Every CVE whose affected-product data names Withknown Known, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-26273 — CVSS 9.8 (critical): Known is a social publishing platform. Prior to 1.6.3, a Critical Broken Authentication vulnerability exists in Known 1.6.2 and earlier…
CVE-2022-33011 — CVSS 8.8 (high): Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host header injection attack.
CVE-2026-28508 — CVSS 8.6 (high): Idno is a social publishing platform. Prior to version 1.6.4, a logic error in the API authentication flow causes the CSRF protection on…
CVE-2026-28507 — CVSS 7.2 (high): Idno is a social publishing platform. Prior to version 1.6.4, there is a remote code execution vulnerability via chained import file write…
CVE-2022-32115 — CVSS 6.1 (medium): An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file.
CVE-2022-31290 — CVSS 5.4 (medium): A cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or…