Heimdall Application Dashboard Security Vulnerabilities and Issues — Heimdall Application Dashboard CVE List

Lucene search

LinuxserverHeimdall Application Dashboard

3 matches found

CVE•added 2024/04/01 12:15 a.m.•49 views

CVE-2023-51803

LinuxServer.io Heimdall before 2.5.7 does not prevent use of icons that have non-image data such as the "" substring.

9.8CVSS6.8AI score0.00084EPSS

CVE•added 2024/11/05 11:15 p.m.•49 views

CVE-2024-51358

An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application.

9.8CVSS7.8AI score0.09717EPSS

CVE•added 2025/07/30 4:15 p.m.•7 views

CVE-2025-50578

LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP headers, specifically X-Forwarded-Host and Referer. An unauthenticated remote attacker can manipulate these headers to perform Host Header Injection and Open Redirect attacks. This allows the loading o...

9.8CVSS7.6AI score0.00219EPSS