Ritlabs Tinyweb

8 CVEs affecting Ritlabs Tinyweb. Latest disclosed: 2026-03-06. Critical: 3, High: 4.

Top CVEs affecting Ritlabs Tinyweb
CVESeverityScorePublishedSummary
CVE-2026-27613Critical9.82026-02-25TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. A vulnerability in versions prior to 2.01 allows unauthenticated remote attackers to bypass…
CVE-2026-22781Critical9.82026-01-12TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. TinyWeb HTTP Server before version 1.98 is vulnerable to OS command injection via CGI ISINDE…
CVE-2026-28497Critical9.12026-03-06TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Prior to version 2.03, an integer overflow vulnerability in the string-to-integer conversion…
CVE-2024-34199High8.62024-05-14TinyWeb 1.94 and below allows unauthenticated remote attackers to cause a denial of service (Buffer Overflow) when sending excessively large elements in the re…
CVE-2026-29046High8.22026-03-06TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI en…
CVE-2026-27633High7.52026-02-26TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service (DoS) vulnerability via memory exhau…
CVE-2026-27630High7.52026-02-26TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service (DoS) attack known as S…
CVE-2024-5193Medium5.32024-05-22A security vulnerability has been detected in Ritlabs TinyWeb Server 1.94. This vulnerability affects unknown code of the component Request Handler. The manipu…