Security: umami-software/umami
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
[HIGH] Cache token from tracking endpoint reusable as share token grants full analytics access without authenticationGHSA-3xx8-742v-m4mq published
Jun 30, 2026 by mikecaoHigh -
[CRITICIAL] Anyone with a share link can RESET all website dataGHSA-8www-cffh-4q98 published
Jul 27, 2023 by mikecaoCritical
Learn more about advisories related to umami-software/umami in the GitHub Advisory Database