Package impact
Packagist / cockpit-hq/cockpit
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-38992 | critical | 9.8 | 9.8 | 29d ago | Cockpit is vulnerable to arbitrary code execution | |||
| CVE-2026-38991 | high | 8.8 | 8.8 | 29d ago | Cockpit Vulnerable to Unrestricted Upload of File with Dangerous Type | |||
| CVE-2026-38993 | medium | 6.5 | 6.5 | 29d ago | Cockpit is vulnerable to directory traversal | |||
| CVE-2026-6626 | medium | 6.3 | 6.3 | 1mo ago | Cockpit has NoSQL Injection Through Content Aggregation Pipelines | |||
| CVE-2026-23695 | medium | 5.4 | 5.4 | 13d ago | Cockpit CMS: Stored cross-site scripting vulnerability in the Set field type's Display template option |