Home/Product/getoutline outline
Product

getoutline outline

15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-44695
< 1.7.1
Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /auth/sla
5.8MEDIUM
 CVE-2026-41649
>= 0.86.0 and < 1.7.0
Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and
7.7HIGH
 CVE-2026-33640
>= 0.86.0 and < 1.6.0
Outline is a service that allows for collaborative documentation. Outline implements an Email OTP login flow for users not associa
9.8CRITICAL
 CVE-2026-28506
< 1.5.0
Outline is a service that allows for collaborative documentation. Prior to 1.5.0, the events.list API endpoint, used for retrievin
4.3MEDIUM
 CVE-2026-24901
< 1.4.0
Outline is a service that allows for collaborative documentation. Prior to 1.4.0, an Insecure Direct Object Reference (IDOR) vulne
8.1HIGH
 CVE-2026-25062
< 1.4.0
Outline is a service that allows for collaborative documentation. Prior to 1.4.0, during the JSON import process, the value of att
5.5MEDIUM
 CVE-2025-68663
< 1.1.0
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a vulnerability was found in Outline's WebSocket
5.3MEDIUM
 CVE-2025-64487
< 1.1.0
Outline is a service that allows for collaborative documentation. Prior to 1.1.0, a privilege escalation vulnerability exists in t
7.6HIGH
 CVE-2023-54331
all versions
Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code wi
7.8HIGH
 CVE-2025-58351
>= 0.72.0 and < 0.84.0
Outline is a service that allows for collaborative documentation. In versions 0.72.0 through 0.83.0, Outline introduced a feature
6.8MEDIUM
 CVE-2024-40626
< 0.77.3
Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process th
7.3HIGH
 CVE-2024-37829
<= 0.76.1
An issue in Outline <= v0.76.1 allows attackers to execute a session hijacking attack via user interaction with a crafted magic si
8.8HIGH
 CVE-2024-37830
<= 0.76.1
An issue in Outline <= v0.76.1 allows attackers to redirect a victim user to a malicious site via intercepting and changing the st
6.1MEDIUM
 CVE-2023-3532
< 0.70.1
Cross-site Scripting (XSS) - Stored in GitHub repository outline/outline prior to 0.70.1.
5.4MEDIUM
 CVE-2022-2342
< 0.64.4
Cross-site Scripting (XSS) - Stored in GitHub repository outline/outline prior to v0.64.4.
5.4MEDIUM
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh