VYPR

Home Gallery

by Xemle

Source repositories

CVEs (3)

  • CVE-2024-53276MedDec 23, 2024
    risk 0.41cvss epss 0.01

    Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, an open CORS policy in app.js may allow an attacker to view the images of home-gallery when it is using the default settings. The following express middleware…

  • CVE-2024-53275MedDec 23, 2024
    risk 0.34cvss epss 0.00

    Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. In 1.15.0 and earlier, the default setup of home-gallery is vulnerable to DNS rebinding. Home-gallery is set up without TLS and user authentication by default, leaving it vulnerable…

  • CVE-2026-28679Mar 6, 2026
    risk 0.00cvss epss 0.00

    Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Prior to version 1.21.0, when a user requests a download, the application does not verify whether the requested file is located within the media source directory, which can result in…