Inducer Relate
4 CVEs affecting Inducer Relate. Latest disclosed: 2026-05-27. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-41588 | Critical | 9.0 | 2026-05-08 | RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — check_sign_in_key(). This issue h… |
CVE-2026-42197 | High | 8.7 | 2026-05-27 | RELATE is a web-based courseware package. Versions prior to commit 555f0efb1c5bd7531c07cd73724d7e566a81f620 have a stored cross-site scripting vulnerability th… |
CVE-2026-41505 | High | 8.7 | 2026-05-07 | RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() functio… |
CVE-2026-47161 | | 2026-05-27 | RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and dese… |