Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: kimai Clear
ID Title
CVE-2026-44298 Path Traversal in kimai/kimai (CVE-2026-44298)
path traversal in kimai/kimai (CVE-2026-44298). Risk of unauthorized operations or information disclosure. Exploitable via ``ROLE_SYSTE_ADMIN``. Mitigation: upgrade to `2.56` or later.
CVE-2026-42267 Vulnerability in kimai/kimai (CVE-2026-42267)
vulnerability in kimai/kimai (CVE-2026-42267). Data can be tampered with by attackers. Exploitable via `POST /api/tags`. Mitigation: upgrade to `2.54.0` or later.
CVE-2026-41498 Vulnerability in kimai/kimai (CVE-2026-41498)
vulnerability in kimai/kimai (CVE-2026-41498). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.54.0` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →