Every CVE whose affected-product data names Rallly, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2025-47781 — CVSS 9.8 (critical): Rallly is an open-source scheduling and collaboration tool. Versions up to and including 3.22.1 of the application features token based…
CVE-2025-65021 — CVSS 9.1 (critical): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR)…
CVE-2025-65034 — CVSS 8.1 (high): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization vulnerability allows any…
CVE-2025-65033 — CVSS 8.1 (high): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature…
CVE-2025-65029 — CVSS 8.1 (high): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference (IDOR)…
CVE-2025-65030 — CVSS 7.1 (high): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the comment deletion API…
CVE-2025-65031 — CVSS 6.5 (medium): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization flaw in the comment creation…
CVE-2025-65032 — CVSS 6.5 (medium): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR)…
CVE-2025-65028 — CVSS 6.5 (medium): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an insecure direct object reference (IDOR)…
CVE-2025-65020 — CVSS 6.5 (medium): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an Insecure Direct Object Reference (IDOR)…
CVE-2025-66027 — CVSS 6.5 (medium): Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes…