Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

outline — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting outline. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Outline is a collaborative note-taking and knowledge management tool used for organizing information and team collaboration. Historically, it has been susceptible to multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues. The application's web interface and API have been primary attack vectors, with several critical flaws allowing unauthorized access or system compromise. While no major public security incidents have been widely reported, the 11 documented CVEs indicate a pattern of security challenges that require ongoing vigilance. Users should ensure timely patching and implement proper access controls to mitigate risks associated with these vulnerabilities.

Found 9 results / 11Clear Filters
Top products by outline: outline outline/outline
CVE IDTitleCVSSSeverityPublished
CVE-2026-41649 Outline has IDOR in document share creation that allows unauthorized access to private documents across workspaces — outlineCWE-639 7.7 High2026-04-28
CVE-2026-33640 Outline has a rate limit bypass that allows brute force of email login OTP — outlineCWE-307 9.1 -2026-03-26
CVE-2026-28506 Outline's Information Disclosure in Activity Logs allows User Enumeration of Private Drafts — outlineCWE-200 4.3 Medium2026-03-17
CVE-2026-24901 Outline's IDOR allows unauthorized viewing and seizing of private deleted drafts — outlineCWE-639 8.1 High2026-03-17
CVE-2025-68663 Outline has a suspended user authentication bypass via WebSocket connections — outlineCWE-287 4.3AIMediumAI2026-02-11
CVE-2025-64487 Outline is vulnerable to privilege escalation vulnerability in document sharing — outlineCWE-269 7.6 High2026-02-11
CVE-2026-25062 Outline Affected an Arbitrary File Read via Path Traversal in JSON Import — outlineCWE-22 5.5 Medium2026-02-11
CVE-2025-58351 Outline's Local File Storage Feature can Cause CSP Bypass — outlineCWE-79 6.8 Medium2025-09-03
CVE-2024-40626 Stored Cross-site Scripting (XSS) vulnerability in Outline editor — outlineCWE-79 7.3 High2024-07-16

This page lists every published CVE security advisory associated with outline. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.