Package impact
Packagist / cockpit-hq/cockpit
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-38991 | high | 8.8 | 8.8 | 29d ago | Cockpit Vulnerable to Unrestricted Upload of File with Dangerous Type | |
| CVE-2026-38993 | medium | 6.5 | 6.5 | 29d ago | Cockpit is vulnerable to directory traversal | |
| CVE-2026-6626 | medium | 6.3 | 6.3 | 1mo ago | Cockpit has NoSQL Injection Through Content Aggregation Pipelines | |
| CVE-2026-23695 | medium | 5.4 | 5.4 | 13d ago | Cockpit CMS: Stored cross-site scripting vulnerability in the Set field type's Display template option |