High severity8.1OSV Advisory· Published Apr 1, 2025· Updated Apr 15, 2026

CVE-2025-31132

Description

Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10.

Affected products

The Commit Company/RavenOSV
Range: v1.0.0, v1.1.0, v1.2.0, …

Patches

ee28fb922ea8

https://github.com/the-commit-company/ravenvia osv

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/The-Commit-Company/raven/security/advisories/GHSA-wmrr-3mrv-2p57nvd

News mentions

No linked articles in our index yet.

cvss	0.526
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000