Every CVE whose affected-product data names Ghostfol Ghostfolio, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-28785 — CVSS 9.8 (critical): Ghostfolio is an open source wealth management software. Prior to version 2.244.0, by bypassing symbol validation, an attacker can execute…
CVE-2026-28680 — CVSS 9.3 (critical): Ghostfolio is an open source wealth management software. Prior to version 2.245.0, an attacker can exploit the manual asset import feature…