RubyGems CVE Archive

devise CVE Vulnerabilities

All known CVEs affecting devise. Kodem’s runtime-powered SCA reveals which are actually reachable in your application.

Known vulnerabilities
CVE
Summary
Severity
CVE-2026-40295
Devise has an Open Redirect via Unvalidated `request.referrer` in Timeoutable…
Medium
CVE-2026-32700
Devise has a confirmable "change email" race condition permits user to confirm…
Medium
CVE-2015-8314
Devise Gem for Ruby Unauthorized Access Using "Remember Me" Cookie
High
CVE-2019-16109
Authentication Bypass in Devise
Medium

Prioritize devise vulnerabilities

Kodem Kai can identify which of these CVEs are reachable in your dependency tree and generate targeted fix recommendations.

Get a demo →

Stop the waste.
Protect your environment with Kodem.

Get a personalized demo
Get a personalized demo