Projectdiscovery Nuclei
7 CVEs affecting Projectdiscovery Nuclei. Latest disclosed: 2026-05-08. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-37896 | High | 7.5 | 2023-08-04 | Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running cust… |
CVE-2024-43405 | High | 7.4 | 2024-09-04 | Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template s… |
CVE-2024-40641 | High | 7.4 | 2024-07-17 | Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL. In affected versions it a way to execute code template without -code o… |
CVE-2024-27920 | High | 7.4 | 2024-03-15 | projectdiscovery/nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. A significant security oversight was identified in Nuc… |
CVE-2026-41646 | Medium | 5.5 | 2026-05-08 | Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's JavaScript protocol… |
CVE-2026-41645 | Medium | 5.3 | 2026-05-08 | Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's expression evaluati… |
CVE-2026-41282 | Medium | 4.0 | 2026-04-20 | ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets (not t… |