| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-23892 | OctoPrint has Timing Side-Channel Vulnerability in API Key Authentication | OctoPrint | OctoPrint | - | - | 2026-01-27 18:35:31 | Deep Dive |
| CVE-2025-64187 | OctoPrint is vulnerable to XSS through Action Command Notifications and Prompts | OctoPrint | OctoPrint | 高危 | - | 2025-11-07 03:11:34 | Deep Dive |
| CVE-2025-62169 | OctoPrint-SpoolManager Plugin APIs do not enforce authentication | WildRikku | OctoPrint-SpoolManager | High | 8.1 | 2025-10-23 16:09:20 | Deep Dive |
| CVE-2025-58180 | OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload | OctoPrint | OctoPrint | - | - | 2025-09-09 19:34:15 | Deep Dive |
| CVE-2025-48879 | OctoPrint Vulnerable to Denial of Service through malformed HTTP request | OctoPrint | OctoPrint | Medium | 6.5 | 2025-06-10 15:23:54 | Deep Dive |
| CVE-2025-48067 | OctoPrint vulnerable to possible file extraction via upload endpoints | OctoPrint | OctoPrint | Medium | 5.4 | 2025-06-10 15:19:44 | Deep Dive |
| CVE-2025-32788 | OctoPrint Authenticated Reverse Proxy Page Authentication Bypass | OctoPrint | OctoPrint | Medium | 4.3 | 2025-04-22 17:14:40 | Deep Dive |
| CVE-2024-49377 | Jinja2 Templates are vulnerable to XSS attacks due to their configuration in OctoPrint | OctoPrint | OctoPrint | Medium | 5.5 | 2024-11-05 18:20:27 | Deep Dive |
| CVE-2024-51493 | API key access in settings without reauthentication in OctoPrint | OctoPrint | OctoPrint | Medium | 5.3 | 2024-11-05 18:17:30 | Deep Dive |
| CVE-2024-32977 | OctoPrint Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled | OctoPrint | OctoPrint | High | 7.1 | 2024-05-14 13:49:21 | Deep Dive |
| CVE-2024-28237 | OctoPrint XSS via the "Snapshot Test" feature in Classic Webcam plugin settings | OctoPrint | OctoPrint | Medium | 4.0 | 2024-03-18 21:17:08 | Deep Dive |
| CVE-2024-23637 | OctoPrint Unverified Password Change via Access Control Settings | OctoPrint | OctoPrint | Medium | 4.2 | 2024-01-31 18:01:58 | Deep Dive |
| CVE-2023-41047 | Improper Neutralization of Special Elements Used in a Template Engine in OctoPrint | OctoPrint | OctoPrint | Medium | 6.2 | 2023-10-09 15:18:06 | Deep Dive |
| CVE-2022-3607 | Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in octoprint/octoprint | octoprint | octoprint/octoprint | 中危 | - | 2022-10-19 00:00:00 | Deep Dive |
| CVE-2022-3068 | Improper Privilege Management in octoprint/octoprint | octoprint | octoprint/octoprint | 高危 | - | 2022-09-21 11:55:09 | Deep Dive |
| CVE-2022-2888 | Insufficient Session Expiration in octoprint/octoprint | octoprint | octoprint/octoprint | 中危 | - | 2022-09-21 11:25:08 | Deep Dive |
| CVE-2022-2872 | Unrestricted Upload of File with Dangerous Type in octoprint/octoprint | octoprint | octoprint/octoprint | 中危 | - | 2022-09-21 09:55:08 | Deep Dive |
| CVE-2022-2930 | Unverified Password Change in octoprint/octoprint | octoprint | octoprint/octoprint | 高危 | - | 2022-08-22 11:35:11 | Deep Dive |
| CVE-2022-2822 | Authentication Bypass by Primary Weakness in octoprint/octoprint | octoprint | octoprint/octoprint | 高危 | - | 2022-08-15 10:30:17 | Deep Dive |
| CVE-2022-1432 | Cross-site Scripting (XSS) - Generic in octoprint/octoprint | octoprint | octoprint/octoprint | 中危 | - | 2022-05-18 10:10:10 | Deep Dive |