pkg:Go/miniflux.app/v2
8 total CVEsHIGH1MEDIUM5
✅ Check your installed version
All known vulnerabilities
- HIGH7.5CVE-2023-27591Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metricsfrom 0, < 2.0.43
- MEDIUM6.5CVE-2026-21885Miniflux Media Proxy SSRF via /proxy endpoint allows access to internal network resources in miniflux.appfrom 0, < 2.2.16
- MEDIUM6.5CVE-2026-21885Miniflux Media Proxy SSRF via /proxy endpoint allows access to internal network resources in miniflux.appfrom 0, < 2.2.16
- MEDIUM6.1CVE-2025-67713Miniflux has an Open Redirect via protocol-relative redirect_url in miniflux.appfrom 0, < 2.2.15
- MEDIUM6.1CVE-2025-67713Miniflux has an Open Redirect via protocol-relative redirect_url in miniflux.appfrom 0, < 2.2.15
- MEDIUM4.8CVE-2023-27592Stored XSS in Miniflux when opening a broken image due to unescaped ServerError in proxy handler>= 2.0.25, < 2.0.43
- —CVE-2025-31483Miniflux Media Proxy vulnerable to Stored Cross-site Scripting due to improper Content-Security-Policy configuration in miniflux.appfrom 0, < 2.2.7
- —CVE-2025-31483Miniflux Media Proxy vulnerable to Stored Cross-site Scripting due to improper Content-Security-Policy configuration in miniflux.appfrom 0, < 2.2.7