.

7.6CVSS7.3AI score0.00225EPSS