All 2 CVE vulnerabilities found in lobehub, with AI-generated Chinese analysis, references, and POCs.
Vendor: lobehub
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42045 | LobeHub: Cross-Site Scripting(XSS) escalate to Remote Code Execution(RCE) CWE-79 | 6.2 | Medium | 2026-05-12 |
| CVE-2026-39411 | LobeHub has an unauthenticated authentication bypass on `webapi` routes via forgeable `X-lobe-chat-auth` header CWE-287 | 5.0 | Medium | 2026-04-08 |
All 2 known CVE vulnerabilities affecting lobehub with full Chinese analysis, references, and POCs where available.