Vulnerabilities in fedify-dev

6 results

CVE-2025-54888HIGH@fedify/fedify: Improper Authentication and Incorrect AuthorizationEPSS 0.7%CVE-2025-68475HIGHFedify has ReDoS Vulnerability in HTML Parsing RegexEPSS 0.5%CVE-2026-25808HIGHHollo DMs get leaked and can be seen on Webfinger BrowserEPSS 0.4%CVE-2026-50131HIGHFedify has an incomplete SSRF mitigation after GHSA-p9cg-vqcc-grcx: validatePublicUrl allows special-use IPv4 rangesEPSS 0.3%CVE-2025-53941MEDIUMHollo renders posts received with form elements and allows submissionEPSS 0.2%CVE-2026-42462HIGHFedify has an LD-Signature Bypass via JSON-LD Named-Graph RestructuringEPSS 0.2%