CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Atlassian•added 2026/05/11 11:31 p.m.•17 views

Directory Traversal vulnerability at plexus-utils dependency in Bamboo Data Center

This High severity File Inclusion vulnerability was introduced in versions 10.0.1, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This File Inclusion vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H allows an...

8.8CVSS6.2AI score0.00427EPSS

Atlassian•added 2026/05/11 11:30 p.m.•18 views

DoS (Denial of Service) at org.apache.activemq dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

7.5CVSS5.8AI score0.00056EPSS

Atlassian•added 2026/05/11 11:30 p.m.•15 views

Security Misconfiguration vulnerability at Tomcat dependency in Bamboo Data Center

This High severity Security Misconfiguration vulnerability was introduced in version 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0 and 12.1.0 of Bamboo Data Center. This Security Misconfiguration vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00033EPSS

Atlassian•added 2026/05/11 11:29 p.m.•17 views

Covert timing channel at org.bouncycastle:bcprov-jdk18on dependency in Bamboo Data Center

This High severity Information Disclosure vulnerability was introduced in versions 10.0.0, 10.1.1, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Information Disclosure vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of code...

9.9CVSS5.8AI score0.00022EPSS

Tenable Nessus•added 2026/05/01 12:0 a.m.•11 views

Atlassian Bamboo 9.6.x < 9.6.25 / 10.x < 10.2.18 / 11.x < 12.1.6 Multiple Vulnerabilities

The version of Atlassian Bamboo installed on the remote host is 9.6.x prior to 9.6.25, 10.x prior to 10.2.18, or 11.x prior to 12.1.6. It is, therefore, affected by multiple vulnerabilities: - An OS command injection vulnerability allows an authenticated attacker to execute commands on the remote...

9.4CVSS7.2AI score0.01093EPSS

Exploits2References8

RedhatCVE•added 2026/04/23 7:22 a.m.•2 views

CVE-2026-21571

This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 9.4 and a CVSS Vector of...

EUVD•added 2026/04/21 6:31 p.m.•0 views

Exploits0References1

EUVD-2026-24143

NVD•added 2026/04/21 5:16 p.m.•1 views

Exploits0References3

CVE-2026-21571

9.4CVSS0.01093EPSS

CVE•added 2026/04/21 5:0 p.m.•6 views

CVE-2026-21571

Bamboo Data Center is affected by CVE-2026-21571, a critical OS Command Injection that allows an authenticated attacker to execute remote commands. The vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0 and 12.1.0. It has a CVSS v4 base score of 9.4, wi...

ATTACKERKB•added 2026/04/21 5:0 p.m.•0 views

CVE-2026-21571

Exploits0References3Affected Software1

Vulnrichment•added 2026/04/21 5:0 p.m.•0 views

CVE-2026-21571

Cvelist•added 2026/04/21 5:0 p.m.•25 views

CVE-2026-21571

9.4CVSS0.01093EPSS

CNNVD•added 2026/04/21 12:0 a.m.•3 views

Atlassian Bamboo Data Center 安全漏洞

Atlassian Bamboo Data Center is a continuous integration and delivery server software developed by the Australian company Atlassian. There is a security vulnerability in Atlassian Bamboo Data Center, which stems from OS command injection. This vulnerability may allow authenticated attackers to...

Positive Technologies•added 2026/04/21 12:0 a.m.•3 views

PT-2026-34015

Name of the Vulnerable Software and Affected Versions Bamboo Data Center versions 9.6.0 through 9.6.24 Bamboo Data Center versions 10.0.0 through 10.2.17 Bamboo Data Center versions 11.0.0 through 12.1.5 Description An OS Command Injection issue allows an authenticated attacker to achieve Remote...

9.4CVSS6.2AI score0.01093EPSS

Exploits0References9

Atlassian•added 2026/04/14 10:30 p.m.•16 views

DoS (Denial of Service) axios Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0-rc3, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allo...

7.5CVSS5.7AI score0.00044EPSS

Exploits1

Atlassian•added 2026/04/14 10:30 p.m.•15 views

XSS (Cross Site Scripting) dompurify Dependency in Bamboo Data Center

This High severity XSS Cross Site Scripting vulnerability was introduced in versions 10.0.1, 10.2.15, 12.0.0 and 12.1.2 of Bamboo Data Center. This XSS Cross Site Scripting vulnerability, with a CVSS Score of 7.3 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L allows an...

7.3CVSS5.5AI score0.00096EPSS

Atlassian•added 2026/04/14 10:29 p.m.•16 views

MITM (Man-in-the-Middle) org.apache.tomcat:tomcat-coyote Dependency in Bamboo Data Center

This High severity MITM Man-in-the-Middle vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This MITM Man-in-the-Middle vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows...

7.5CVSS5.8AI score0.00091EPSS

Atlassian•added 2026/04/14 10:29 p.m.•17 views

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of...

8.7CVSS5.8AI score0.00038EPSS