pkg:Go/miniflux.app/v2
8 total CVEsHIGH1MEDIUM5
✅ Check your installed version
All known vulnerabilities
HIGH7.5CVE-2023-27591Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics from 0, < 2.0.43
MEDIUM6.5CVE-2026-21885Miniflux Media Proxy SSRF via /proxy endpoint allows access to internal network resources in miniflux.app from 0, < 2.2.16
MEDIUM6.5CVE-2026-21885Miniflux Media Proxy SSRF via /proxy endpoint allows access to internal network resources in miniflux.app from 0, < 2.2.16
MEDIUM6.1Miniflux has an Open Redirect via protocol-relative redirect_url in miniflux.app
from 0, < 2.2.15
MEDIUM6.1Miniflux has an Open Redirect via protocol-relative redirect_url in miniflux.app
from 0, < 2.2.15
MEDIUM4.8Stored XSS in Miniflux when opening a broken image due to unescaped ServerError in proxy handler
>= 2.0.25, < 2.0.43
—Miniflux Media Proxy vulnerable to Stored Cross-site Scripting due to improper Content-Security-Policy configuration in miniflux.app
from 0, < 2.2.7
—Miniflux Media Proxy vulnerable to Stored Cross-site Scripting due to improper Content-Security-Policy configuration in miniflux.app
from 0, < 2.2.7