lemmy_api_common

crates.io2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting lemmy_api_commonpage 1 of 1

CVE-2026-42180MEDIUMCVSS 6.3EG 6.3✓ Fixed in 0.19.18
2026-05-08
Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy allows an authenticated low-privileged user to create a link post through POST /api/v3/post. When a post is created in a public community, the backend …
CVE-2026-42181MEDIUMCVSS 6.5EG 6.5✓ Fixed in 0.19.18
2026-05-08
Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy fetches metadata for user-supplied post URLs and, under the default StoreLinkPreviews image mode, downloads the preview image through local pict-rs. Wh…

Check whether lemmy_api_common is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for lemmy_api_common CVEs against the assets you own.

Start Free Scan →