Localsend
by Localsend
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-25154 | 0.00 | — | 0.00 | Jan 30, 2026 | LocalSend is a free, open-source app that allows users to share files and messages with nearby devices over their local network without needing an internet connection. In versions up to and including 1.17.0, when a user initiates a "Share via Link" session, the LocalSend… | |||
| CVE-2025-54792 | 0.00 | — | 0.00 | Aug 1, 2025 | LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle (MitM) vulnerability in the software's discovery protocol allows an… | |||
| CVE-2025-27142 | 0.00 | — | 0.01 | Feb 25, 2025 | LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the `POST… |
- CVE-2026-25154Jan 30, 2026risk 0.00cvss —epss 0.00
LocalSend is a free, open-source app that allows users to share files and messages with nearby devices over their local network without needing an internet connection. In versions up to and including 1.17.0, when a user initiates a "Share via Link" session, the LocalSend…
- CVE-2025-54792Aug 1, 2025risk 0.00cvss —epss 0.00
LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle (MitM) vulnerability in the software's discovery protocol allows an…
- CVE-2025-27142Feb 25, 2025risk 0.00cvss —epss 0.01
LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the `POST…