Flarum/framework
This hub aggregates every CVE we track for Flarum/framework, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH1
Monthly trend
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Flarum/framework.
- CVE-2025-27794Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite6.8
- CVE-2024-21641Flarum's Logout Route allows open redirects6.5
- CVE-2023-40033Server-Side Request Forgery via Avatar upload in flarum7.1
- CVE-2018-19133In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email address.5.3
Product normalization is registry-driven with AI assist and human review. How it works