Skip to main content

Zulip EUVDEUVD-2026-29537

| CVE-2026-40300 MEDIUM
Improper Access Control (CWE-284)
2026-05-12 GitHub_M
6.0
CVSS 4.0 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
6.0 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
May 12, 2026 - 18:03 EUVD
CVSS changed
May 12, 2026 - 17:22 NVD
6.0 (MEDIUM)
CVE Published
May 12, 2026 - 16:33 nvd
MEDIUM 6.0
CVE Published
May 12, 2026 - 16:33 nvd
UNKNOWN (no severity yet)

DescriptionGitHub Advisory

Zulip is an open-source team collaboration tool. Prior to 12.0, With message_edit_history_visibility_policy set to "moves", /api/v1/messages/{id}/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users' messages. This vulnerability is fixed in 12.0.

Analysis

Zulip is an open-source team collaboration tool. Prior to 12.0, With message_edit_history_visibility_policy set to "moves", /api/v1/messages/{id}/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users' messages. This vulnerability is fixed in 12.0.

More in Zulip

View all
CVE-2021-41115 MEDIUM POC
6.5 Oct 07

Zulip is an open source team chat server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable,

CVE-2022-31168 HIGH
8.8 Jul 22

Zulip is an open source team chat tool. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low

CVE-2019-10476 HIGH
7.8 Oct 23

Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted in its global configuration file on the Jenkins ma

CVE-2022-24751 HIGH
7.4 Mar 16

Zulip is an open source group chat application. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitab

CVE-2026-26058 MEDIUM
6.1 Apr 03

Path traversal in Zulip's ./manage.py import function allows local attackers to read arbitrary files from the server fil

CVE-2022-35962 MEDIUM
5.7 Aug 29

Zulip is an open source team chat and Zulip Mobile is an app for iOS and Andriod users. Rated medium severity (CVSS 5.7)

CVE-2024-36624 MEDIUM
5.4 Nov 29

Zulip 8.3 is vulnerable to Cross Site Scripting (XSS) via the construct_copy_div function in copy_and_paste.js. Rated me

CVE-2024-36625 MEDIUM
5.4 Nov 29

Zulip 8.3 is vulnerable to Cross Site Scripting (XSS) via the replace_emoji_with_text function in ui_util.ts. Rated medi

CVE-2026-25742 MEDIUM
5.3 Apr 03

Zulip versions 1.4.0 through 11.5 allow unauthenticated retrieval of attachments and topic history from web-public strea

CVE-2021-43791 MEDIUM
5.3 Dec 02

Zulip is an open source group chat application that combines real-time chat with threaded conversations. Rated medium se

CVE-2022-36048 MEDIUM
4.3 Aug 31

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Rated medium se

CVE-2023-28623 LOW
3.7 May 19

Zulip is an open-source team collaboration tool with unique topic-based threading. Rated low severity (CVSS 3.7), this v

Share

EUVD-2026-29537 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy