Known Vulnerabilities for Confluence by Atlassian
Listed below are 10 of the newest known vulnerabilities associated with "Confluence" by "Atlassian".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-27826 json | MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0,... | Not Provided | 2026-03-10 | 2026-03-10 |
| CVE-2026-27825 json | MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0,... | Not Provided | 2026-03-10 | 2026-03-10 |
| CVE-2026-21571 json | This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, ... | Not Provided | 2026-04-21 | 2026-04-21 |
| CVE-2021-37412 json | The TechRadar app 1.1 for Confluence Server allows XSS via the Title field of a Radar. | 6.1 - MEDIUM | 2021-09-15 | 2023-01-24 |
| CVE-2021-26085 json | Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization ... | 5.3 - MEDIUM | 2021-08-03 | 2023-08-08 |
| CVE-2021-26084 json | In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthe... | 9.8 - CRITICAL | 2021-08-30 | 2023-08-08 |
| CVE-2021-26072 json | The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6 allowed remote attackers to m... | 4.3 - MEDIUM | 2021-04-01 | 2022-07-27 |
| CVE-2020-29450 json | Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to impact the application's availabil... | 6.5 - MEDIUM | 2021-01-19 | 2022-08-30 |
| CVE-2020-29448 json | The ConfluenceResourceDownloadRewriteRule class in Confluence Server and Confluence Data Center before version 6.13.18, from ... | 5.3 - MEDIUM | 2021-02-22 | 2022-07-27 |
| CVE-2020-29445 json | Affected versions of Confluence Server before 7.4.8, and versions from 7.5.0 before 7.11.0 allow attackers to identify intern... | 4.3 - MEDIUM | 2021-05-07 | 2022-05-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Atlassian | Confluence | 7.6.1 | |||
| Application | Atlassian | Confluence | 7.6 | |||
| Application | Atlassian | Confluence | 7.5.2 | |||
| Application | Atlassian | Confluence | 7.5.1 | |||
| Application | Atlassian | Confluence | 7.5.0 | |||
| Application | Atlassian | Confluence | 7.4.2 | |||
| Application | Atlassian | Confluence | 7.4.1 | |||
| Application | Atlassian | Confluence | 7.4 | |||
| Application | Atlassian | Confluence | 7.3.5 | |||
| Application | Atlassian | Confluence | 7.3.4 | |||
| Application | Atlassian | Confluence | 7.3.3 | |||
| Application | Atlassian | Confluence | 7.3.2 | |||
| Application | Atlassian | Confluence | 7.3.1 | |||
| Application | Atlassian | Confluence | 7.3 | |||
| Application | Atlassian | Confluence | 7.2.2 | |||
| Application | Atlassian | Confluence | 7.2.1 | |||
| Application | Atlassian | Confluence | 7.2.0 | |||
| Application | Atlassian | Confluence | 7.1.2 | |||
| Application | Atlassian | Confluence | 7.1.1 | |||
| Application | Atlassian | Confluence | 7.1.0 |