| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33519 | Incorrect privilege assignment in Portal for ArcGIS | Esri | Portal for ArcGIS | Critical | 9.8 | 2026-04-21 20:38:29 | Deep Dive |
| CVE-2026-33518 | Incorrect privilege assignment in Portal for ArcGIS | Esri | Portal for ArcGIS | Critical | 9.8 | 2026-04-21 20:37:52 | Deep Dive |
| CVE-2026-1446 | XSS issue is Esri ArcGIS Pro versions 3.6.0 and earlier | Esri | ArcGIS Pro | Medium | 5.0 | 2026-01-26 17:24:12 | Deep Dive |
| CVE-2025-67711 | Reflected XSS vulnerability in ArcGIS Server. | Esri | ArcGIS Server | Medium | 6.1 | 2025-12-31 22:18:57 | Deep Dive |
| CVE-2025-67710 | Stored XSS vulnerability in ArcGIS Server | Esri | ArcGIS Server | Medium | 6.1 | 2025-12-31 22:18:17 | Deep Dive |
| CVE-2025-67709 | There is a cross site scripting issue in ArcGIS Server. | Esri | ArcGIS Server | Medium | 6.1 | 2025-12-31 22:17:41 | Deep Dive |
| CVE-2025-67708 | Reflected cross-site scripting (XSS) vulnerability in ArcGIS Server. | Esri | ArcGIS Server | Medium | 6.1 | 2025-12-31 22:17:09 | Deep Dive |
| CVE-2025-67707 | Unvalidated File Upload vulnerability in ArcGIS Server. | Esri | ArcGIS Server | Medium | 5.6 | 2025-12-31 22:16:15 | Deep Dive |
| CVE-2025-67706 | Unvalidated File Upload vulnerability in ArcGIS Server. | Esri | ArcGIS Server | Medium | 5.6 | 2025-12-31 22:15:44 | Deep Dive |
| CVE-2025-67705 | Reflected XSS vulnerability in ArcGIS Server. | Esri | ArcGIS Server | Medium | 6.1 | 2025-12-31 22:15:05 | Deep Dive |
| CVE-2025-67704 | Stored XSS vulnerability in ArcGIS Server. | Esri | ArcGIS Server | Medium | 6.1 | 2025-12-31 22:14:32 | Deep Dive |
| CVE-2025-67703 | Stored XSS vulnerability in ArcGIS Server. | Esri | ArcGIS Server | Medium | 6.1 | 2025-12-31 22:13:13 | Deep Dive |
| CVE-2025-67712 | HTML injection issue in ArcGIS Web App Builder | Esri | ArcGIS Web AppBuilder {Developer Edition) | Medium | 4.7 | 2025-12-19 20:05:42 | Deep Dive |
| CVE-2025-57870 | BUG-000179884 - There is a security vulnerability in ArcGIS Server Feature Services. | Esri | ArcGIS Server | Critical | 10.0 | 2025-10-22 14:26:23 | Deep Dive |
| CVE-2025-57871 | BUG-000174020 - Reflected XSS vulnerability identified in Portal for ArcGIS. (11.3, 11.1, 10.9.1) | Esri | Portal for ArcGIS | Medium | 4.8 | 2025-09-29 18:39:14 | Deep Dive |
| CVE-2025-57872 | BUG-000174150 - Unvalidated redirect in Portal for ArcGIS. | Esri | Portal for ArcGIS | Medium | 6.1 | 2025-09-29 18:38:35 | Deep Dive |
| CVE-2025-57873 | BUG-000175222 - Reflected XSS vulnerability in Portal for ArcGIS. | Esri | Portal for ArcGIS | Medium | 4.8 | 2025-09-29 18:37:55 | Deep Dive |
| CVE-2025-57874 | BUG-000161627 - Reflected XSS vulnerability in Portal for ArcGIS. (11.3, 11.1, 10.9.1) | Esri | Portal for ArcGIS | Medium | 4.8 | 2025-09-29 18:37:17 | Deep Dive |
| CVE-2025-57875 | BUG-000164122 - Reflected XSS vulnerability in Portal for ArcGIS. | Esri | Portal for ArcGIS | Medium | 4.8 | 2025-09-29 18:35:35 | Deep Dive |
| CVE-2025-57877 | Reflected XSS vulnerability in Portal for ArcGIS. | Esri | Portal for ArcGIS | Medium | 4.8 | 2025-09-29 18:34:59 | Deep Dive |