mastodon Summary
Latest vulnerabilities published by mastodon
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Information Disclosure Vulnerability in Mastodon Open-Source Social Network
CVE-2025-62176MastodonMastodon4.3MEDIUMStreaming API Vulnerability in Mastodon Social Network Server
CVE-2025-62175MastodonMastodon4.3MEDIUMPassword Reset Vulnerability in Mastodon Open Source Social Media Platform
CVE-2025-62174MastodonMastodon3.5LOWConfiguration Flaw in Mastodon Open-Source Social Network Server
CVE-2025-54879MastodonMastodon5.3MEDIUMVisibility Flaw in Mastodon Microblogging Platform Allows Unauthorized Access to Block Reasons
CVE-2025-27399MastodonMastodon5.3MEDIUMMissing Rate Limits in Mastodon's Authentication Setup Process
CVE-2025-27157MastodonMastodon5.3MEDIUMRate Limiting Bypass in Mastodon by Mastodon Project
CVE-2023-49952Mastodon ProjectMastodonMastodon API Rate Limiting Bypass Vulnerability
CVE-2024-34535MastodonMastodonMastodon Vulnerability Allows Access to Posts Not Intended for User
CVE-2024-37903MastodonMastodonMastodon vulnerability allows impersonation of remote server accounts
CVE-2024-25623mastodonmastodon7.7HIGHMastodon Addresses Security Risks by Mitigating OAuth Application Destruction Issue
CVE-2024-25619mastodonmastodon4.3MEDIUMPossible account takeover vulnerability in Mastodon due to external authentication providers
CVE-2024-25618MastodonMastodon4.2MEDIUMMastodon Vulnerability: Impersonation Attacks Possible Due to Insufficient Origin Validation
CVE-2024-23832MastodonMastodonππ°9.4CRITICALMastodon Server-Side Request Forgery vulnerability
CVE-2023-42450MastodonMastodon5.4MEDIUMMastodon Invalid Domain Name Normalization vulnerability
CVE-2023-42451MastodonMastodon7.4HIGHMastodon vulnerable to Stored XSS through the translation feature
CVE-2023-42452MastodonMastodon6.1MEDIUMMastodon's verified profile links can be formatted in a misleading way
CVE-2023-36462MastodonMastodon5.4MEDIUMMastodon vulnerable to Cross-site Scripting through oEmbed preview cards
CVE-2023-36459MastodonMastodon9.3CRITICALMastodon vulnerable to arbitrary file creation through media attachments
CVE-2023-36460MastodonMastodonEPSS 34%10CRITICALMastodon vulnerable to Denial of Service through slow HTTP responses
CVE-2023-36461MastodonMastodon7.5HIGHMastodon's blind LDAP injection in login allows the attacker to leak arbitrary attributes from LDAP database
CVE-2023-28853MastodonMastodon7.7HIGHImproper Restriction of Excessive Authentication Attempts in mastodon/mastodon
CVE-2022-2166MastodonMastodon/mastodon9.8CRITICALPrototype Pollution in mastodon/mastodon
CVE-2022-0432mastodonmastodon/mastodonEPSS 34%6.1MEDIUM