Browse all 14 CVE security advisories affecting flarum. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Flarum serves as a lightweight, extensible discussion forum platform primarily used for community engagement and knowledge sharing. Historically, it has been susceptible to multiple remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and insufficient access controls. While no major public security incidents have been widely documented, the platform's 13 recorded CVEs highlight ongoing security concerns, particularly around its extension ecosystem and user permission management. Regular updates and careful configuration remain critical for maintaining secure deployments, as the software's modular architecture introduces potential attack surfaces that require continuous monitoring and patching.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-32671 | XSS vulnerability with translator — coreCWE-79 | 10.0 | Critical | 2021-06-07 |
This page lists every published CVE security advisory associated with flarum. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.