2
0
1
0
Vulnerability Timeline
2 vulnerabilities discovered over time for Django
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2026-25674 | 3.7 | This vulnerability allows an attacker to create files with incorrect permissions in Django applications, potentially exposing sensitive data or allowing unauthorized access. It occurs when multiple requests are processed at the same time, and a temporary change in file permissions by one request affects others, but it only affects specific versions of Django before certain updates. | djangoprojectdjango | Theoretical | about 1 month agoMar 3, 2026 |
| CVE-2026-25673 | 7.5 | This vulnerability allows an attacker to crash a Django application by sending it overly long URLs that contain specific Unicode characters, leading to a denial of service. It affects certain versions of Django before specific updates, and the problem arises from how the framework processes these URLs on Windows systems. | djangoprojectdjango | Exploit Available | about 1 month agoMar 3, 2026 |
About Djangoproject Django Security
This page provides comprehensive security vulnerability tracking for Djangoproject Django. Our database includes all CVEs affecting this product, updated in real-time from official sources.
Each vulnerability listing includes detailed CVSS severity analysis, exploit availability status, AI-generated explanations, and direct links to official security patches and vendor advisories.
Security Recommendations
- • Always keep Django updated to the latest version
- • Subscribe to security advisories from Djangoproject
- • Monitor this page for new vulnerabilities affecting your version
- • Prioritize patching critical and high severity issues immediately