cryptpad
Security Risk Profile
42
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 4 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from June 18, 2025 to present
4
Total CVEs
2
Critical+High
0
Exploited
0
Unpatched
Threat Assessment
Avg CVSS
7.5
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
0
Critical/High
Risk Level
42/100
medium
🆕 1Fresh (<7d)📈 2 in Last 30 Days
Severity Distribution
Critical
1High
1Medium
2Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
2Age Distribution
Common Weaknesses (CWE)
1
XSS
2
Most Affected Products
1. CryptPad CryptPad4
2. XWiki CryptPad3
Recent Vulnerabilities
See more →CVE-2026-26028
CVSS 6.1medium
CryptPad: Sanitizer Bypass in Diffmarked.js Allows Arbitrary HTML Injection and Potential XSS
5/20/2026🔧 No Patch
CVE-2025-51846
CVSS 8.7high
CryptPad unbounded WebSocket frame flood
4/30/2026
CVE-2025-49591
CVSS 9.1EPSS 0%critical
CryptPad 2FA Bypass Vulnerability
6/18/2025
CVE-2025-49590
CVSS 6.1EPSS 0%medium
CryptPad Dom-Based Cross-Site Scripting (XSS) Vulnerability
6/18/2025
Monitor cryptpad in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.