Gristlabs Grist-core

6 CVEs affecting Gristlabs Grist-core. Latest disclosed: 2026-01-22. Critical: 1, High: 3.

Top CVEs affecting Gristlabs Grist-core
CVESeverityScorePublishedSummary
CVE-2026-24002Critical9.02026-01-22Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the u…
CVE-2024-56359High8.12024-12-20grist-core is a spreadsheet hosting server. A user visiting a malicious document and clicking on a link in a HyperLink cell using a control modifier (meaning f…
CVE-2024-56358High8.12024-12-20grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could have their account compromised, because Jav…
CVE-2024-56357High8.12024-12-20grist-core is a spreadsheet hosting server. A user visiting a malicious document or submitting a malicious form could have their account compromised, because i…
CVE-2025-64752Medium6.82025-11-13grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a feature for fetching f…
CVE-2025-64753Medium5.32025-11-13grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access endpoints listing has…