Filtered by vendor Twenty
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-26720 | 1 Twenty | 1 Crm | 2026-03-03 | 9.8 Critical |
| An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module. | ||||
| CVE-2024-28434 | 1 Twenty | 1 Twenty | 2025-09-18 | 7.6 High |
| The CRM platform Twenty is vulnerable to stored cross site scripting via file upload in version 0.3.0. A crafted svg file can trigger the execution of the javascript code. | ||||
| CVE-2024-28435 | 1 Twenty | 1 Twenty | 2025-09-18 | 5.4 Medium |
| The CRM platform Twenty version 0.3.0 is vulnerable to SSRF via file upload. | ||||
Page 1 of 1.