Browse all 3 CVE security advisories affecting verbb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Verbb is a platform that provides workflow automation and integration tools for various business applications. Historically, vulnerabilities in Verbb have included remote code execution, cross-site scripting, and privilege escalation issues, often stemming from improper input validation and access control weaknesses. The platform has recorded three CVEs, with notable security characteristics including its extensive plugin architecture which can introduce additional attack surfaces. While no major public security incidents have been widely reported, the presence of multiple privilege escalation vulnerabilities suggests potential for significant compromise if exploited, particularly in multi-tenant environments where access boundaries are critical.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-32426 | Formie has a XSS vulnerability for email notification content for preview — formieCWE-79 | 4.6 | Medium | 2025-04-11 |
| CVE-2025-32427 | Formie has a XSS vulnerability for importing forms — formieCWE-79 | 7.2AI | HighAI | 2025-04-11 |
| CVE-2024-35191 | verbb/formie Server-Side Template Injection for variable-enabled settings — formieCWE-1336 | 4.4 | Medium | 2024-05-20 |
This page lists every published CVE security advisory associated with verbb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.