Icewhaletech Zimaos
12 CVEs affecting Icewhaletech Zimaos. Latest disclosed: 2026-04-03. Critical: 2, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-21891 | Critical | 9.4 | 2026-01-08 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions up to and including 1.5.0, the application checks th… |
CVE-2026-28798 | Critical | 9.1 | 2026-04-03 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. Prior to version 1.5.3, a proxy endpoint (/v1/sys/proxy) exposed… |
CVE-2026-28442 | High | 8.6 | 2026-03-05 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting inter… |
CVE-2026-28286 | High | 8.6 | 2026-03-02 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in… |
CVE-2024-49359 | High | 7.5 | 2024-10-24 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoint `http… |
CVE-2024-49357 | High | 7.5 | 2024-10-24 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoints in Zi… |
CVE-2024-48931 | High | 7.5 | 2024-10-24 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the ZimaOS API endpoint… |
CVE-2025-64427 | High | 7.1 | 2026-03-02 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.0 and prior, due to insufficient validation or re… |
CVE-2024-49358 | Medium | 5.3 | 2024-10-24 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.2.4 and all prior versions, the API endpoint `http… |
CVE-2024-48932 | Medium | 5.3 | 2024-10-24 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In versions below 1.5.0, the API endpoint `http://<Server-ip>/v1… |
CVE-2025-58432 | | 2025-09-17 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and all prior versions, the /v2_1/files/file/up… | |
CVE-2025-58431 | | 2025-09-17 | ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.4.1 and earlier, the /v2_1/files/file/download endp… |