Cockpit-project Cockpit

5 CVEs affecting Cockpit-project Cockpit. Latest disclosed: 2026-07-02. Critical: 0, High: 3.

Top CVEs affecting Cockpit-project Cockpit
CVESeverityScorePublishedSummary
CVE-2026-58467High7.52026-07-02Cockpit CMS before release 364 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files o…
CVE-2021-3698High7.52022-03-10A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD)…
CVE-2019-3804High7.52019-03-26It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated at…
CVE-2020-35850Medium6.52020-12-30An SSRF issue was discovered in cockpit-project.org Cockpit 234. NOTE: this is unrelated to the Agentejo Cockpit product. NOTE: the vendor states "I don't thin…
CVE-2021-3660Medium4.32022-03-10Cockpit (and its plugins) do not seem to protect itself against clickjacking. It is possible to render a page from a cockpit server via another website, inside…