VIR Vulnerability Intelligence Relay

Package impact

php Packagist / cockpit-hq/cockpit

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-38992 critical 9.8 9.8 1mo ago Cockpit is vulnerable to arbitrary code execution
CVE-2026-38991 high 8.8 8.8 1mo ago Cockpit Vulnerable to Unrestricted Upload of File with Dangerous Type
CVE-2026-38993 medium 6.5 6.5 1mo ago Cockpit is vulnerable to directory traversal
CVE-2026-6626 medium 6.3 6.3 2mo ago Cockpit has NoSQL Injection Through Content Aggregation Pipelines
CVE-2026-23695 medium 5.4 5.4 19d ago Cockpit CMS: Stored cross-site scripting vulnerability in the Set field type's Display template option
CVE-2026-31891 unknown 3mo ago Cockpit CMS has SQL Injection in MongoLite Aggregation Optimizer via toJsonExtractRaw()
CVE-2025-7053 unknown 11mo ago Cockpit - Content Platform vulnerable to XSS through name or email argument names
CVE-2025-1025 unknown 1y ago Cockpit Arbitrary File Upload
CVE-2024-4825 unknown 2y ago Cockpit CMS contains an arbitrary file upload vulenrability
CVE-2024-2001 unknown 2y ago Cockpit CMS Cross-Site Scripting vulnerability
CVE-2023-41564 unknown 3y ago Cockpit CMS arbitrary file upload vulnerability
CVE-2023-4451 unknown 3y ago Cockpit Cross-site Scripting vulnerability
CVE-2023-4432 unknown 3y ago Cockpit Cross-site Scripting vulnerability
CVE-2023-4433 unknown 3y ago Cockpit Cross-site Scripting vulnerability
CVE-2023-4422 unknown 3y ago Cockpit Cross-site Scripting vulnerability
CVE-2023-4395 unknown 3y ago Cockpit Cross-site Scripting vulnerability
CVE-2023-4321 unknown 3y ago Cockpit Cross-site Scripting vulnerability
CVE-2023-4195 unknown 3y ago Cockpit PHP Remote File Inclusion vulnerability
CVE-2023-4196 unknown 3y ago Cockpit Cross-site Scripting vulnerability
CVE-2023-37649 unknown 3y ago Cockpit CMS vulnerable to incorrect access control
CVE-2023-37650 unknown 3y ago Cockpit CMS Cross-Site Request Forgery vulnerability
CVE-2023-1313 unknown 3y ago cockpit-hq/cockpit is vulnerable to unrestricted file uploads
CVE-2023-1160 unknown 3y ago Cockpit Uses Platform-Dependent Third Party Components
CVE-2023-0780 unknown 3y ago Improper Restriction of Rendered UI Layers or Frames in cockpit-hq/cockpit
CVE-2023-0759 unknown 3y ago privilege chaining in cockpit-hq/cockpit
CVE-2022-2818 unknown 4y ago Cockpit Content Platform vulnerable to 2FA bypass