Every CVE whose affected-product data names Passbolt Passbolt Api, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2025-27913 — CVSS 7.5 (high): Passbolt API before 5, if the server is misconfigured (with an incorrect installation process and disregarding of Health Check results)…
CVE-2024-33670 — CVSS 4.3 (medium): Passbolt API before 4.6.2 allows HTML injection in a URL parameter, resulting in custom content being displayed when a user visits the…