Browse all 5 CVE security advisories affecting miniflux. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Miniflux is a self-hosted RSS reader and feed aggregator designed for users seeking a lightweight, privacy-focused alternative to cloud-based services. Historically, it has been susceptible to various vulnerability classes including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation, primarily stemming from improper input validation and authentication flaws. The project maintains an active security response, addressing issues promptly when disclosed. While no major public security incidents have been widely reported, the presence of five CVEs indicates a need for regular updates and careful configuration by users to mitigate potential risks in this open-source application.
Showing up to 20 recent security advisories. View all →
This page lists every published CVE security advisory associated with miniflux. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.