Mauriceboe Trek
3 CVEs affecting Mauriceboe Trek. Latest disclosed: 2026-05-28. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40185 | High | 7.1 | 2026-04-10 | TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is… |
CVE-2026-45410 | Medium | 5.3 | 2026-05-28 | TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts vi… |
CVE-2026-40184 | Low | 3.7 | 2026-04-10 | TREK is a collaborative travel planner. Prior to 2.7.2, TREK served uploaded photos without requiring authentication. This vulnerability is fixed in 2.7.2. |