Browse all 5 CVE security advisories affecting HiEventsDev. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-60119 | Hi.Events < 1.11.0 XSS via Event Title JSON.stringify Injection — Hi.EventsCWE-862 | 5.4 | Medium | 2026-07-14 |
| CVE-2026-60118 | Hi.Events < 1.11.0 Hidden Ticket Enumeration via Order Creation Endpoint — Hi.EventsCWE-862 | 5.3 | Medium | 2026-07-14 |
| CVE-2026-57960 | Hi.Events 1.9.0 - Unauthenticated Attendee PII Exposure via Check-in List short_id — Hi.EventsCWE-359 | 6.5 | Medium | 2026-06-29 |
| CVE-2026-57959 | Hi.Events 1.9.0 - Promo Code Max-Usage Bypass via Asynchronous Job Race Condition — Hi.EventsCWE-367 | 5.9 | Medium | 2026-06-29 |
| CVE-2026-34455 | Hi.Events: SQL Injection via Unvalidated sort_by Query Parameter in Multiple Repository Classes — Hi.EventsCWE-89 | 9.8AI | CriticalAI | 2026-04-01 |
This page lists every published CVE security advisory associated with HiEventsDev. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.