directus Latest Vulnerabilities
Latest vulnerabilities published by directus
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Vulnerability in Directus API and App Dashboard Allows Unauthenticated File Modifications
CVE-2025-55746DirectusDirectus9.3CRITICALExposed Logging Vulnerability in Directus Real-Time API and App Dashboard
CVE-2025-53885DirectusDirectus4.2MEDIUMInformation Disclosure Vulnerability in Directus API Dashboard by Directus
CVE-2025-53886DirectusDirectus4.5MEDIUMOpenAPI Specification Exposure in Directus API Management Tool
CVE-2025-53887DirectusDirectus5.3MEDIUMInsufficient Authorization Issue in Directus API Management Tool
CVE-2025-53889DirectusDirectus6.5MEDIUMSensitive Data Exposure in Directus API from Directus Vendor
CVE-2025-30353DirectusDirectus8.6HIGHUnauthorized Data Exposure in Directus API Dashboard
CVE-2025-30352DirectusDirectus5.3MEDIUMSession Token Exploit in Directus API Management Tool
CVE-2025-30351DirectusDirectus3.5LOWVulnerability in Directus API Affecting S3 Storage Driver
CVE-2025-30350DirectusDirectus5.3MEDIUMAsset Unavailability Vulnerability in Directus by Directus
CVE-2025-30225DirectusDirectus5.3MEDIUMAccess Control Vulnerability in Directus by Directus
CVE-2025-27089DirectusDirectus4.3MEDIUMPrivilege Escalation Vulnerability in Directus API by Directus
CVE-2025-24353DirectusDirectus5MEDIUMUnauthorized Access Vulnerability in Directus Versions 11.0.0-11.3.0
CVE-2024-54151DirectusDirectus vulnerable to HTML Injection
CVE-2024-54128DirectusDirectus5.7MEDIUMDirectus API and App Dashboard Vulnerability - Access Tokens Not Redacted in System Logs
CVE-2024-47822DirectusDirectus4.2MEDIUMBypass of localhost blocking fixed in Directus release versions 10.13.3 and 11.1.0
CVE-2024-46990DirectusUnauthenticated User Access to Last Authenticated User Credentials via OpenID or OAuth2 Vulnerability
CVE-2024-45596DirectusDirectus7.4HIGHModify Presets for Account Takeover
CVE-2024-6534DirectusDirectus4.3MEDIUMArbitrary JavaScript Execution Leads to Account Takeover Vulnerability in Directus v10.13.0
CVE-2024-6533DirectusDirectus5.4MEDIUMDirectus Fixes SSO User Enumeration Vulnerability
CVE-2024-39896DirectusDirectus5.3MEDIUMDirectus Vulnerable to GraphQL DoS Attack
CVE-2024-39895DirectusDirectus6.5MEDIUMBroken Access Control Vulnerability in Directus <= v10.5.3
CVE-2024-39701DirectusDirectus6.3MEDIUMBlind SSRF vulnerability in Directus due to redirects in file import
CVE-2024-39699DirectusDirectus5MEDIUMDirectus Addresses Security Risk in URL Inclusion
CVE-2024-28238DirectusDirectus2.3LOWDirectus API Open Redirect Vulnerability Affects User Credentials
CVE-2024-28239DirectusDirectus4.3MEDIUM