Security Disclosure - November 2025

Resolved

This is fully resolved. Please see our related blog post for any more information, or contact support@mintlify.com

Mon, Jan 5, 2026, 07:00 PM

(2 months ago)

Affected components

No components marked as affected

Updates

Resolved

This is fully resolved. Please see our related blog post for any more information, or contact support@mintlify.com

Mon, Jan 5, 2026, 07:00 PM

Monitoring

Earlier this year, in November, Mintlify underwent a security event, conducted by a small group of security researchers who made responsible disclosure of several vulnerabilities. After making contact with these researchers, we discovered five total vulnerabilities:

CVE-2025-67842
CVE-2025-67843
CVE-2025-67844
CVE-2025-67845
CVE-2025-67846

These ranged from critical to medium, and each was patched within hours of discovery. After a comprehensive audit of all user & customer data, assets, and configurations, we did not find any evidence of exploitation of any of the listed vulnerabilities.

If you are a Mintlify customer, no action is required, and you will have already been contacted regarding this event if we believed you had been at any risk.

For more information, please see our associated blog post

Thu, Dec 18, 2025, 07:03 PM(2 weeks earlier)