CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Atlassian•added 2026/02/24 9:29 p.m.•14 views

DoS (Denial of Service) axios Dependency in Crowd Data Center

This High severity RCE Remote Code Execution vulnerability was introduced in versions 5.3.1, 6.0.0, 6.1.3, 6.2.2, 6.3.0, 7.0.0, and 7.1.0 of Crowd Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

7.5CVSS6.2AI score0.00044EPSS

Atlassian•added 2026/02/24 9:28 p.m.•13 views

DOM-based XSS @remix-run/router Dependency in Crowd Data Center

This High severity DOM-based XSS vulnerability was introduced in version 7.1.0 of Crowd Data Center. This DOM-based XSS vulnerability, with a CVSS Score of 8 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N allows an unauthenticated attacker to execute arbitrary HTML or JavaScrip...

8CVSS6.1AI score0.00019EPSS

Atlassian•added 2026/02/11 4:29 p.m.•15 views

DoS (Denial of Service) in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2020-28469 was introduced in versions 6.0.0, 6.1.5, 6.2.4, 6.3.0, 7.0.0, and 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.5AI score0.00964EPSS

Atlassian•added 2026/02/11 4:29 p.m.•15 views

DoS (Denial of Service) in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-25927 was introduced in versions 5.3.1, 6.0.0, 6.1.0, 6.2.0, 6.3.0, 7.0.0, and 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.5AI score0.01453EPSS

Exploits2

Atlassian•added 2026/01/30 7:27 p.m.•16 views

RCE (Remote Code Execution) commons-beanutils Dependency in Crowd Data Center and Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H allows an authenticated attacker to...

8.8CVSS6.3AI score0.00258EPSS

RedhatCVE•added 2026/01/29 3:26 a.m.•4 views

CVE-2026-21569

This High severity XXE XML External Entity Injection vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 7.9, allows an authenticated attacker to access local and remote content which has high...

OSV•added 2026/01/28 1:16 a.m.•1 views

Exploits0References1

CVE-2026-21569

NVD•added 2026/01/28 1:16 a.m.•4 views

CVE-2026-21569

7.9CVSS0.00025EPSS

Cvelist•added 2026/01/28 12:30 a.m.•28 views

CVE-2026-21569

7.9CVSS0.00025EPSS

CVE•added 2026/01/28 12:30 a.m.•9 views

CVE-2026-21569

This CVE affects Crowd Data Center and Server (Atlassian) starting from version 7.1.0, with a high-severity XXE (XML External Entity Injection) vulnerability. The issue allows an authenticated attacker to access local and remote content, with high impact to confidentiality and availability, and l...

Exploits0References2Affected Software1

EUVD•added 2026/01/28 12:30 a.m.•4 views

EUVD-2026-4913

ATTACKERKB•added 2026/01/28 12:30 a.m.•2 views

CVE-2026-21569

Exploits0References3Affected Software1

Vulnrichment•added 2026/01/28 12:30 a.m.•3 views

CVE-2026-21569

CNNVD•added 2026/01/28 12:0 a.m.•2 views

Atlassian Crowd Data Center security vulnerabilities

Atlassian Crowd Data Center is the cluster deployment version of Atlassian's Crowd platform by Australia-based company Atlassian. Versions of Atlassian Crowd Data Center 7.1.0 and later contain security vulnerabilities. These vulnerabilities stem from XML external entity injections, which may lea...

7.9CVSS5.8AI score0.00025EPSS

Atlassian•added 2026/01/16 6:27 p.m.•17 views

DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2025-66675 was introduced in versions 7.0.2 and 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H allows an...

8.2CVSS5.4AI score0.00201EPSS

Atlassian•added 2026/01/16 6:27 p.m.•17 views

XXE (XML External Entity Injection) org.apache.tika:tika-parsers Dependency in Crowd Data Center and Server

This is a vulnerability in a non-Atlassian Crowd dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity XXE XML External Entity Injection vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE XML...

9.8CVSS5.7AI score0.0002EPSS

Exploits4

Atlassian•added 2025/12/19 7:27 p.m.•18 views

DoS (Denial of Service) org.apache.commons:commons-fileupload2-core Dependency in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to access...

7.5CVSS7.4AI score0.01278EPSS

Atlassian•added 2025/12/19 7:27 p.m.•17 views

DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 7.1.2 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to access...

7.5CVSS5.4AI score0.00171EPSS

Atlassian•added 2025/12/19 3:18 p.m.•18 views

XXE (XML External Entity Injection) in Crowd Data Center and Server

7.9CVSS5.5AI score0.00025EPSS