VYPR

Blossom

by Wangyunf

CVEs (2)

  • CVE-2026-2623MedFeb 17, 2026
    risk 0.41cvss 6.3epss 0.01

    A flaw has been found in Blossom up to 1.17.1. This issue affects the function put of the file blossom-backend/common/common-iaas/src/main/java/com/blossom/common/iaas/blos/BLOSManager.java of the component File Upload. This manipulation causes path traversal. The attack may be…

  • CVE-2026-2622LowFeb 17, 2026
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in Blossom up to 1.17.1. This vulnerability affects the function content of the file blossom-backend/backend/src/main/java/com/blossom/backend/server/article/draft/ArticleController.java of the component Article Title Handler. The manipulation…