CVE-2026-27460

< 2.6.5

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.5, a critical De

6.5MEDIUM

CVE-2026-35489

< 2.6.4

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, the POST /api

7.3HIGH

CVE-2026-35488

< 2.6.4

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, RecipeBookVie

8.1HIGH

CVE-2026-35046

< 2.6.4

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, Tandoor Recip

5.4MEDIUM

CVE-2026-35045

< 2.6.4

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, the PUT /api/

8.1HIGH

CVE-2026-33153

< 2.6.0

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, t

6.5MEDIUM

CVE-2026-33152

< 2.6.0

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, T

9.1CRITICAL

CVE-2026-33149

<= 2.5.3

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including

8.1HIGH

CVE-2026-33148

< 2.6.0

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, t

6.5MEDIUM

CVE-2026-29055

< 2.6.0

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, t

5.3MEDIUM

CVE-2026-28503

< 2.6.0

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, t

6.5MEDIUM

CVE-2026-25991

< 2.5.1

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, there is a Bl

7.7HIGH

CVE-2026-25964

< 2.5.1

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.5.1, a Path Traver

4.9MEDIUM

CVE-2025-57396

all versions

Tandoor Recipes 2.0.0-alpha-1, fixed in 2.0.0-alpha-2, is vulnerable to privilege escalation. This is due to the rework of the API

6.5MEDIUM

CVE-2025-23213

< 1.5.28

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The file upload feature allow

8.7HIGH

CVE-2025-23212

< 1.5.28

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The external storage feature

7.7HIGH

CVE-2025-23211

< 1.5.24

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. A Jinja2 SSTI vulnerability a

9.9CRITICAL

CVE-2024-0403

all versions

Recipes version 1.5.10 allows arbitrary HTTP requests to be made through the server. This is possible because the application is

6.5MEDIUM

CVE-2022-23074

>= 0.17.0 and <= 1.2.5

In Recipes, versions 0.17.0 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in the ‘Name’ field of Keyword,

CVE-2022-23073

>= 1.0.5 and <= 1.2.5

In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in copy to clipboard functionality.

CVE-2022-23072

>= 1.0.5 and <= 1.2.5

In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in “Add to Cart” functionality.

CVE-2022-23071

>= 0.9.1 and <= 1.2.5

In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in the “Import Recipe” function

6.5MEDIUM