- [20181005] – Core – CSRF hardening in com_installer
- [20181004] – Core – ACL Violation in com_users for the admin verification
- [20181003] – Core – Access level Violation in com_tags
- [20181002] – Core – Inadequate default access level for com_joomlaupdate
- [20181001] – Core – Hardening com_contact contact form
- [20180803] – Core – ACL Violation in custom fields
- [20180802] – Core – Stored XSS vulnerability in the frontend profile
- [20180801] – Core – Hardening the InputFilter for PHAR stubs
- [20180602] – Core – XSS vulnerability in language switcher module
- [20180601] – Core – Local File Inclusion with PHP 5.3
