Every CVE whose affected-product data names Getgrist Grist-core, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2026-24002 — CVSS 9.0 (critical): Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox…
CVE-2024-56357 — CVSS 8.1 (high): grist-core is a spreadsheet hosting server. A user visiting a malicious document or submitting a malicious form could have their account…
CVE-2024-56358 — CVSS 8.1 (high): grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could have their account…
CVE-2024-56359 — CVSS 8.1 (high): grist-core is a spreadsheet hosting server. A user visiting a malicious document and clicking on a link in a HyperLink cell using a control…
CVE-2025-64752 — CVSS 6.8 (medium): grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a…
CVE-2025-64753 — CVSS 5.3 (medium): grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access…