pkg:Packagist/automad/automad

5 total CVEsHIGH1MEDIUM3LOW1

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2026-45332Automad has Broken Access Control: Unauthenticated exposure of administrator bcrypt password hashes and TOTP secrets via public API endpoint
    >= 2.0.0-alpha.1, < 2.0.0-beta.28
  • MEDIUM6.8CVE-2024-40400Automad arbitrary file upload vulnerability
    from 0, < 2.0.0-alpha.5
  • MEDIUM4.8CVE-2021-37502Cross site scripting in automad/automad
    from 0, < 1.8.0
  • MEDIUM4.3CVE-2023-7038Cross-Site Request Forgery (CSRF) in automad/automad
    from 0, < 2.0.0-alpha.1
  • LOW3.7CVE-2023-7037Authenticated Blind SSRF in automad/automad
    from 0, <= 1.10.9