Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
AtlassianRecent
RecentMost viewed

4295 matches found

Atlassian
Atlassianadded 2026/06/03 4:30 p.m.7 views

SSRF (Server-Side Request Forgery) axios Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.9CVSS5.3AI score0.01075EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.4 views

SSRF (Server-Side Request Forgery) axios Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.9CVSS5.3AI score0.01075EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.4 views

Injection axios Dependency in Jira Software Data Center

This High severity Injection vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...

7.4CVSS5.6AI score0.00394EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.4 views

Injection axios Dependency in Jira Service Management Data Center

This High severity Injection vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...

7.4CVSS5.6AI score0.00394EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.6 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Service Management Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0, of Jira Service Management Data Center and Server. This HTTP Request Smuggling vulnerability, with...

7.5CVSS5.2AI score0.00248EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.7 views

Injection axios Dependency in Jira Software Data Center

This High severity Injection vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...

7.4CVSS5.3AI score0.00381EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.4 views

Injection axios Dependency in Jira Service Management Data Center

This High severity Injection vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...

7.4CVSS5.3AI score0.00381EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.5 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity HTTP Request Smuggling vulnerability was introduced in versions 9.12.1, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0,...

9.1CVSS5.3AI score0.00426EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.13 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity HTTP Request Smuggling vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.1CVSS5.3AI score0.00426EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.6 views

Business Logic Vulnerability Apache Tomcat Dependency in Jira Service Management Data Center

This High severity Business Logic vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This Business Logic vulnerability, with a CVSS Score of 7.5 and a...

7.5CVSS5.3AI score0.00467EPSS
Exploits0
Atlassian
Atlassianadded 2026/06/03 4:30 p.m.6 views

DoS (Denial of Service) org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score ...

7.5CVSS5.2AI score0.0078EPSS
Exploits0
Atlassian
Atlassianadded 2026/06/03 4:29 p.m.7 views

DoS (Denial of Service) io.netty:netty-codec Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score ...

7.5CVSS5.4AI score0.00545EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:29 p.m.6 views

Authentication Bypass org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Authentication Bypass vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.8CVSS5.3AI score0.01233EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 4:29 p.m.8 views

Improper Authorization org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Improper Authorization vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.1CVSS5.9AI score0.01136EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/03 2:30 p.m.5 views

Information Disclosure org.apache.tomcat:tomcat-websocket Dependency in Confluence Data Center

This High severity Information Disclosure vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.1, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.3 and a...

7.3CVSS5.3AI score0.00548EPSS
Exploits0
Atlassian
Atlassianadded 2026/06/02 10:29 p.m.5 views

DoS (Denial of Service) nth-check Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.1, and 10.3.20 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...

7.5CVSS7AI score0.02014EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/02 4:30 p.m.7 views

Injection io.netty:netty-codec-dns Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability was introduced in versions 7.0.1, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0,...

9.1CVSS5.3AI score0.00524EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/02 4:30 p.m.22 views

DoS (Denial of Service) minimatch Dependency in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 8.9.0, 9.0.1, 9.0.3, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.2AI score0.00472EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/02 4:30 p.m.6 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Confluence Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 7.0.1, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a...

7.5CVSS5.2AI score0.00248EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/02 4:30 p.m.6 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity HTTP Request Smuggling vulnerability was introduced in versions 7.0.1, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0,...

9.1CVSS5.3AI score0.00426EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/02 4:29 p.m.8 views

Business Logic Vulnerability Apache Tomcat Dependency in Confluence Data Center

This High severity Business Logic vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0 and 10.2.0 of Confluence Data Center. This Business Logic vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.3AI score0.00467EPSS
Exploits0
Atlassian
Atlassianadded 2026/06/02 4:29 p.m.5 views

DoS (Denial of Service) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a...

7.5CVSS5.2AI score0.0078EPSS
Exploits0
Atlassian
Atlassianadded 2026/06/02 4:29 p.m.6 views

BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0,...

9.8CVSS5.3AI score0.01233EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/02 4:29 p.m.10 views

Improper Authorization org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Improper Authorization vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1,...

9.1CVSS5.9AI score0.01136EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/02 4:29 p.m.5 views

Injection org.apache.tomcat:tomcat-coyote Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0,...

9.8CVSS5.3AI score0.01339EPSS
Exploits0
Atlassian
Atlassianadded 2026/06/02 6:55 a.m.19 views

Restricted page for a user is getting displayed in "Recently Updated" macro.

h3. Issue Summary Restricted page for a user is getting displayed in "Recently Updated" macro. h3. Steps to Reproduce In confluence 10.2.x create 3 normal users user01, user02, user03. Create a sample space using admin user. Create a page using admin user and add "Recently Updated" macro. Switch ...

5.8AI score
Exploits0
Atlassian
Atlassianadded 2026/06/01 10:30 p.m.8 views

DoS (Denial of Service) io.netty:netty-codec Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows a...

7.5CVSS6.4AI score0.00429EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/01 10:30 p.m.5 views

Injection axios Dependency in Bamboo Data Center

This High severity Injection vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attack...

7.4CVSS8AI score0.00394EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/01 10:30 p.m.5 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Bamboo Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in version 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows ...

7.5CVSS6.5AI score0.00248EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/01 10:30 p.m.6 views

Injection axios Dependency in Bamboo Data Center

This High severity Injection vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attack...

7.4CVSS7.6AI score0.00381EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/01 10:29 p.m.7 views

DoS (Denial of Service) org.apache.tomcat:tomcat-catalina Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.1.1, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS6.9AI score0.0078EPSS
Exploits0
Atlassian
Atlassianadded 2026/06/01 10:29 p.m.9 views

DoS (Denial of Service) io.netty:netty-codec Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows a...

7.5CVSS6.6AI score0.00545EPSS
Exploits1
Atlassian
Atlassianadded 2026/06/01 10:29 p.m.5 views

Business Logic Vulnerability org.apache.tomcat:tomcat-catalina Dependency in Bamboo Data Center

This High severity Business Logic vulnerability was introduced in versions 10.1.1, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Business Logic vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated...

7.5CVSS7AI score0.00467EPSS
Exploits0
Atlassian
Atlassianadded 2026/05/22 10:30 p.m.6 views

HTTP Request Smuggling ws Dependency in Confluence Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 9.0.1, 9.2.3, and 9.4.0 of Confluence Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated...

7.5CVSS5.2AI score0.00473EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/21 8:29 p.m.4 views

DoS (Denial of Service) minimatch Dependency in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 8.9.0, 9.0.1, 9.0.3, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.3AI score0.00517EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/21 7:29 p.m.7 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 9.12.1, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center and Server. This HTTP Request Smuggling vulnerability, with a...

7.5CVSS5.2AI score0.00248EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/21 5:29 p.m.5 views

DoS (Denial of Service) nth-check Dependency in Jira Software Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.15.2, 9.16.0, 9.17.0, 10.0.1, and 10.3.20 of Jira Software Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows a...

7.5CVSS7AI score0.02014EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/21 3:37 a.m.5 views

Upgrade Tomcat to fix CVE-2026-41284, CVE-2026-41293, CVE-2026-42498, CVE-2026-43512, CVE-2026-43513, CVE-2026-43514 and CVE-2026-43515

h3. Issue Summary Apache Tomcat should be upgraded to 9.0.118, 10.1.55 or a later version to fix https://nvd.nist.gov/vuln/detail/CVE-2026-41284 https://nvd.nist.gov/vuln/detail/CVE-2026-41293 https://nvd.nist.gov/vuln/detail/CVE-2026-42498 https://nvd.nist.gov/vuln/detail/CVE-2026-43512...

9.8CVSS6.6AI score0.01339EPSS
Exploits2
Atlassian
Atlassianadded 2026/05/20 9:29 p.m.4 views

Business Logic Vulnerability org.springframework.security:spring-security-web Dependency in Crowd Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Business Logic vulnerability was introduced in versions 5.3.0, 6.0.0, 6.1.0, 6.2.0, 6.3.0, 7.0.1, 7.1.0 of Crowd Data Center. This...

9.1CVSS5.4AI score0.0048EPSS
Exploits2
Atlassian
Atlassianadded 2026/05/15 7:58 a.m.27 views

Security Headers Omission in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian Jira Service Management dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Security Headers Omission vulnerability was introduced in versions 10.3.0 and 11.3.0 of Jira Service...

9.1CVSS7.2AI score0.0048EPSS
Exploits2
Atlassian
Atlassianadded 2026/05/15 7:49 a.m.23 views

Improper Encoding org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This High severity Improper Encoding vulnerability known as CVE-2026-34483 was introduced in version 11.3.0. This Improper Encoding or Escaping of Output vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated attacker to...

7.5CVSS5.8AI score0.00461EPSS
Exploits0
Atlassian
Atlassianadded 2026/05/13 5:29 p.m.51 views

Security Misconfiguration in Jira Software Data Center

This High severity Security Misconfiguration vulnerability was introduced in versions 9.12.32, 10.3.17, and 11.3.3 of Jira Software Data Center. This Security Misconfiguration vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an...

7.5CVSS5.8AI score0.00259EPSS
Exploits0
Atlassian
Atlassianadded 2026/05/13 4:29 a.m.6 views

SSRF (Server-Side Request Forgery) axios Dependency in Bitbucket Data Center

This High severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.4.12 and 10.2.0 of Bitbucket Data Center. This SSRF Server-Side Request Forgery vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an...

7.5CVSS5.3AI score0.00301EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/13 4:29 a.m.6 views

SSRF (Server-Side Request Forgery) axios Dependency in Bamboo Data Center

This High severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This SSRF Server-Side Request Forgery vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.3AI score0.00301EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/12 5:29 p.m.6 views

Information Disclosure org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This High severity Information Disclosure vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This Information Disclosure vulnerability, with a...

7.5CVSS5.2AI score0.00447EPSS
Exploits0
Atlassian
Atlassianadded 2026/05/12 4:29 p.m.6 views

Security Misconfiguration org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This High severity Security Misconfiguration vulnerability was introduced in version 11.3.4 of Jira Service Management Data Center. This Security Misconfiguration vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated...

7.5CVSS5.7AI score0.03645EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/12 12:31 a.m.31 views

RCE (Remote Code Execution) at mchange-commons-java dependency in Bamboo Data Center

This High severity RCE Remote Code Execution vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.9 and a CVSS Vector of...

9.8CVSS6.3AI score0.00577EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/11 11:33 p.m.22 views

DoS (Denial of Service) at commons-fileupload dependency in Crucible Server

This High severity DoS Denial of Service vulnerability was introduced in version 4.9.0 of Crucible Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to cause a resource to...

7.5CVSS5.8AI score0.46836EPSS
Exploits1
Atlassian
Atlassianadded 2026/05/11 11:32 p.m.21 views

RCE (Remote Code Execution) at com.fasterxml.jackson.core:jackson-core dependency in Crucible Server

This High severity RCE Remote Code Execution vulnerability was introduced in version 4.9.0 of Crucible Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an unauthenticated...

8.7CVSS6.1AI score0.00634EPSS
Exploits0
Atlassian
Atlassianadded 2026/05/11 11:31 p.m.28 views

DoS (Denial of Service) at jackson-core dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 12.0.0 and 12.1.0 of Bamboo Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N allows an...

8.7CVSS5.7AI score0.00489EPSS
Exploits0
Total number of security vulnerabilities4295