Dnn.platform
This hub aggregates every CVE we track for Dnn.platform, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
31
CVEs tracked
3
Critical
6
High
0
In CISA KEV
Severity distribution
MEDIUM19HIGH6LOW3CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
6
3
4
0
0
7
3
0
0
5
0
0
3
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Dnn.platform.
- CVE-2026-40321DotNetNuke.Core has stored cross-site-scripting (XSS) via SVG upload8.0
- CVE-2026-40306DNN has same HostGUID for all new installs6.5
- CVE-2026-40305DNN has Force Friend Request Acceptance4.3
- CVE-2026-24838DotNetNuke.Core Vulnerable to Stored XSS via Module Title9.1
- CVE-2026-24837DotNetNuke.Core Vulnerable to Stored XSS in Module Deletion Confirmation Modal7.6
- CVE-2026-24836DotNetNuke.Core Vulnerable to Stored XSS in Scheduler LogNotes7.6
- CVE-2026-24833DotNetNuke.Core Vulnerable to Stored XSS in Module Description7.6
- CVE-2026-24784DotNetNuke.Core has a potential XSS vulnerability in modules' header and footer6.8
- CVE-2025-64095DNN Insufficient Access Control - Image Upload allows for Site Content Overwrite10.0
- CVE-2025-64094DNN vulnerable to stored cross-site-scripting (XSS) via SVG upload6.4
- CVE-2025-62802DNN CKEditor Provider allows unauthenticated upload out-of-the-box4.3
- CVE-2025-59548DNN Vulnerable to Reflected Cross-Site Scripting (XSS) in CKEditor File Browser6.1
- CVE-2025-59547DNN's CKEditor File Uploader functionality vulnerable through Unicode obfuscation5.3
- CVE-2025-59821DNN vulnerable to Reflected Cross-Site Scripting (XSS) using url to profile6.5
- CVE-2025-59546DNN Vulnerable to Stored XSS Using Backend Admin Credentials2.4
Product normalization is registry-driven with AI assist and human review. How it works