atlassian

468 tracked vulnerabilities.

CVE-2026-21571 CRITICAL
Atlassian Bamboo Data Center < 12.1.0 to 12.1.3 - Remote Code Execution
Apr 21, 2026
EPSS 0.01
CVE-2026-21570 HIGH
Bamboo Data Center Authenticated Remote Code Execution
Mar 17, 2026
EPSS 0.01
CVE-2026-21569 HIGH
Atlassian Crowd 7.1.0-7.1.2 - Authenticated XML External Entity Injection
Jan 28, 2026
CVSS 7.9
EPSS 0.00
CVE-2025-22178 MEDIUM
Jira Align 11.14.0-11.16.0 - Missing Authorization for Sensitive Endpoints
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22177 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22176 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22175 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization via Private Checklist Endpoint
Oct 22, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-22174 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22173 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22172 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization via Endpoint Access
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22171 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization in Private Checklist Modification
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22170 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization via State Parameter
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22169 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization via Endpoint Access
Oct 22, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-22168 MEDIUM
Jira Align 11.14.0-11.16.0 - Improper Authorization via Private Checklist Endpoint
Oct 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-22167 MEDIUM
Jira Software DC/Server <11.0.0 - Path Traversal
Oct 22, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-22166 HIGH
Confluence Data Center and Server 8.5.0-8.5.24 - Denial of Service
Oct 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-35115 HIGH
Agiloft 19-28 - Download of Code Without Integrity Check via Insecure HTTP Connection
Aug 26, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-35114 HIGH
Agiloft 19-28 - Use of Default Credentials
Aug 26, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-35113 MEDIUM
Agiloft 19-28 - Authenticated Remote Code Execution via EUI Template Injection
Aug 26, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-35112 MEDIUM
Agiloft 19-28 - Authenticated XML External Entity Injection via Import/Export Table Template
Aug 26, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-22165 HIGH
Sourcetree 4.2.8-4.2.11 - Authenticated Arbitrary Code Execution
Jul 24, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-22157 HIGH
Jira Core/JSM DC/Server <10.6 - Privilege Escalation
May 20, 2025
CVSS 8.8
EPSS 0.00
CVE-2024-21703 MEDIUM
Confluence Data Center and Server < 7.19.18 - Authenticated Sensitive Information Exposure via Windows Configuration
Nov 27, 2024
CVSS 6.4
EPSS 0.00
CVE-2024-21697 HIGH
Atlassian Sourcetree for Mac 4.2.8 and Sourcetree for Windows 3.4.19 - Unauthenticated Remote Code Execution
Nov 19, 2024
CVSS 8.8
EPSS 0.03
CVE-2024-21690 HIGH
Atlassian Confluence Data Center < 7.19.25 - XSS
Aug 21, 2024
CVSS 8.2
EPSS 0.01
Products
jira 142 jira_server 135 jira_data_center 79 crucible 52 fisheye 52 confluence_server 49 jira_software_data_center 39 data_center 38 confluence_data_center 36 bamboo 24 crowd 24 bitbucket 20 confluence 19 jira_service_management 16 sourcetree 15 jira_align 13 jira_service_desk 12 application_links 7 Atlassian Fisheye and Crucible 5 hipchat 5 agiloft 4 floodlight 4 Bamboo 3 bitbucket_data_center 3 companion 3 hipchat_server 3 questions_for_confluence 3 universal_plugin_manager 3 Atlassian Crucible 2 Bamboo Data Center 2
Quick Filters
Critical CVEs With Exploits In CISA KEV