VYPR
Vendor

Zulip

Products
2
CVEs
67
Across products
86
Status
Private

Products

2

Recent CVEs

67
View all 67 CVEs →
  • CVE-2017-0910HigNov 27, 2017
    risk 0.57cvss 8.8epss 0.01

    In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server create a user account on any other realm.

  • CVE-2026-25741HigFeb 26, 2026
    risk 0.46cvss 7.1epss 0.00

    Zulip is an open-source team collaboration tool. Prior to commit bf28c82dc9b1f630fa8e9106358771b20a0040f7, the API endpoint for creating a card update session during an upgrade flow was accessible to users with only organization member privileges. When the associated Stripe…

  • CVE-2017-0896MedJun 2, 2017
    risk 0.42cvss 6.5epss 0.01

    Zulip Server 1.5.1 and below suffer from an error in the implementation of the invite_by_admins_only setting in the Zulip group chat application server that allowed an authenticated user to invite other users to join a Zulip organization even if the organization was configured…

  • CVE-2018-9990MedApr 18, 2018
    risk 0.40cvss 6.1epss 0.01

    In Zulip Server versions before 1.7.2, there was an XSS issue with stream names in topic typeahead.

  • CVE-2018-9987MedApr 18, 2018
    risk 0.40cvss 6.1epss 0.01

    In Zulip Server versions 1.5.x, 1.6.x, and 1.7.x before 1.7.2, there was an XSS issue with muting notifications.

  • CVE-2018-9986MedApr 18, 2018
    risk 0.40cvss 6.1epss 0.01

    In Zulip Server versions before 1.7.2, there were XSS issues with the frontend markdown processor.

  • CVE-2026-40300MedMay 12, 2026
    risk 0.35cvss 6.5epss 0.00

    Zulip is an open-source team collaboration tool. Prior to 12.0, With message_edit_history_visibility_policy set to "moves", /api/v1/messages/{id}/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users'…

  • CVE-2018-9999MedApr 18, 2018
    risk 0.35cvss 5.4epss 0.01

    In Zulip Server versions before 1.7.2, there was an XSS issue with user uploads and the (default) LOCAL_UPLOADS_DIR storage backend.

  • CVE-2026-26058MedApr 3, 2026
    risk 0.33cvss 6.1epss 0.00

    Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, ./manage.py import reads arbitrary files from the server filesystem via path traversal in uploads/records.json. A crafted export tarball causes the server to copy any file the zulip user…

  • CVE-2017-0881MedMar 28, 2017
    risk 0.28cvss 4.3epss 0.01

    An error in the implementation of an autosubscribe feature in the check_stream_exists route of the Zulip group chat application server before 1.4.3 allowed an authenticated user to subscribe to a private stream that should have required an invitation from an existing member to…

  • CVE-2026-25742MedApr 3, 2026
    risk 0.27cvss 5.3epss 0.00

    Zulip is an open-source team collaboration tool. Prior to version 11.6, Zulip is an open-source team collaboration tool. From version 1.4.0 to before version 11.6, even after spectator access (enable_spectator_access / WEB_PUBLIC_STREAMS_ENABLED) is disabled, attachments…

  • CVE-2025-25195MedFeb 13, 2025
    risk 0.21cvss 4.3epss 0.00

    Zulip is an open source team chat application. A weekly cron job (added in 50256f48314250978f521ef439cafa704e056539) demotes channels to being "inactive" after they have not received traffic for 180 days. However, upon doing so, an event was sent to all users in the…

  • CVE-2026-24050Feb 6, 2026
    risk 0.00cvss epss 0.00

    Zulip is an open-source team collaboration tool. From 5.0 to before 11.5, some administrative actions on the user profile were susceptible to stored XSS in group names or channel names. Exploiting these vulnerabilities required the user explicitly interacting with the…

  • CVE-2025-52559Jul 2, 2025
    risk 0.00cvss epss 0.00

    Zulip is an open-source team chat application. From versions 2.0.0-rc1 to before 10.4 in Zulip Server, the /digest/ URL of a server shows a preview of what the email weekly digest would contain. This URL, though not the digest itself, contains a cross-site scripting (XSS)…

  • CVE-2025-47930May 15, 2025
    risk 0.00cvss epss 0.00

    Zulip is an open-source team chat application. Starting in version 10.0 and prior to version 10.3, the "Who can create public channels" access control mechanism can be circumvented by creating a private or web-public channel, and then changing the channel privacy to public. A…

  • CVE-2025-31478Apr 16, 2025
    risk 0.00cvss epss 0.00

    Zulip is an open-source team collaboration tool. Zulip supports a configuration where account creation is limited solely by being able to authenticate with a single-sign on authentication backend, meaning the organization places no restrictions on email address domains or…

  • CVE-2025-30369Mar 31, 2025
    risk 0.00cvss epss 0.00

    Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an…

  • CVE-2025-30368Mar 31, 2025
    risk 0.00cvss epss 0.00

    Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of…

  • CVE-2025-27149Mar 31, 2025
    risk 0.00cvss epss 0.00

    Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries…

  • CVE-2024-56136Jan 16, 2025
    risk 0.00cvss epss 0.01

    Zulip server provides an open-source team chat that helps teams stay productive and focused. Zulip Server 7.0 and above are vulnerable to an information disclose attack, where, if a Zulip server is hosting multiple organizations, an unauthenticated user can make a request and…