Browse all 5 CVE security advisories affecting WisdomGarden. AI-powered Chinese analysis, POCs, and references for each vulnerability.
WisdomGarden operates as a knowledge management platform enabling collaborative content creation and organizational learning. Historically, the system has been vulnerable to multiple remote code execution flaws, cross-site scripting attacks, and privilege escalation vulnerabilities, with five CVEs documented to date. The platform's web interface and API have shown susceptibility to insufficient input validation and improper access controls, though no major public security incidents have been reported. Recent versions have improved security posture through enhanced input sanitization and stricter authentication mechanisms, though legacy deployments may remain at elevated risk due to unpatched vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-2997 | WisdomGarden|Tronclass - Insecure Direct Object Reference — TronclassCWE-639 | 5.4 | Medium | 2026-02-23 |
| CVE-2025-10719 | WisdomGarden|Tronclass - Insecure Direct Object Reference — TronclassCWE-639 | 4.3 | Medium | 2025-09-19 |
| CVE-2024-6738 | WisdomGarden Tronclass - Broken Access Control — TronclassCWE-284 | 5.3 | Medium | 2024-07-15 |
This page lists every published CVE security advisory associated with WisdomGarden. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.