Known Vulnerabilities for ActivityPub by Unknown
Listed below are 5 of the newest known vulnerabilities associated with "ActivityPub" by "Unknown".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34148 json | Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to 1.9.6, 1.10.5, 2.0.8, and ... | Not Provided | 2026-04-06 | 2026-04-07 |
| CVE-2026-33869 json | Mastodon is a free, open-source social network server based on ActivityPub. In versions on the 4.5.x branch prior to 4.5.8 an... | Not Provided | 2026-03-27 | 2026-03-27 |
| CVE-2026-33868 json | Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 4.5.8, 4.4.15, and 4.3.21, an u... | Not Provided | 2026-03-27 | 2026-03-31 |
| CVE-2026-33693 json | Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.7.0-beta.9, the `v4_is_invalid()` function in `act... | Not Provided | 2026-03-27 | 2026-03-30 |
| CVE-2026-4338 json | The ActivityPub WordPress plugin before 8.0.2 does not properly filter posts to be displayed, allowed unauthenticated users t... | Not Provided | 2026-04-08 | 2026-04-08 |