Skip to main content

Relate

7 CVEs product

Monthly

CVE-2026-47161 HIGH This Week

Remote code execution in RELATE LMS (the inducer/relate web courseware platform) stems from its Celery task queue being configured to accept and unpickle untrusted messages (CELERY_ACCEPT_CONTENT included "pickle"). Because the code-execution sandbox lacks network isolation, an authenticated student can reach the message broker and deliver a malicious pickle payload that the worker deserializes, yielding arbitrary command execution on the host. No public exploit identified at time of analysis; the issue is corrected in commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb.

RCE Deserialization Relate
NVD GitHub
CVSS 4.0
8.7
EPSS
0.5%
CVE-2026-41588 CRITICAL PATCH Act Now

Timing attack vulnerability in RELATE's authentication module allows remote unauthenticated attackers to infer valid sign-in keys through response time analysis. The CWE-208 timing side-channel in course/auth.py's check_sign_in_key() function enables attackers to distinguish between valid and invalid authentication tokens by measuring server response latencies. While attack complexity is high (AC:H) due to the precise timing measurements required, successful exploitation grants full authentication bypass with cross-scope impact. Patched in commit 2f68e16. No public exploit identified at time of analysis. EPSS data not provided, CVSS 9.0 (Critical) reflects potential for complete system compromise via side-channel cryptanalysis.

Information Disclosure Relate
NVD GitHub
CVSS 3.1
9.0
EPSS
0.0%
CVE-2026-41505 HIGH PATCH This Week

Predictable token generation in RELATE courseware allows remote attackers to forge authentication and exam access tokens. The vulnerability affects two critical security functions: make_sign_in_key() in auth.py (user authentication) and gen_ticket_code() in exam.py (exam access control). Weak pseudorandom number generation (CWE-338) enables attackers with high complexity to bypass authentication mechanisms and gain unauthorized access to exams with potential for integrity and availability compromise across security boundaries (CVSS scope change). Patched in commit 2f68e16. EPSS data not available; no public exploit identified at time of analysis.

Information Disclosure Relate
NVD GitHub
CVSS 3.1
8.7
EPSS
0.0%
CVE-2024-32406 HIGH POC This Week

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Ssti Relate
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2024-32404 MEDIUM This Month

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Relate
NVD
CVSS 3.1
6.0
EPSS
0.8%
CVE-2024-32405 LOW POC Monitor

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Relate
NVD
CVSS 3.1
2.6
EPSS
0.5%
CVE-2024-32407 HIGH POC This Week

An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF RCE Relate
NVD
CVSS 3.1
8.8
EPSS
1.1%
EPSS 1% CVSS 8.7
HIGH This Week

Remote code execution in RELATE LMS (the inducer/relate web courseware platform) stems from its Celery task queue being configured to accept and unpickle untrusted messages (CELERY_ACCEPT_CONTENT included "pickle"). Because the code-execution sandbox lacks network isolation, an authenticated student can reach the message broker and deliver a malicious pickle payload that the worker deserializes, yielding arbitrary command execution on the host. No public exploit identified at time of analysis; the issue is corrected in commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb.

RCE Deserialization Relate
NVD GitHub
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

Timing attack vulnerability in RELATE's authentication module allows remote unauthenticated attackers to infer valid sign-in keys through response time analysis. The CWE-208 timing side-channel in course/auth.py's check_sign_in_key() function enables attackers to distinguish between valid and invalid authentication tokens by measuring server response latencies. While attack complexity is high (AC:H) due to the precise timing measurements required, successful exploitation grants full authentication bypass with cross-scope impact. Patched in commit 2f68e16. No public exploit identified at time of analysis. EPSS data not provided, CVSS 9.0 (Critical) reflects potential for complete system compromise via side-channel cryptanalysis.

Information Disclosure Relate
NVD GitHub
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Predictable token generation in RELATE courseware allows remote attackers to forge authentication and exam access tokens. The vulnerability affects two critical security functions: make_sign_in_key() in auth.py (user authentication) and gen_ticket_code() in exam.py (exam access control). Weak pseudorandom number generation (CWE-338) enables attackers with high complexity to bypass authentication mechanisms and gain unauthorized access to exams with potential for integrity and availability compromise across security boundaries (CVSS scope change). Patched in commit 2f68e16. EPSS data not available; no public exploit identified at time of analysis.

Information Disclosure Relate
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC This Week

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

RCE Ssti Relate
NVD
EPSS 1% CVSS 6.0
MEDIUM This Month

Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1, allows remote attackers to execute arbitrary code via a crafted payload to the Markup Sandbox feature. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Relate
NVD
EPSS 1% CVSS 2.6
LOW POC Monitor

Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Relate
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF RCE Relate
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy