Xwiki

277 tracked vulnerabilities.

CVE-2026-26000 MEDIUM
XWiki Platform <17.9.0, <17.4.6, <16.10.13 - XSS
Feb 12, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-24128 MEDIUMNUCLEI
XWiki Platform <17.7.0 - XSS
Jan 24, 2026
CVSS 6.1
EPSS 0.00
CVE-2025-65091 CRITICAL
Xwiki Full Calendar Macro < 2.4.5 - SQL Injection
Jan 10, 2026
CVSS 10.0
EPSS 0.00
CVE-2025-65090 MEDIUM
Xwiki Full Calendar Macro < 2.4.6 - Information Disclosure
Jan 10, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-66474 HIGH
XWiki Rendering <17.5.0 - RCE
Dec 10, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-66473 HIGH
XWiki <17.6.0 - Info Disclosure
Dec 10, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-66472 MEDIUMNUCLEI
XWiki Platform <16.10.9, <17.0.0-rc-1 to <17.4.1 - XSS
Dec 10, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-65036 HIGH
XWiki Remote Macros <1.27.1 - RCE
Dec 05, 2025
CVSS 8.3
EPSS 0.01
CVE-2025-55749 HIGHNUCLEI
XWiki <16.10.11, 17.4.4, 17.7.0 - Info Disclosure
Dec 01, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-65089 MEDIUM
Xwiki Pro Macros < 1.27.0 - Missing Authorization
Nov 19, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-55728 CRITICAL
XWiki Remote Macros <1.26.5 - RCE
Sep 09, 2025
CVSS 10.0
EPSS 0.03
CVE-2025-55727 CRITICAL
XWiki Remote Macros <1.26.5 - RCE
Sep 09, 2025
CVSS 10.0
EPSS 0.07
CVE-2025-55748 HIGHNUCLEI
XWiki Platform <16.10.6 - Info Disclosure
Sep 03, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-55747 CRITICALNUCLEI
XWiki Platform <16.10.6 - Info Disclosure
Sep 03, 2025
CVSS 9.1
EPSS 0.01
CVE-2025-58049 MEDIUM
XWiki Platform <16.4.8-17.4.0-rc-1 - Info Disclosure
Aug 28, 2025
CVSS 5.8
EPSS 0.00
CVE-2025-51991 HIGHNUCLEI
Xwiki < 17.3.0 - Code Injection
Aug 20, 2025
CVSS 8.8
EPSS 0.02
CVE-2025-51990 MEDIUMNUCLEI
Xwiki < 17.3.0 - XSS
Aug 20, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-54125 MEDIUMNUCLEI
XWiki Platform <17.1.0 - Info Disclosure
Aug 06, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-54124 MEDIUM
XWiki Platform <17.1.0 - Info Disclosure
Aug 06, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-32430 MEDIUMNUCLEI
XWiki Platform - Cross-Site Scripting
Aug 06, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-54385 CRITICAL
Xwiki < 16.10.6 - Improper Input Validation
Jul 26, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-32429 CRITICALNUCLEI
XWiki Platform - SQL Injection
Jul 24, 2025
CVSS 9.8
EPSS 0.32
CVE-2025-53836 CRITICAL
XWiki Rendering <13.10.11-14.4.7-14.10 - RCE
Jul 15, 2025
CVSS 9.9
EPSS 0.02
CVE-2025-53835 CRITICAL
XWiki Rendering <14.10 - XSS
Jul 14, 2025
CVSS 9.0
EPSS 0.02
CVE-2025-49591 CRITICAL
Xwiki Cryptpad < 2025.3.0 - Improper Access Control
Jun 18, 2025
CVSS 9.1
EPSS 0.00
Products
xwiki 245 pro_macros 5 commons 4 cryptpad 4 xwiki-rendering 4 pdf_viewer_macro 3 full_calendar_macro 2 change_request 2 ckeditor_integration 2 admin_tools 1 xwiki_watch 1 application-collabora 1 application_licensing 1 confluence_migrator 1 oauth_identity 1 openid_connect 1 rendering 1 wiki-platform 1 xwiki_enterprise 1
Quick Filters
Critical CVEs With Exploits In CISA KEV