Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

lukevella — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting lukevella. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Lukevella primarily develops web applications and APIs for enterprise clients, with a core focus on custom business solutions. Historically, vulnerabilities associated with this developer include multiple remote code execution flaws, cross-site scripting (XSS) issues, and privilege escalation weaknesses, often stemming from insufficient input validation and misconfigured access controls. Security assessments have revealed patterns of inadequate parameter sanitization and insecure direct object references. While no major public security incidents have been documented, the consistent presence of similar vulnerability classes across multiple CVEs suggests systemic security gaps in development practices, particularly regarding secure coding standards and security testing protocols.

Top products by lukevella: rallly
CVE IDTitleCVSSSeverityPublished
CVE-2026-6493 lukevella rallly Reset Password reset-password-form.tsx cross site scripting — ralllyCWE-79 3.5 Low2026-04-17
CVE-2025-66027 Rallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy Settings — ralllyCWE-200 4.3 -2025-11-29
CVE-2025-65034 Rallly Improper Authorization Allows Reopening of Any Finalized Poll via Public pollId — ralllyCWE-639 8.1 High2025-11-19
CVE-2025-65033 Rallly Broken Authorization: Any User Can Pause or Resume Any Poll via Poll ID Manipulation — ralllyCWE-285 8.1 High2025-11-19
CVE-2025-65032 Rallly Has an IDOR Vulnerability in Participant Rename Function Allows Unauthorized Modification of Other Users’ Names — ralllyCWE-639 6.5 Medium2025-11-19
CVE-2025-65031 Rallly Improper Authorization in Comment Endpoint Allows User Impersonation — ralllyCWE-285 6.5 Medium2025-11-19
CVE-2025-65030 Rallly Improper Authorization in Comment Deletion Endpoint Allows Unauthorized Comment Removal — ralllyCWE-285 7.1 High2025-11-19
CVE-2025-65029 Rallly Has an IDOR Vulnerability in Participant Deletion Endpoint Allows Unauthorized Removal of Poll Participants — ralllyCWE-285 8.1 High2025-11-19
CVE-2025-65021 Rallly Has Unauthorized Poll Finalization via Insecure Direct Object Reference (IDOR) — ralllyCWE-285 9.1 Critical2025-11-19
CVE-2025-65020 Rallly Has Unauthorized Poll Duplication via Insecure Direct Object Reference (IDOR) — ralllyCWE-285 6.5 Medium2025-11-19
CVE-2025-65028 Rallly Has an IDOR Vulnerability in Vote Update Endpoint Allows Unauthorized Manipulation of Participant Votes — ralllyCWE-285 6.5 Medium2025-11-19
CVE-2025-47781 Rallly Insufficient Password Login Token Entropy Leads to Account Takeover — ralllyCWE-331 9.8 Critical2025-05-14

This page lists every published CVE security advisory associated with lukevella. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.