CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Django-Unicorn: >> Unicorn >> 0.36.1 Security Vulnerabilities

CVE-2026-31815

Unicorn adds modern reactive component functionality to your Django templates. Prior to 0.67.0, component state manipulation is possible in django-unicorn due to missing access control checks during property updates and method calls. An attacker can bypass the intended _is_public protection to modify internal attributes such as template_name or trigger protected methods. This vulnerability is fixed in 0.67.0.

CVSS Score

5.3

EPSS Score

0.0

Published

2026-03-10

Page 1

Vulnerabilities

Vulnerable Software

Django-Unicorn: >> Unicorn >> 0.36.1 Security Vulnerabilities

Products

Pricing

Contact Us