Browse all 18 CVE security advisories affecting Mybb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
MyBB serves as a free, open-source forum software platform enabling online community discussions. Historically, it has been susceptible to multiple vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, contributing to its 17 recorded CVEs. While no major public security incidents have been widely documented, the software's persistent vulnerability history suggests a need for rigorous patch management and security hardening. Its PHP-based architecture and extensive customization options may introduce additional attack surfaces if not properly maintained. Regular updates and secure configuration remain critical for mitigating risks associated with this platform.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-47934 | MyBB Timeline Plugin 1.0 Cross-Site Scripting and CSRF — MyBB Timeline PluginCWE-79 | 5.3 | Medium | 2026-05-16 |
This page lists every published CVE security advisory associated with Mybb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.