375 matches found
GHSA-WG35-8JPF-2XV3 vulnerabilities
Vulnerabilities for packages: thingsboard, apache-nifi-registry...
GHSA-JFG9-48MV-9QGX vulnerabilities
Vulnerabilities for packages: trino, management-api-for-apache-cassandra-5.0, apache-activemq-artemis, druid, celeborn, tez, thingsboard...
GHSA-WWPQ-F5C3-7HVX vulnerabilities
Vulnerabilities for packages: keycloak-config-cli, thingsboard, zipkin, apache-nifi-registry...
CVE-2026-40973 vulnerabilities
Vulnerabilities for packages: keycloak-config-cli, thingsboard, zipkin, apache-nifi-registry...
CVE-2026-42581 vulnerabilities
Vulnerabilities for packages: spark, apache-pulsar, apicurio-registry, keycloak, strimzi-kafka-operator, zipkin, logstash, neo4j, wavefront-proxy, docker-selenium, apache-activemq-artemis, druid, thingsboard, apache-nifi-registry, akhq, trino, apache-nifi, management-api-for-apache-cassandra-5.0,...
CVE-2026-42580 vulnerabilities
Vulnerabilities for packages: spark, apache-pulsar, apicurio-registry, keycloak, strimzi-kafka-operator, zipkin, logstash, neo4j, wavefront-proxy, docker-selenium, apache-activemq-artemis, druid, thingsboard, apache-nifi-registry, akhq, trino, apache-nifi, management-api-for-apache-cassandra-5.0,...
CVE-2026-42585 vulnerabilities
Vulnerabilities for packages: spark, apache-pulsar, apicurio-registry, keycloak, strimzi-kafka-operator, zipkin, logstash, neo4j, wavefront-proxy, docker-selenium, apache-activemq-artemis, druid, thingsboard, apache-nifi-registry, akhq, trino, apache-nifi, management-api-for-apache-cassandra-5.0,...
CVE-2026-42584 vulnerabilities
Vulnerabilities for packages: spark, apache-pulsar, apicurio-registry, keycloak, strimzi-kafka-operator, zipkin, logstash, neo4j, wavefront-proxy, docker-selenium, apache-activemq-artemis, druid, thingsboard, apache-nifi-registry, akhq, trino, apache-nifi, management-api-for-apache-cassandra-5.0,...
GHSA-38F8-5428-X5CV vulnerabilities
Vulnerabilities for packages: spark, apache-pulsar, apicurio-registry, keycloak, strimzi-kafka-operator, zipkin, logstash, neo4j, wavefront-proxy, docker-selenium, apache-activemq-artemis, druid, thingsboard, apache-nifi-registry, akhq, trino, apache-nifi, management-api-for-apache-cassandra-5.0,...
GHSA-57RV-R2G8-2CJ3 vulnerabilities
Vulnerabilities for packages: spark, apache-pulsar, apicurio-registry, keycloak, strimzi-kafka-operator, zipkin, logstash, neo4j, wavefront-proxy, docker-selenium, apache-activemq-artemis, druid, thingsboard, apache-nifi-registry, akhq, trino, apache-nifi, management-api-for-apache-cassandra-5.0,...
GHSA-XXQH-MFJM-7MV9 vulnerabilities
Vulnerabilities for packages: spark, apache-pulsar, apicurio-registry, keycloak, strimzi-kafka-operator, zipkin, logstash, neo4j, wavefront-proxy, docker-selenium, apache-activemq-artemis, druid, thingsboard, apache-nifi-registry, akhq, trino, apache-nifi, management-api-for-apache-cassandra-5.0,...
GHSA-M4CV-J2PX-7723 vulnerabilities
Vulnerabilities for packages: spark, apache-pulsar, apicurio-registry, keycloak, strimzi-kafka-operator, zipkin, logstash, neo4j, wavefront-proxy, docker-selenium, apache-activemq-artemis, druid, thingsboard, apache-nifi-registry, akhq, trino, apache-nifi, management-api-for-apache-cassandra-5.0,...
📄 ThingsBoard IoT Platform 4.2.0 Server-Side Request Forgery
ThingsBoard IoT Platform version 4.2.0 suffers from a server-side request forgery vulnerability. Exploit Title: ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery SSRF Date: 2026-03-25 Exploit Author: Tamil Mathi T. Vendor Homepage: https://thingsboard.io Software Link:...
ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF)
Exploit Title: ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery SSRF Date: 2026-03-25 Exploit Author: Tamil Mathi T. Vendor Homepage: https://thingsboard.io Software Link: https://github.com/thingsboard/thingsboard Version: . When ThingsBoard processes the uploaded SVG server-side, it...
CLEANSTART-2026-IS05941 CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native
Multiple security vulnerabilities affect the thingsboard package. CLIENTCERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. See references for individual vulnerability details...
GHSA-H468-7PVH-8VR8 vulnerabilities
Vulnerabilities for packages: thingsboard...
CVE-2026-29146 vulnerabilities
Vulnerabilities for packages: thingsboard...
CLEANSTART-2026-CK64127 Security fixes for ghsa-6rw7-vpxm-498p, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-wqch-xfxh-vrr4 applied in versions: 4.2.1.1-r1
Multiple security vulnerabilities affect the thingsboard package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-DU32240 Security fixes for CVE-2026-2391, CVE-2026-26960, CVE-2026-29786, CVE-2026-31802, ghsa-34x7-hfp2-rc4v, ghsa-5359-pvf2-pw78, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-r6q2-hw4h-h46w applied in versions: 4.2.1.1-r1, 4.2.1.1-r2, 4.3.0.1-r0, 4.3.1-r0
Multiple security vulnerabilities affect the thingsboard-tb-web-ui package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-JK47870 Security fixes for CVE-2025-66614, CVE-2026-1225, CVE-2026-24281, CVE-2026-24308, CVE-2026-24733, ghsa-6rw7-vpxm-498p, ghsa-73rr-hh4g-fpgx, ghsa-8qq5-rm4j-mr97, ghsa-wqch-xfxh-vrr4 applied in versions: 4.2.1.1-r1, 4.3.1-r0
Multiple security vulnerabilities affect the thingsboard package. These issues are resolved in later releases. See references for individual vulnerability details...