All 3 CVE vulnerabilities found in twenty, with AI-generated Chinese analysis, references, and POCs.
Vendor: twentyhq
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-33975 | twenty-server SSRF protection bypass via IPv4-mapped IPv6 address normalization CWE-918 | 9.1 | - | 2026-05-05 |
| CVE-2026-35451 | Twenty: Stored XSS via BlockNote FileBlock CWE-79 | 5.7 | Medium | 2026-04-21 |
| CVE-2026-27023 | Twenty: SSRF protection bypass via HTTP redirect following in secure HTTP client CWE-918 | 5.0 | Medium | 2026-03-05 |
All 3 known CVE vulnerabilities affecting twenty with full Chinese analysis, references, and POCs where available.