Vulnerabilidades en twentyhq

5 resultados

CVE-2026-46624CRITICALTwenty: SQL Injection via the timeZone fieldEPSS 0.5%CVE-2026-44729HIGHTwenty: Stored Cross-Site Scripting via Unsanitized File Serving (Missing Content-Type/Content-Disposition Headers)EPSS 0.3%CVE-2026-35451MEDIUMTwenty: Stored XSS via BlockNote FileBlockEPSS 0.2%CVE-2026-33975HIGHtwenty-server SSRF protection bypass via IPv4-mapped IPv6 address normalizationEPSS 0.2%CVE-2026-27023MEDIUMTwenty: SSRF protection bypass via HTTP redirect following in secure HTTP clientEPSS 0.2%