Benjaminjonard Koillection — known CVE vulnerabilities
Every CVE whose affected-product data names Benjaminjonard Koillection, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-29746 — CVSS 6.1 (medium): Cross Site Scripting vulnerability in Koillection v.1.6.10 allows a remote attacker to escalate privileges via the collection, Wishlist and…
CVE-2025-9747 — CVSS 4.3 (medium): A vulnerability has been found in Koillection up to 1.6.18. Affected is an unknown function of the file assets/controllers/csrf_protection_c…