VIR Vulnerability Intelligence Relay

Package impact

php Packagist / cockpit-hq/cockpit

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-38992 critical 9.8 9.8 29d ago Cockpit is vulnerable to arbitrary code execution php
CVE-2026-38991 high 8.8 8.8 29d ago Cockpit Vulnerable to Unrestricted Upload of File with Dangerous Type php
CVE-2026-38993 medium 6.5 6.5 29d ago Cockpit is vulnerable to directory traversal php
CVE-2026-6626 medium 6.3 6.3 1mo ago Cockpit has NoSQL Injection Through Content Aggregation Pipelines php
CVE-2026-23695 medium 5.4 5.4 13d ago Cockpit CMS: Stored cross-site scripting vulnerability in the Set field type's Display template option php
CVE-2026-31891 unknown 2mo ago Cockpit CMS has SQL Injection in MongoLite Aggregation Optimizer via toJsonExtractRaw() php
CVE-2025-7053 unknown 11mo ago Cockpit - Content Platform vulnerable to XSS through name or email argument names php
CVE-2025-1025 unknown 1y ago Cockpit Arbitrary File Upload php
CVE-2024-4825 unknown 2y ago Cockpit CMS contains an arbitrary file upload vulenrability php
CVE-2024-2001 unknown 2y ago Cockpit CMS Cross-Site Scripting vulnerability php
CVE-2023-41564 unknown 3y ago Cockpit CMS arbitrary file upload vulnerability php
CVE-2023-4451 unknown 3y ago Cockpit Cross-site Scripting vulnerability php
CVE-2023-4432 unknown 3y ago Cockpit Cross-site Scripting vulnerability php
CVE-2023-4433 unknown 3y ago Cockpit Cross-site Scripting vulnerability php
CVE-2023-4422 unknown 3y ago Cockpit Cross-site Scripting vulnerability php
CVE-2023-4395 unknown 3y ago Cockpit Cross-site Scripting vulnerability php
CVE-2023-4321 unknown 3y ago Cockpit Cross-site Scripting vulnerability php
CVE-2023-4195 unknown 3y ago Cockpit PHP Remote File Inclusion vulnerability php
CVE-2023-4196 unknown 3y ago Cockpit Cross-site Scripting vulnerability php
CVE-2023-37649 unknown 3y ago Cockpit CMS vulnerable to incorrect access control php
CVE-2023-37650 unknown 3y ago Cockpit CMS Cross-Site Request Forgery vulnerability php
CVE-2023-1313 unknown 3y ago cockpit-hq/cockpit is vulnerable to unrestricted file uploads php
CVE-2023-1160 unknown 3y ago Cockpit Uses Platform-Dependent Third Party Components php
CVE-2023-0780 unknown 3y ago Improper Restriction of Rendered UI Layers or Frames in cockpit-hq/cockpit php
CVE-2023-0759 unknown 3y ago privilege chaining in cockpit-hq/cockpit php
CVE-2022-2818 unknown 4y ago Cockpit Content Platform vulnerable to 2FA bypass php