Every CVE whose affected-product data names Mauriceboe Trek, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-40185 — CVSS 7.1 (high): TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes…
CVE-2026-40184 — CVSS 3.7 (low): TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is…