Every CVE whose affected-product data names Cern Indico, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2026-33046 — CVSS 8.8 (high): Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to…
CVE-2025-53640 — CVSS 6.5 (medium): Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Starting in version 2.2…
CVE-2026-28352 — CVSS 6.5 (medium): Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to…
CVE-2026-25739 — CVSS 5.4 (medium): Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Versions prior to 3.3.10…
CVE-2023-37901 — CVSS 5.4 (medium): Indico is an open source a general-purpose, web based event management tool. There is a Cross-Site-Scripting vulnerability in confirmation…
CVE-2025-59035 — CVSS 4.6 (medium): Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Prior to version 3.3.8…
CVE-2026-25738 — CVSS 4.3 (medium): Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Versions prior to 3.3.10…
CVE-2024-45399 — CVSS 4.3 (medium): Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In Indico prior to version…
CVE-2025-59034 — CVSS 4.3 (medium): Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Prior to version 3.3.8, a…
CVE-2024-50633 — CVSS 0.0 (none): A Broken Object Level Authorization (BOLA) vulnerability in Indico through 3.3.5 allows attackers to read information by sending a crafted…