Heartcombo Devise
2 CVEs affecting Heartcombo Devise. Latest disclosed: 2026-05-22. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40295 | Medium | 6.1 | 2026-05-22 | Devise is an authentication solution for Rails based on Warden. In versions 5.0.3 and below, when the Timeoutable module is enabled in Devise, the FailureApp#r… |
CVE-2026-32700 | | 2026-03-18 | Devise is an authentication solution for Rails based on Warden. Prior to version 5.0.3, a race condition in Devise's Confirmable module allows an attacker to c… |