Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

leepeuker — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting leepeuker. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Leepeuker primarily develops web applications and APIs, focusing on custom business solutions. Historically, their vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and misconfigured access controls. Their codebases frequently exhibit insecure direct object references and insufficient session management. While no major public incidents have been documented, their consistent presence in CVE records suggests systemic security challenges in their development lifecycle. The pattern of vulnerabilities indicates a need for improved secure coding practices and thorough security testing across their projects.

Top products by leepeuker: movary
CVE IDTitleCVSSSeverityPublished
CVE-2026-40350 Movary User Management (/settings/users) has Authorization Bypass that Allows Low-Privileged Users to Enumerate All Users and Create Administrator Accounts — movaryCWE-863 8.8 High2026-04-18
CVE-2026-40349 Authenticated Movary User Can Self-Escalate to Administrator via PUT /settings/users/{userId} by Setting isAdmin=true — movaryCWE-862 8.8 High2026-04-18
CVE-2026-40348 Movary has Authenticated SSRF via Jellyfin Server URL Verification that Allows Internal Network Probing — movaryCWE-918 7.7 High2026-04-18
CVE-2026-23841 Movary vulnerable to Cross-site Scripting with `?categoryCreated=` param — movaryCWE-20 9.3 Critical2026-01-19
CVE-2026-23840 Movary vulnerable to Cross-site Scripting with `?categoryDeleted=` param — movaryCWE-20 9.3 Critical2026-01-19
CVE-2026-23839 Movary vulnerable to Cross-site Scripting with `?categoryUpdated=` param — movaryCWE-20 9.3 Critical2026-01-19
CVE-2025-64115 Movary unvalidated Referer header allows open redirect and phishing — movaryCWE-601 6.1AIMediumAI2025-10-30
CVE-2025-64116 Movary vulnerable to an open redirect — movaryCWE-601 6.1AIMediumAI2025-10-30

This page lists every published CVE security advisory associated with leepeuker. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.