Medium severity4.3OSV Advisory· Published Mar 25, 2025· Updated Apr 15, 2026
CVE-2025-30741
CVE-2025-30741
Description
Pixelfed before 0.12.5 allows anyone to follow private accounts and see private posts on other Fediverse servers. This affects users elsewhere in the Fediverse, if they otherwise have any followers from a Pixelfed instance.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
pixelfed/pixelfedPackagist | < 0.12.5 | 0.12.5 |
Affected products
2Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.