Go-shiori Shiori

2 CVEs affecting Go-shiori Shiori. Latest disclosed: 2026-07-13. Critical: 0, High: 1.

Top CVEs affecting Go-shiori Shiori
CVESeverityScorePublishedSummary
CVE-2026-61463High8.82026-07-13Shiori contains a privilege escalation vulnerability in the account update endpoint that allows authenticated users to modify the owner field without authoriza…
CVE-2025-60538Medium6.52026-01-09A lack of rate limiting in the login page of shiori v1.7.4 and below allows attackers to bypass authentication via a brute force attack.