Netapp

2,502 tracked vulnerabilities.

CVE-2026-22050 MEDIUM
Netapp Ontap - IDOR
Jan 12, 2026
CVSS 4.3
EPSS 0.00
CVE-2025-26517 MEDIUM
Netapp Storagegrid < 11.8.0.15 - Incorrect Privilege Assignment
Sep 19, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-26516 MEDIUM
Netapp Storagegrid < 11.8.0.15 - Denial of Service
Sep 19, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-26515 HIGH
Netapp Storagegrid < 11.8.0.15 - SSRF
Sep 19, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-26514 MEDIUM
Netapp Storagegrid < 11.8.0.15 - XSS
Sep 19, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-26513 HIGH
Netapp San Host Utilities < 8.0 - Improper Privilege Management
Aug 07, 2025
CVSS 7.0
EPSS 0.00
CVE-2025-27820 HIGH
Apache Httpclient < 5.4.3 - Improper Certificate Validation
Apr 24, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-30722 MEDIUM
Oracle MySQL <9.2.0 - Unauthorized Access
Apr 15, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-30691 MEDIUM
Oracle Graalvm For Jdk - Improper Access Control
Apr 15, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-21583 MEDIUM
Oracle Mysql Server - Incorrect Permission Assignment
Apr 15, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-31672 MEDIUM
Apache POI - Info Disclosure
Apr 09, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-1861 CRITICAL
PHP <8.1.32, <8.2.28, <8.3.19, <8.4.5 - Info Disclosure
Mar 30, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-1736 HIGH
Php < 8.1.32 - Improper Input Validation
Mar 30, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-1734 MEDIUM
Php < 8.1.32 - Improper Input Validation
Mar 30, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-26512 CRITICAL
Netapp Snapcenter < 6.0.1 - Incorrect Privilege Assignment
Mar 24, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-29768 MEDIUM
Vim <9.1.1198 - Info Disclosure
Mar 13, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-25292 CRITICAL
ruby-saml <1.12.4,1.18.0 - Auth Bypass
Mar 12, 2025
CVSS 9.8
EPSS 0.04
CVE-2025-25291 CRITICALNUCLEI
ruby-saml <1.12.4,1.18.0 - Auth Bypass
Mar 12, 2025
CVSS 9.8
EPSS 0.14
CVE-2024-54085 CRITICALKEV
AMI's SPx - Auth Bypass
Mar 11, 2025
CVSS 9.8
EPSS 0.08
CVE-2025-24813 CRITICALKEVNUCLEI
Tomcat Partial PUT Java Deserialization
Mar 10, 2025
CVSS 9.8
EPSS 0.94
CVE-2025-27423 HIGH
Vim <9.1.0858 - Command Injection
Mar 03, 2025
CVSS 7.1
EPSS 0.01
CVE-2025-24928 HIGH
libxml2 <2.12.10 & 2.13.x <2.13.6 - Buffer Overflow
Feb 18, 2025
CVSS 7.8
EPSS 0.00
CVE-2024-56171 HIGH
Xmlsoft Libxml2 < 2.12.10 - Use After Free
Feb 18, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-26603 MEDIUM
Vim < 9.1.1115 - Use After Free
Feb 18, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-26465 MEDIUM
OpenSSH - Info Disclosure
Feb 18, 2025
CVSS 6.8
EPSS 0.59
Products
oncommand_insight 969 active_iq_unified_manager 846 oncommand_workflow_automation 743 snapcenter 575 cloud_backup 345 h700s_firmware 289 h410s_firmware 288 h300s_firmware 288 h500s_firmware 288 e-series_santricity_os_controller 242 h410c_firmware 236 steelstore_cloud_integrated_storage 211 solidfire 192 clustered_data_ontap 187 hci_management_node 182 snapmanager 180 ontap_select_deploy_administration_utility 178 oncommand_unified_manager 169 h700e_firmware 149 h500e_firmware 148 h300e_firmware 148 e-series_santricity_storage_manager 140 storage_automation_store 113 solidfire_\&_hci_management_node 103 element_software 100 e-series_santricity_web_services 99 oncommand_balance 83 santricity_unified_manager 77 7-mode_transition_tool 75 oncommand_performance_manager 73
Quick Filters
Critical CVEs With Exploits In CISA KEV