Linen
1 CVEs
product
Monthly
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Authentication Bypass
Linen
NVD
GitHub
CVSS 3.1
9.8
EPSS
0.5%
EPSS 1%
CVSS 9.8
CRITICAL
PATCH
Act Now
Linen before cd37c3e does not verify that the domain is linen.dev or www.linen.dev when resetting a password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Authentication Bypass
Linen
NVD
GitHub