Home/Product/decidim
Product

decidim

15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-40869
>= 0.19.0 and < 0.30.5
Decidim is a participatory democracy framework. Starting in version 0.19.0 and prior to versions 0.30.5 and 0.31.1, a vulnerabilit
7.5HIGH
 CVE-2026-23891
< 0.30.5
Decidim is a participatory democracy framework. In versions below 0.30.5 and 0.31.0.rc1 through 0.31.0, a stored code execution vu
8.7HIGH
 CVE-2025-65017
>= 0.30.0 and < 0.30.4
Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the
6.5MEDIUM
 CVE-2024-45594
>= 0.28.0 and < 0.28.3
Decidim is a participatory democracy framework. The meeting embeds feature used in the online or hybrid meetings is subject to pot
7.7HIGH
 CVE-2024-39910
< 0.27.7
decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. The
5.4MEDIUM
 CVE-2024-32034
< 0.27.7
decidim is a Free Open-Source participatory democracy, citizen participation and open government for cities and organizations. The
6.8MEDIUM
 CVE-2024-27095
< 0.27.6
Decidim is a participatory democracy framework. The admin panel is subject to potential XSS attach in case the attacker manages to
5.4MEDIUM
 CVE-2023-47634
>= 0.10.0 and < 0.26.9
Decidim is a participatory democracy framework. Starting in version 0.10.0 and prior to versions 0.26.9, 0.27.5, and 0.28.0, a rac
3.1LOW
 CVE-2023-51447
>= 0.27.0 and < 0.27.5
Decidim is a participatory democracy framework. Starting in version 0.27.0 and prior to versions 0.27.5 and 0.28.0, the dynamic fi
6.3MEDIUM
 CVE-2023-48220
>= 0.0.2 and < 0.26.9
Decidim is a participatory democracy framework. Starting in version 0.4.rc3 and prior to version 2.0.9 of the devise_invitable g
5.7MEDIUM
 CVE-2023-47635
>= 0.23.0 and < 0.27.5
Decidim is a participatory democracy framework. Starting in version 0.23.0 and prior to versions 0.27.5 and 0.28.0, the CSRF authe
4.5MEDIUM
 CVE-2023-36465
< 0.26.8
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government o
9.1CRITICAL
 CVE-2023-34090
< 0.27.3
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government o
7.5HIGH
 CVE-2023-34089
< 0.26.7
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government o
8.1HIGH
 CVE-2023-32693
< 0.26.7
Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government o
8.1HIGH
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh