Is CVE-2023-49079 actively exploited?

CVE-2023-49079 has no public evidence of in-the-wild exploitation as of 2024-11-21.

What is the CVSS score for CVE-2023-49079?

CVE-2023-49079 has a CVSS score of 9.3 (CRITICAL severity). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N.

How do I patch CVE-2023-49079?

Patch guidance is available from misskey security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2023-49079.

Fix CVE-2023-49079 - CRITICAL misskey misskey

Description

Misskey is an open source, decentralized social media platform. Misskey's missing signature validation allows arbitrary users to impersonate any remote user. This issue has been patched in version 2023.11.1-beta.1.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N
Attack Vector: network
Complexity: low
Privileges: none
User Action: none
Scope: changed
Confidentiality: low
Integrity: high
Availability: none
Weaknesses: CWE-347

Metadata

Primary Vendor: MISSKEY
Published: 11/29/2023
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

misskey : misskey

Remediation Guidance

Executive Summary

Cite this page

CVE-2023-49079. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2023-49079

View on NIST NVD

CVE-2023-49079 vulnerability