CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Xwiki: >> Cryptpad >> 2026.2.0 Security Vulnerabilities

CVE-2025-51846

CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad instance. Fixed in 2026.2.2.

CVSS Score

8.7

EPSS Score

0.005

Published

2026-04-30

Page 1

Vulnerabilities

Vulnerable Software

Xwiki: >> Cryptpad >> 2026.2.0 Security Vulnerabilities

Products

Pricing

Contact Us