Browse all 5 CVE security advisories affecting knadh. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Knadh is a web-based platform primarily used for content management and data visualization, with core applications in dashboard creation and information presentation. Historically, vulnerabilities in Knadh have commonly included cross-site scripting (XSS) and remote code execution (RCE), often stemming from improper input validation and insecure API endpoints. The platform has also exhibited privilege escalation issues due to weak access controls. While no major public security incidents have been widely documented, the five CVEs associated with Knadh highlight recurring patterns in web application security flaws, particularly around user input handling and authentication mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-34828 | listmonk: Active sessions remain valid after password reset and password change — listmonkCWE-613 | 7.1 | High | 2026-04-02 |
| CVE-2026-34584 | listmonk: Broken Access Control in CSV Import (Unauthorized List Assignment) — listmonkCWE-639 | 5.4 | Medium | 2026-04-02 |
| CVE-2026-21483 | listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover — listmonkCWE-79 | 5.4 | - | 2026-01-02 |
| CVE-2025-58430 | listmonk Vulnerable to CSRF to XSS Chain That Can Lead to Admin Account Takeover — listmonkCWE-80 | 9.1AI | CriticalAI | 2025-09-09 |
| CVE-2025-49136 | listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user — listmonkCWE-1336 | 9.1 | Critical | 2025-06-09 |
This page lists every published CVE security advisory associated with knadh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.