Ritlabs Tinyweb
8 CVEs affecting Ritlabs Tinyweb. Latest disclosed: 2026-03-06. Critical: 3, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-27613 | Critical | 9.8 | 2026-02-25 | TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. A vulnerability in versions prior to 2.01 allows unauthenticated remote attackers to bypass… |
CVE-2026-22781 | Critical | 9.8 | 2026-01-12 | TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. TinyWeb HTTP Server before version 1.98 is vulnerable to OS command injection via CGI ISINDE… |
CVE-2026-28497 | Critical | 9.1 | 2026-03-06 | TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Prior to version 2.03, an integer overflow vulnerability in the string-to-integer conversion… |
CVE-2024-34199 | High | 8.6 | 2024-05-14 | TinyWeb 1.94 and below allows unauthenticated remote attackers to cause a denial of service (Buffer Overflow) when sending excessively large elements in the re… |
CVE-2026-29046 | High | 8.2 | 2026-03-06 | TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI en… |
CVE-2026-27633 | High | 7.5 | 2026-02-26 | TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service (DoS) vulnerability via memory exhau… |
CVE-2026-27630 | High | 7.5 | 2026-02-26 | TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service (DoS) attack known as S… |
CVE-2024-5193 | Medium | 5.3 | 2024-05-22 | A security vulnerability has been detected in Ritlabs TinyWeb Server 1.94. This vulnerability affects unknown code of the component Request Handler. The manipu… |