| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-57878 | BUG-000174149 - The Portal for ArcGIS has an unvalidated redirect. | Esri | Portal for ArcGIS | Medium | 6.1 | 2025-09-29 18:33:59 | Deep Dive |
| CVE-2025-57879 | BUG-000171009 - URL manipulation vulnerability in Portal for ArcGIS. | Esri | Portal for ArcGIS | Medium | 6.1 | 2025-09-29 18:33:07 | Deep Dive |
| CVE-2025-57876 | Stored XSS vulnerability in Portal for ArcGIS | Esri | Portal for ArcGIS | Medium | 4.8 | 2025-09-29 18:32:21 | Deep Dive |
| CVE-2025-55107 | BUG-000177335 ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability. | Esri | Portal for ArcGIS Enterprise Sites | Medium | 4.8 | 2025-08-21 19:30:00 | Deep Dive |
| CVE-2025-55106 | BUG-000173171 ArcGIS Enterprise Sites has a Cross-site Scripting vulnerability. | Esri | Portal for ArcGIS Enterprise Sites | Medium | 4.8 | 2025-08-21 19:29:37 | Deep Dive |
| CVE-2025-55105 | BUG-000177336 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability. | Esri | Portal for ArcGIS Enterprise Experience Sites | Medium | 4.8 | 2025-08-21 19:29:01 | Deep Dive |
| CVE-2025-55104 | BUG-000173918 - ArcGIS Enterprise Sites has a security vulnerability. | Esri | Portal for ArcGIS Enterprise Sites | Medium | 4.8 | 2025-08-21 19:28:43 | Deep Dive |
| CVE-2025-55103 | BUG-000177333 - ArcGIS Enterprise Sites has a stored Cross-site Scripting vulnerability. | Esri | Portal for ArcGIS Enterprise Sites | Medium | 4.8 | 2025-08-21 19:25:13 | Deep Dive |
| CVE-2025-6259 | esri-map-view <= 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via esri-map-view Shortcode | geoplay9 | esri-map-view | Medium | 6.4 | 2025-08-06 01:45:11 | Deep Dive |
| CVE-2025-4967 | Server Side Request Forgery (SSRF) vulnerability in Portal for ArcGIS | Esri | Portal for ArcGIS | Critical | 9.1 | 2025-05-29 19:58:48 | Deep Dive |
| CVE-2025-2538 | BUG-000174336 | Esri | Portal for ArcGIS | Critical | 9.8 | 2025-03-20 20:50:03 | Deep Dive |
| CVE-2024-51966 | Directory traversal vulnerability in ArcGIS Server | Esri | ArcGIS Server | Medium | 4.9 | 2025-03-03 19:59:14 | Deep Dive |
| CVE-2024-51963 | Stored XSS in ArcGIS Server Manager | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:59:01 | Deep Dive |
| CVE-2024-51962 | SQL injection vulnerability in ArcGIS Server | Esri | ArcGIS Server | High | 8.7 | 2025-03-03 19:58:49 | Deep Dive |
| CVE-2024-51961 | Local file inclusion (LFI) vulnerability in ArcGIS Server | Esri | ArcGIS Server | High | 7.5 | 2025-03-03 19:58:27 | Deep Dive |
| CVE-2024-51960 | Stored XSS in ArcGIS Server Administrator Directory | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:58:13 | Deep Dive |
| CVE-2024-51959 | Stored XSS issue in Server Admin API | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:58:02 | Deep Dive |
| CVE-2024-51958 | Directory traversal vulnerability in the admin api for service thumbnails | Esri | ArcGIS Server | Medium | 4.9 | 2025-03-03 19:57:48 | Deep Dive |
| CVE-2024-51957 | Stored XSS vulnerability in ArcGIS Rest Services Directory | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:57:36 | Deep Dive |
| CVE-2024-51956 | Stored XSS vulnerability in ArcGIS Server Administrator Directory | Esri | ArcGIS Server | Medium | 4.8 | 2025-03-03 19:53:45 | Deep Dive |