Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-44298 |
|
Path Traversal in kimai/kimai (CVE-2026-44298)
path traversal in kimai/kimai (CVE-2026-44298). Risk of unauthorized operations or information disclosure. Exploitable via ``ROLE_SYSTE_ADMIN``. Mitigation: upgrade to `2.56` or later.
|
| CVE-2026-42267 |
|
Vulnerability in kimai/kimai (CVE-2026-42267)
vulnerability in kimai/kimai (CVE-2026-42267). Data can be tampered with by attackers. Exploitable via `POST /api/tags`. Mitigation: upgrade to `2.54.0` or later.
|
| CVE-2026-41498 |
|
Vulnerability in kimai/kimai (CVE-2026-41498)
vulnerability in kimai/kimai (CVE-2026-41498). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.54.0` or later.
|