Every CVE whose affected-product data names Framasoft Peertube, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2025-32947 — CVSS 7.5 (high): This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox"…
CVE-2025-32948 — CVSS 7.5 (high): The vulnerability allows any attacker to cause the PeerTube server to stop functioning, or in special cases send requests to arbitrary URLs…
CVE-2025-32949 — CVSS 6.5 (medium): This vulnerability allows any authenticated user to cause the server to consume very large amounts of disk space when extracting a Zip…
CVE-2022-0881 — CVSS 6.5 (medium): Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1.
CVE-2025-32944 — CVSS 6.5 (medium): The vulnerability allows any authenticated user to cause the PeerTube server to stop functioning in a persistent manner. If user import is…
CVE-2021-3780 — CVSS 6.1 (medium): peertube is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2025-32946 — CVSS 5.3 (medium): This vulnerability allows any attacker to add playlists to a different user’s channel using the ActivityPub protocol. The vulnerable code…
CVE-2022-0508 — CVSS 5.3 (medium): Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832
CVE-2025-32945 — CVSS 4.3 (medium): The vulnerability allows an existing user to add playlists to a different user’s channel using the PeerTube REST API. The vulnerable code…
CVE-2025-32943 — CVSS 3.7 (low): The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files from the PeerTube server due to a path…