mantisbt/mantisbt vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-44657Highmantisbt/mantisbt: MantisBT Vulnerable to Stored XSS in File DownloadCVE-2026-44655Highmantisbt/mantisbt: MantisBT has Stored XSS on Move Attachments Admin PageCVE-2026-42071Highmantisbt/mantisbt: MantisBT has a Private Bugnote Attachment Content Leak via REST APICVE-2026-42070Mediummantisbt/mantisbt: MantisBT: Authorization Bypass in Bugnote Editing via Issue Update APICVE-2026-41897Mediummantisbt/mantisbt: MantisBT is Vulnerable to Reflected XSS in Rendering Dynamic Custom Textarea FieldCVE-2026-40607Highmantisbt/mantisbt: MantisBT is Vulnerable to Stored XSS in Saved-Filter Owner ColumnCVE-2026-40598Mediummantisbt/mantisbt: MantisBT has Potential Referer-Based Reflected HTML Injection / XSS in Tag Update PageCVE-2026-40597Highmantisbt/mantisbt: MantisBT has a Content Security Policy bypass via attachmentsCVE-2026-40596Highmantisbt/mantisbt: MantisBT is Vulnerable to XSS leading to account takeover via updating a user's font family…CVE-2026-39960Mediummantisbt/mantisbt: MantisBT is Vulnerable to Stored XSS in Custom Field Textarea ValuesCVE-2026-34970Mediummantisbt/mantisbt: MantisBT: Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is RevokedCVE-2026-34754Mediummantisbt/mantisbt: MantisBT has an Authorization Bypass that Allows Uploading Attachments to Private Issues via REST…CVE-2026-34744Mediummantisbt/mantisbt: MantisBT has an authorization bypass that allows reading attachments after losing access to a…CVE-2026-34579Mediummantisbt/mantisbt: MantisBT has an authorization bypass in private issue monitoringCVE-2026-34463Highmantisbt/mantisbt: MantisBT is Vulnerable to Stored HTML Injection/XSS in Clone Issue FormCVE-2026-34390Mediummantisbt/mantisbt: MantisBT Vulnerable to Privilege Escalation from Manager to AdministratorCVE-2026-33052Mediummantisbt/mantisbt: MantisBT Has Authorization Bypass in Global Profile CreationCVE-2026-33548Highmantisbt/mantisbt: MantisBT has Stored HTML Injection/XSS when displaying Tags in TimelineCVE-2026-33517Highmantisbt/mantisbt: MantisBT Vulnerable to Stored HTML Injection in Tag Delete ConfirmationCVE-2026-30849Criticalmantisbt/mantisbt: MantisBT is vulnerable to authentication bypass through the SOAP API on MySQLCVE-2025-62520Mediummantisbt/mantisbt: MantisBT unauthorized disclosure of private project column configurationCVE-2025-55155Mediummantisbt/mantisbt: MantisBT lacks verification when changing a user's email addressCVE-2025-46556Mediummantisbt/mantisbt: MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note LengthCVE-2025-47776Highmantisbt/mantisbt: MantisBT vulnerable to authentication bypass for some passwords due to PHP type jugglingCVE-2024-45792Mediummantisbt/mantisbt: MantisBT vulnerable to information disclosure with user profiles

Stop the waste.
Protect your environment with Kodem.