Known Vulnerabilities for Snipe-IT by Grokability Inc.
Listed below are 4 of the newest known vulnerabilities associated with "Snipe-IT" by "Grokability Inc.".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-38533 json | An improper authorization vulnerability in the /api/v1/users/{id} endpoint of Snipe-IT v8.4.0 allows authenticated attackers ... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2025-63743 json | Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows... | Not Provided | 2026-04-13 | 2026-04-14 |
| CVE-2025-23776 json | Missing Authorization vulnerability in ekaterir Cache Sniper for Nginx snipe-nginx-cache allows Exploiting Incorrectly Config... | Not Provided | 2025-01-16 | 2026-04-01 |
| CVE-2025-15602 json | Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insufficiently prot... | Not Provided | 2026-03-06 | 2026-03-09 |