Snipeitapp: >> Snipe-It >> 7.0.12 Security Vulnerabilities
Snipe-IT before version 8.3.3 contains a remote code execution vulnerability that allows an authenticated attacker to upload a malicious backup file containing arbitrary files and execute system commands.
CVSS Score
9.9
EPSS Score
0.002
Published
2025-11-05
Snipe-IT before 8.1.18 allows unsafe deserialization.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-09-19
Snipe-IT before 8.1.18 allows XSS.
CVSS Score
6.4
EPSS Score
0.0
Published
2025-09-19
Grokability Snipe-IT before 8.1.0 has incorrect authorization for accessing asset information.
CVSS Score
5.0
EPSS Score
0.003
Published
2025-05-02