Papra-hq Papra
3 CVEs affecting Papra-hq Papra. Latest disclosed: 2026-04-07. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-35461 | Medium | 5.0 | 2026-04-07 | Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, the Papra webhook system allows authenticated users to register arbitrary… |
CVE-2026-35462 | Medium | 4.3 | 2026-04-07 | Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, API keys with an expiresAt date are never validated against the current ti… |
CVE-2026-35460 | Medium | 4.3 | 2026-04-07 | Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, transactional email templates in Papra interpolate user.name directly into… |