Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-45187
Improper Authorization vulnerability in Apache OFBiz Webtools. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-05-19
CVE-2026-45434
Improper Authentication vulnerability in Apache OFBiz via Password-Change Logic Flaw Leading to Remote Code Execution This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-05-19
CVE-2026-46586
Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-05-19
CVE-2026-31378
Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
6.5
EPSS Score
0.003
Published
2026-05-19
CVE-2026-31379
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
6.1
EPSS Score
0.002
Published
2026-05-19
CVE-2026-31380
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-05-19
CVE-2026-31387
Improper Authentication vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
5.3
EPSS Score
0.001
Published
2026-05-19
CVE-2026-31388
Improper Access Control vulnerability in Apache OFBiz in multi-tenant deployments. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
5.3
EPSS Score
0.002
Published
2026-05-19
CVE-2026-31906
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
6.1
EPSS Score
0.002
Published
2026-05-19
CVE-2026-31909
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-05-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved