Zulip Zulip_server
4 CVEs affecting Zulip Zulip_server. Latest disclosed: 2026-05-12. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-0910 | High | 8.8 | 2017-11-27 | In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the server cre… |
CVE-2026-40300 | Medium | 6.5 | 2026-05-12 | Zulip is an open-source team collaboration tool. Prior to 12.0, With message_edit_history_visibility_policy set to "moves", /api/v1/messages/{id}/history still… |
CVE-2017-0896 | Medium | 6.5 | 2017-06-02 | Zulip Server 1.5.1 and below suffer from an error in the implementation of the invite_by_admins_only setting in the Zulip group chat application server that al… |
CVE-2017-0881 | Medium | 4.3 | 2017-03-28 | An error in the implementation of an autosubscribe feature in the check_stream_exists route of the Zulip group chat application server before 1.4.3 allowed an… |