Known Vulnerabilities for Django by Djangoproject
Listed below are 10 of the newest known vulnerabilities associated with "Django" by "Djangoproject".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-34406 json | APTRS (Automated Penetration Testing Reporting System) is a Python and Django-based automated reporting tool designed for pen... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-34231 json | Slippers is a UI component framework for Django. Prior to version 0.6.3, a Cross-Site Scripting (XSS) vulnerability exists in... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-34203 json | Nautobot is a Network Source of Truth and Network Automation Platform. Prior to versions 2.4.30 and 3.0.10, user creation and... | Not Provided | 2026-03-31 | 2026-03-31 |
| CVE-2026-33530 json | InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, certain API endpoints associated with bulk d... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33153 json | Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6... | Not Provided | 2026-03-26 | 2026-03-26 |
| CVE-2026-33152 json | Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6... | Not Provided | 2026-03-26 | 2026-03-26 |
| CVE-2026-33149 json | Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and inclu... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33034 json | An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or unders... | Not Provided | 2026-04-07 | 2026-04-07 |
| CVE-2026-33033 json | An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. `MultiPartParser` allows remote attack... | Not Provided | 2026-04-07 | 2026-04-07 |
| CVE-2026-4292 json | An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. Admin changelist forms using `ModelAdm... | Not Provided | 2026-04-07 | 2026-04-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Djangoproject | Django | 3.1.8 | |||
| Application | Djangoproject | Django | 3.1.7 | |||
| Application | Djangoproject | Django | 3.1.6 | |||
| Application | Djangoproject | Django | 3.1.5 | |||
| Application | Djangoproject | Django | 3.1.4 | |||
| Application | Djangoproject | Django | 3.1.3 | |||
| Application | Djangoproject | Django | 3.1.2 | |||
| Application | Djangoproject | Django | 3.1.1 | |||
| Application | Djangoproject | Django | 3.1 | |||
| Application | Djangoproject | Django | 3.0.9 | |||
| Application | Djangoproject | Django | 3.0.8 | |||
| Application | Djangoproject | Django | 3.0.7 | |||
| Application | Djangoproject | Django | 3.0.4 | |||
| Application | Djangoproject | Django | 3.0.3 | |||
| Application | Djangoproject | Django | 3.0.2 | |||
| Application | Djangoproject | Django | 3.0.12 | |||
| Application | Djangoproject | Django | 3.0.11 | |||
| Application | Djangoproject | Django | 3.0.10 | |||
| Application | Djangoproject | Django | 3.0.1 | |||
| Application | Djangoproject | Django | 3.0 |