VYPR
Vendor

Initiative

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2026-28276Feb 26, 2026
    risk 0.00cvss epss 0.00

    Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or authorization checks. Any…

  • CVE-2026-28274Feb 26, 2026
    risk 0.00cvss epss 0.01

    Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting (XSS) in the document upload functionality. Any user with upload permissions within the "Initiatives" section can upload a malicious…

  • CVE-2022-47943HigDec 23, 2022
    risk 0.00cvss 8.1epss 0.04

    An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is an out-of-bounds read and OOPS for SMB2_WRITE, when there is a large length in the zero DataOffset case.