directus Latest Vulnerabilities
Latest vulnerabilities published by directus
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Sensitive Data Exposure in Directus API from Directus Vendor
CVE-2025-30353DirectusDirectus8.6HIGHUnauthorized Data Exposure in Directus API Dashboard
CVE-2025-30352DirectusDirectus5.3MEDIUMSession Token Exploit in Directus API Management Tool
CVE-2025-30351DirectusDirectus3.5LOWVulnerability in Directus API Affecting S3 Storage Driver
CVE-2025-30350DirectusDirectus5.3MEDIUMAsset Unavailability Vulnerability in Directus by Directus
CVE-2025-30225DirectusDirectus5.3MEDIUMAccess Control Vulnerability in Directus by Directus
CVE-2025-27089DirectusDirectus4.3MEDIUMPrivilege Escalation Vulnerability in Directus API by Directus
CVE-2025-24353DirectusDirectus5MEDIUMUnauthorized Access Vulnerability in Directus Versions 11.0.0-11.3.0
CVE-2024-54151DirectusDirectus vulnerable to HTML Injection
CVE-2024-54128DirectusDirectus5.7MEDIUMDirectus API and App Dashboard Vulnerability - Access Tokens Not Redacted in System Logs
CVE-2024-47822DirectusDirectus4.2MEDIUMBypass of localhost blocking fixed in Directus release versions 10.13.3 and 11.1.0
CVE-2024-46990DirectusUnauthenticated User Access to Last Authenticated User Credentials via OpenID or OAuth2 Vulnerability
CVE-2024-45596DirectusDirectus7.4HIGHModify Presets for Account Takeover
CVE-2024-6534DirectusDirectus4.3MEDIUMArbitrary JavaScript Execution Leads to Account Takeover Vulnerability in Directus v10.13.0
CVE-2024-6533DirectusDirectus5.4MEDIUMDirectus Fixes SSO User Enumeration Vulnerability
CVE-2024-39896DirectusDirectus5.3MEDIUMDirectus Vulnerable to GraphQL DoS Attack
CVE-2024-39895DirectusDirectus6.5MEDIUMBroken Access Control Vulnerability in Directus <= v10.5.3
CVE-2024-39701DirectusDirectus6.3MEDIUMBlind SSRF vulnerability in Directus due to redirects in file import
CVE-2024-39699DirectusDirectus5MEDIUMDirectus Addresses Security Risk in URL Inclusion
CVE-2024-28238DirectusDirectus2.3LOWDirectus API Open Redirect Vulnerability Affects User Credentials
CVE-2024-28239DirectusDirectus4.3MEDIUMDirectus Fixes Security Vulnerability in Previous Versions
CVE-2024-27296DirectusDirectus5.3MEDIUMPassword reset vulnerability in Directus backend allows attackers to receive password reset email of a victim user
CVE-2024-27295DirectusDirectus8.2HIGHDirectus crashes on invalid WebSocket message
CVE-2023-45820DirectusDirectus5.9MEDIUMDirectus has Incorrect Permission Checking for GraphQL Subscriptions
CVE-2023-38503DirectusDirectus5.7MEDIUMdirectus vulnerable to Insertion of Sensitive Information into Log File
CVE-2023-28443DirectusDirectus4.2MEDIUM