Known Vulnerabilities for Jira by Atlassian
Listed below are 10 of the newest known vulnerabilities associated with "Jira" by "Atlassian".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42864 json | FireFighter is an incident management application. Prior to 0.0.54, the POST /api/v2/firefighter/raid/jira_bot endpoint (Crea... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-41103 json | Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized... | Not Provided | 2026-05-12 | 2026-05-15 |
| CVE-2026-40858 json | The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinis... | Not Provided | 2026-04-27 | 2026-04-28 |
| CVE-2026-12225 json | syracom AG Secure Login (2FA) for Atlassian Jira, Confluence, and Bitbucket 3.4.0.x contains an authentication bypass vulnera... | Not Provided | 2026-06-16 | 2026-06-21 |
| CVE-2026-6673 json | Mattermost versions 11.7.x <= 11.7.0, 11.6.x <= 11.6.2, 11.5.x <= 11.5.5, 10.11.x <= 10.11.17 fail to authenticate Atlassian ... | Not Provided | 2026-06-22 | 2026-06-22 |
| CVE-2026-4527 json | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.... | Not Provided | 2026-05-14 | 2026-05-14 |
| CVE-2026-3160 json | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 before 18.9.7, 18.10 before 18.10.6, and 18.1... | Not Provided | 2026-05-14 | 2026-05-14 |
| CVE-2026-2370 json | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 ... | Not Provided | 2026-03-30 | 2026-03-30 |
| CVE-2021-43953 json | Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to toggle the Thread Conten... | 4.3 - MEDIUM | 2022-02-15 | 2022-04-25 |
| CVE-2021-43952 json | Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to restore the default conf... | 4.3 - MEDIUM | 2022-02-15 | 2022-06-03 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Atlassian | Jira | 8.9.2 | |||
| Application | Atlassian | Jira | 8.9.1 | |||
| Application | Atlassian | Jira | 8.9.0 | |||
| Application | Atlassian | Jira | 8.8.2 | |||
| Application | Atlassian | Jira | 8.8.1 | |||
| Application | Atlassian | Jira | 8.8.0 | |||
| Application | Atlassian | Jira | 8.7.2 | |||
| Application | Atlassian | Jira | 8.7.1 | |||
| Application | Atlassian | Jira | 8.7.0 | |||
| Application | Atlassian | Jira | 8.6.2 | |||
| Application | Atlassian | Jira | 8.6.1 | |||
| Application | Atlassian | Jira | 8.6.0 | |||
| Application | Atlassian | Jira | 8.5.9 | |||
| Application | Atlassian | Jira | 8.5.8 | |||
| Application | Atlassian | Jira | 8.5.7 | |||
| Application | Atlassian | Jira | 8.5.6 | |||
| Application | Atlassian | Jira | 8.5.5 | |||
| Application | Atlassian | Jira | 8.5.4 | |||
| Application | Atlassian | Jira | 8.5.3 | |||
| Application | Atlassian | Jira | 8.5.2 |