Browse all 15 CVE security advisories affecting Sourceforge. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Sourceforge serves as a primary platform for open-source software development, hosting code repositories and facilitating project collaboration. Historically, the platform has been susceptible to various vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with 15 CVEs currently documented. Notable security characteristics include its long-standing presence in the open-source community, which has made it a target for attacks. Major incidents have included supply chain attacks where malicious code was injected into legitimate projects, compromising developer and user systems. Despite these challenges, the platform remains widely used, necessitating ongoing security vigilance from both the maintainers and its user base.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-25539 | 202CMS v10 beta SQL Injection via register.php — 202CMSCWE-89 | 8.2 | High | 2026-03-12 |
| CVE-2019-25538 | 202CMS v10 beta SQL Injection via log_user Parameter — 202CMSCWE-89 | 8.2 | High | 2026-03-12 |
This page lists every published CVE security advisory associated with Sourceforge. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.