Known Vulnerabilities for Leantime by Leantime
Listed below are 3 of the newest known vulnerabilities associated with "Leantime" by "Leantime".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-59713 json | Leantime contains an OIDC login CSRF vulnerability in the verifyState() method that unconditionally returns true without vali... | Not Provided | 2026-07-06 | 2026-07-07 |
| CVE-2026-59712 json | Leantime's Users::getUser method in the JSON-RPC API lacks proper authorization checks, allowing authenticated users to retri... | Not Provided | 2026-07-06 | 2026-07-07 |
| CVE-2023-45826 json | Leantime is an open source project management system. A 'userId' variable in `app/domain/files/repositories/class.files.php` ... | 6.5 - MEDIUM | 2023-10-19 | 2023-10-27 |
| CVE-2023-33961 json | Leantime is a lean open source project management system. Starting in version 2.3.21, an authenticated user with commenting p... | 5.4 - MEDIUM | 2023-05-30 | 2023-06-06 |
| CVE-2020-5292 json | Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attacker... | 8.8 - HIGH | 2020-03-31 | 2020-04-02 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Leantime | Leantime | 2.1 | |||
| Application | Leantime | Leantime | 2.1 | |||
| Application | Leantime | Leantime | 2.1 | |||
| Application | Leantime | Leantime | 2.1 | |||
| Application | Leantime | Leantime | 2.1 | |||
| Application | Leantime | Leantime | 2.1 | |||
| Application | Leantime | Leantime | 2.0.9 | |||
| Application | Leantime | Leantime | 2.0.8 | |||
| Application | Leantime | Leantime | 2.0.7 | |||
| Application | Leantime | Leantime | 2.0.6 | |||
| Application | Leantime | Leantime | 2.0.5 | |||
| Application | Leantime | Leantime | 2.0.4 | |||
| Application | Leantime | Leantime | 2.0.3 | |||
| Application | Leantime | Leantime | 2.0.2 | |||
| Application | Leantime | Leantime | 2.0.15 | |||
| Application | Leantime | Leantime | 2.0.14 | |||
| Application | Leantime | Leantime | 2.0.13 | |||
| Application | Leantime | Leantime | 2.0.12 | |||
| Application | Leantime | Leantime | 2.0.11 | |||
| Application | Leantime | Leantime | 2.0.10 |