bigbluebutton

Top products

The 15 most recently published vulnerabilities affecting bigbluebutton.

• CVE-2026-27737BigBlueButton has Stored XSS in bbb-playback replay6.5May 18, 2026
• CVE-2026-41127BigBlueButton's missing authorization allows viewer to inject/overwrite captions6.5Apr 21, 2026
• CVE-2026-41126BigBlueButton has Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL"4.3Apr 21, 2026
• CVE-2026-27736BigBlueButton has Open Redirect vulnerability in ApiController6.1Feb 25, 2026
• CVE-2026-27467BigBlueButton: Audio from participants to the server initially unmuted2.0Feb 21, 2026
• CVE-2026-27466BigBlueButton: Exposed ClamAV port enables Denial of Service7.2Feb 21, 2026
• CVE-2025-61602BigBlueButton vulnerable to Chat DoS via invalid reactionEmojiId7.5Oct 9, 2025
• CVE-2025-61601BigBlueButton vulnerable to DoS via PollSubmitVote GraphQL mutation7.5Oct 9, 2025
• CVE-2025-55200BigBlueButton vulnerable to Stored XSS via name of user at Shared Notes7.1Oct 9, 2025
• CVE-2024-39302Some bbb-record-core files installed with wrong file permission3.7Jun 28, 2024
• CVE-2024-38518bbb-web API additional parameters considered4.6Jun 28, 2024
• CVE-2022-36029BigBlueButton Greenlight Open Redirect vulnerability9.1Apr 25, 2024
• CVE-2022-36028BigBlueButton Greenlight Open Redirect vulnerability9.1Apr 25, 2024
• CVE-2023-43798BigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)5.6Oct 30, 2023
• CVE-2023-43797BigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby6.3Oct 30, 2023