misskey-dev

Top products

The 15 most recently published vulnerabilities affecting misskey-dev.

• CVE-2026-28433Misskey lacks resource ownership validation4.3Mar 9, 2026
• CVE-2026-28432HTTP signature verification can be bypassed7.5Mar 9, 2026
• CVE-2026-28431Misskey lacks proper authorization checks and input validation7.5Mar 9, 2026
• CVE-2025-66482Misskey has a login rate limit bypass via spoofed X-Forwarded-For header6.5Dec 15, 2025
• CVE-2025-66402misskey.js's export data contains private post data6.5Dec 15, 2025
• CVE-2025-46559Misskey Directory Traversal Vulnerability in AiScript via `Mk:api`5.4May 5, 2025
• CVE-2025-46340Misskey CSS Style Injection Vulnerability In `MkUrlPreview`7.2May 5, 2025
• CVE-2025-46553@misskey-dev/summaly Redirect Filter Bypass6.1May 5, 2025
• CVE-2025-25306Misskey's Incomplete Patch of CVE-2024-52591 Leads to Forgery of Federated Notes9.3Mar 10, 2025
• CVE-2025-24897Misskey CSRF vulnerability due to insecure configuration of authentication cookie attributes8.2Feb 11, 2025
• CVE-2025-24896Misskey allows token to remain valid in cookie after signing out8.1Feb 11, 2025
• CVE-2024-49363Uncontrolled Recursion and Asymmetric Resource Consumption (Amplification) in media/file proxy in Misskey7.4Dec 18, 2024
• CVE-2024-52579Server-Side Request Forgery vulnerability in various APIs in Misskey6.4Dec 18, 2024
• CVE-2024-52590Missing validation allows spoofed profiles in Misskey6.5Dec 18, 2024
• CVE-2024-52591Missing validation allows spoofed profiles and notes in Misskey9.3Dec 18, 2024