cbcvebase.

Flagforge vulnerabilities

8 known vulnerabilities affecting flagforge/flagforge.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2025-61777P2CRITICALCVSS 9.1≥ 2.0, < 2.3.22025-10-06
CVE-2025-61777 [CRITICAL] CWE-200 CVE-2025-61777: Flag Forge is a Capture The Flag (CTF) platform. Starting in version 2.0.0 and prior to version 2.3. Flag Forge is a Capture The Flag (CTF) platform. Starting in version 2.0.0 and prior to version 2.3.2, the `/api/admin/badge-templates` (GET) and `/api/admin/badge-templates/create` (POST) endpoints previously allowed access without authentication or authorization. This could have enabled unauthorized users to retrieve all badge templates and sens
nvd
CVE-2025-59827P3CRITICALCVSS 9.8v2.1.02025-09-24
CVE-2025-59827 [CRITICAL] CWE-862 CVE-2025-59827: Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, the /api/admin/assign-badge endpo Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, the /api/admin/assign-badge endpoint lacks proper access control, allowing any authenticated user to assign high-privilege badges (e.g., Staff) to themselves. This could lead to privilege escalation and impersonation of administrative roles. This issue has been patched in version 2
nvd
CVE-2025-59841P3CRITICALCVSS 9.8≥ 2.2, < 2.3.12025-09-25
CVE-2025-59841 [CRITICAL] CWE-384 CVE-2025-59841: Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.2.0 to before 2.3.1, the FlagFor Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.2.0 to before 2.3.1, the FlagForge web application improperly handles session invalidation. Authenticated users can continue to access protected endpoints, such as /api/profile, even after logging out. CSRF tokens are also still valid post-logout, which can allow unauthorized acti
nvd
CVE-2025-59932P3HIGHCVSS 8.2≥ 2.0, < 2.3.12025-09-27
CVE-2025-59932 [HIGH] CWE-284 CVE-2025-59932: Flag Forge is a Capture The Flag (CTF) platform. From versions 2.0.0 to before 2.3.1, the /api/resou Flag Forge is a Capture The Flag (CTF) platform. From versions 2.0.0 to before 2.3.1, the /api/resources endpoint previously allowed POST and DELETE requests without proper authentication or authorization. This could have enabled unauthorized users to create, modify, or delete resources on the platform. The issue has been fixed in FlagForge version 2.
nvd
CVE-2025-59826P3HIGHCVSS 7.6v2.1.02025-09-23
CVE-2025-59826 [HIGH] CWE-862 CVE-2025-59826: Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, non-admin users can create arbitr Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, non-admin users can create arbitrary challenges, potentially introducing malicious, incorrect, or misleading content. This issue has been patched in version 2.2.0.
nvd
CVE-2025-59833P3HIGHCVSS 7.5≥ 2.1.0, < 2.32025-09-24
CVE-2025-59833 [HIGH] CWE-200 CVE-2025-59833: Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.1.0 to before 2.3.0, the API end Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has unlocked them via point deduction. Users can view all hints for free, undermining the business logic of the platform and redu
nvd
CVE-2026-21868P3HIGHCVSS 7.5≥ 2.0, < 2.3.32026-01-08
CVE-2026-21868 [HIGH] CWE-1333 CVE-2026-21868: Flag Forge is a Capture The Flag (CTF) platform. Versions 2.3.2 and below have a Regular Expression Flag Forge is a Capture The Flag (CTF) platform. Versions 2.3.2 and below have a Regular Expression Denial of Service (ReDoS) vulnerability in the user profile API endpoint (/api/user/[username]). The application constructs a regular expression dynamically using unescaped user input (the username parameter). An attacker can exploit this by sending a s
nvd
CVE-2025-59843P4MEDIUMCVSS 5.3≥ 2.0, < 2.3.12025-09-26
CVE-2025-59843 [MEDIUM] CWE-359 CVE-2025-59843: Flag Forge is a Capture The Flag (CTF) platform. From versions 2.0.0 to before 2.3.2, the public end Flag Forge is a Capture The Flag (CTF) platform. From versions 2.0.0 to before 2.3.2, the public endpoint /api/user/[username] returns user email addresses in its JSON response. The fix, intended for release in 2.3.1 but only available starting in version 2.3.2, removes email addresses from public API responses while keeping the endpoint publicly ac
nvd
Flagforge vulnerabilities | cvebase