Package impact
Go / github.com/knadh/listmonk
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49136 | unknown | — | 1.0 | 1y ago | listmonk's Sprig template Injection vulnerability leads to reading of Environment Variable for low privilege user in github.com/knadh/listmonk | |||
| CVE-2026-34828 | unknown | — | — | 2mo ago | listmonk's active sessions remain valid after password reset and password change | |||
| CVE-2026-21483 | unknown | — | — | 5mo ago | listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover in github.com/knadh/listmonk | |||
| CVE-2025-58430 | unknown | — | — | 9mo ago | listmonk: CSRF to XSS Chain can Lead to Admin Account Takeover in github.com/knadh/listmonk |