Every CVE whose affected-product data names Leepeuker Movary, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2026-23840 — CVSS 9.3 (critical): Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can…
CVE-2026-23841 — CVSS 9.3 (critical): Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can…
CVE-2026-23839 — CVSS 9.3 (critical): Movary is a web application to track, rate and explore your movie watch history. Due to insufficient input validation, attackers can…
CVE-2026-40350 — CVSS 8.8 (high): Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can…
CVE-2026-40349 — CVSS 8.8 (high): Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can…
CVE-2026-40348 — CVSS 7.7 (high): Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can…
CVE-2025-64115 — CVSS 6.1 (medium): Movary is a web application to track, rate and explore your movie watch history. Versions up to and including 0.68.0 use the HTTP Referer…
CVE-2025-64116 — CVSS 6.1 (medium): Movary is a web application to track, rate and explore your movie watch history. Prior to 0.69.0, the login page accepts a redirect…