Every CVE whose affected-product data names Yooooomi Your Spotify, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2024-28194 — CVSS 9.1 (critical): your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions < 1.8.0 use a hardcoded JSON Web Token (JWT)…
CVE-2024-28195 — CVSS 8.1 (high): your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions < 1.9.0 do not protect the API and login flow…
CVE-2024-28193 — CVSS 6.5 (medium): your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version <1.8.0 allows users to create a public token in…
CVE-2024-28196 — CVSS 6.5 (medium): your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version < 1.9.0 does not prevent other pages from…
CVE-2024-28192 — CVSS 5.3 (medium): your_spotify is an open source, self hosted Spotify tracking dashboard. YourSpotify version <1.8.0 is vulnerable to NoSQL injection in the…