Browse all 4 CVE security advisories affecting Brevo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Brevo provides a digital communication platform for email marketing, CRM, and transactional messaging. Historically, vulnerabilities have included stored cross-site scripting (XSS) in email templates, remote code execution (RCE) in file upload features, and privilege escalation flaws in administrative panels. The platform has experienced security incidents, including a 2023 data breach affecting 33 million users where email addresses and IP addresses were exposed. Security assessments often identify input validation weaknesses and insufficient access controls, particularly in user-generated content handling. While the company has addressed reported issues through patches, the persistent presence of multiple CVEs indicates ongoing challenges in secure coding practices across their web applications.
Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with Brevo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.