Aveva — Vulnerabilities & Security Advisories 46

Browse all 46 CVE security advisories affecting Aveva. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-5387	AVEVA Pipeline Simulation Missing Authorization — Pipeline Simulation 2025CWE-862	9.8	-	2026-04-15
CVE-2026-1507	Uncaught Exception vulnerability in AVEVA PI Data Archive — PI Data Archive PI ServerCWE-248	7.5	High	2026-02-10
CVE-2026-1495	Insertion of Sensitive Information into Log File vulnerability in AVEVA PI to CONNECT Agent — PI to CONNECT AgentCWE-532	6.5	Medium	2026-02-10
CVE-2025-64769	AVEVA Process Optimization Cleartext Transmission of Sensitive Information — Process OptimizationCWE-319	7.1	High	2026-01-16
CVE-2025-65117	AVEVA Process Optimization Use of Potentially Dangerous Function — Process OptimizationCWE-676	7.4	High	2026-01-16
CVE-2025-64729	AVEVA Process Optimization Missing Authorization — Process OptimizationCWE-862	8.1	High	2026-01-16
CVE-2025-65118	AVEVA Process Optimization Uncontrolled Search Path Element — Process OptimizationCWE-427	8.8	High	2026-01-16
CVE-2025-61943	AVEVA Process Optimization SQL Injection — Process OptimizationCWE-89	8.4	High	2026-01-16
CVE-2025-64691	AVEVA Process Optimization Code Injection — Process OptimizationCWE-94	8.8	High	2026-01-16
CVE-2025-61937	AVEVA Process Optimization Code Injection — Process OptimizationCWE-94	10.0	Critical	2026-01-16
CVE-2025-8386	AVEVA Application Server IDE Basic Cross-site Scripting — Application ServerCWE-80	6.9	Medium	2025-11-14
CVE-2025-9317	AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm — EdgeCWE-327	8.4	High	2025-11-14
CVE-2025-54460	AVEVA PI Integrator Unrestricted Upload of File with Dangerous Type — PI IntegratorCWE-434	7.1	High	2025-08-21
CVE-2025-41415	AVEVA PI Integrator Insertion of Sensitive Information into Sent Data — PI IntegratorCWE-201	6.5	Medium	2025-08-21
CVE-2025-36539	AVEVA PI Data Archive Uncaught Exception — PI Data ArchiveCWE-248	6.5	Medium	2025-06-12
CVE-2025-44019	AVEVA PI Data Archive Uncaught Exception — PI Data ArchiveCWE-248	7.1	High	2025-06-12
CVE-2025-2745	AVEVA PI Web API Cross-site Scripting — PI Web APICWE-79	6.5	Medium	2025-06-12
CVE-2025-4418	AVEVA PI Connector for CygNet Improper Validation of Integrity Check Value — PI Connector for CygNetCWE-354	4.4	Medium	2025-06-12
CVE-2025-4417	AVEVA PI Connector for CygNet Cross-site Scripting — PI Connector for CygNetCWE-79	5.5	Medium	2025-06-12
CVE-2024-6456	SQL Injection vulnerability in AVEVA Historian Server — Historian Web ServerCWE-89	8.8^AI	High^AI	2024-08-15
CVE-2024-7113	Allocation of Resources Without Limits or Throttling in AVEVA SuiteLink Server — SuiteLink ServerCWE-770	4.3^AI	Medium^AI	2024-08-13
CVE-2024-3468	Deserialization of Untrusted Data in AVEVA PI Web API — PI Web APICWE-502	8.8^AI	High^AI	2024-06-12
CVE-2024-3467	Deserialization of Untrusted Data in AVEVA PI Asset Framework Client — PI Asset Framework ClientCWE-502	8.8^AI	High^AI	2024-06-12
CVE-2023-6132	AVEVA Edge products Uncontrolled Search Path Element — AVEVA EdgeCWE-427	7.3	High	2024-02-29
CVE-2023-34348	Improper Check or Handling of Exceptional Conditions in Aveva PI Server — PI ServerCWE-703	7.5	High	2024-01-18
CVE-2023-31274	Missing Release of Resource after Effective Lifetime vulnerability in Aveva PI Server — PI ServerCWE-772	5.3	Medium	2024-01-18
CVE-2022-36970	AVEVA Edge 安全漏洞 — EdgeCWE-356	7.8	-	2023-03-29
CVE-2022-36969	AVEVA Edge 代码问题漏洞 — EdgeCWE-611	5.5	-	2023-03-29
CVE-2022-28688	AVEVA Edge 代码问题漏洞 — EdgeCWE-427	7.8	-	2023-03-29
CVE-2022-28687	AVEVA Edge 代码问题漏洞 — EdgeCWE-427	7.8	-	2023-03-29

This page lists every published CVE security advisory associated with Aveva. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Aveva — Vulnerabilities & Security Advisories 46