Wangyunf Blossom vulnerabilities
2 known vulnerabilities affecting wangyunf/blossom.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-2623P2HIGHCVSS 8.8≤ 1.17.1v1.17.0+1 more2026-02-17
CVE-2026-2623 [HIGH] CWE-22 CVE-2026-2623: A flaw has been found in Blossom up to 1.17.1. This issue affects the function put of the file bloss
A flaw has been found in Blossom up to 1.17.1. This issue affects the function put of the file blossom-backend/common/common-iaas/src/main/java/com/blossom/common/iaas/blos/BLOSManager.java of the component File Upload. This manipulation causes path traversal. The attack may be initiated remotely. The exploit has been published and may be used. The vendo
nvd
CVE-2026-2622P4MEDIUMCVSS 5.4≤ 1.17.1v1.17.0+1 more2026-02-17
CVE-2026-2622 [MEDIUM] CWE-79 CVE-2026-2622: A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function conten
A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation results in cross site scripting. The attack can be launched remotely. The exploit
nvd