This page lists publicly disclosed CVE vulnerabilities affecting linagora twake (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-70039 | An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223. | [email protected] | 9.8 | 0.38% | 2026-03-09 | 2026-03-13 |
| CVE-2025-70038 | An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in linagora Twake v2023.Q1.1223. This allows attackers to execute arbitrary code. | [email protected] | 8.8 | 0.34% | 2026-03-09 | 2026-03-13 |
| CVE-2025-70037 | An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in linagora Twake v2023.Q1.1223. This allows attackers to obtain sensitive information and execute arbitrary code. | [email protected] | 6.1 | 0.21% | 2026-03-09 | 2026-03-13 |
| CVE-2023-2675 | Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223. | [email protected] | 9.8 | 0.59% | 2023-11-07 | 2024-11-21 |
| CVE-2023-1665 | Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 0.0.0. | [email protected] | 9.8 | 0.62% | 2023-03-27 | 2024-11-21 |
| CVE-2023-0028 | Cross-site Scripting (XSS) - Stored in GitHub repository linagora/twake prior to 2023.Q1.1200+. | [email protected] | 5.7 | 40.92% | 2023-01-01 | 2024-11-21 |