Package impact
Packagist / flarum/framework
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-27794 | unknown | — | — | 1y ago | Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite | |||
| CVE-2024-21641 | unknown | — | — | 2y ago | Flarum's logout Route allows open redirects | |||
| CVE-2023-40033 | unknown | — | — | 3y ago | Flarum vulnerable to LFI and Blind SSRF via Avatar upload | |||
| CVE-2018-19133 | unknown | — | — | 4y ago | Flarum Core Leaks PII |