Known Vulnerabilities for Control-m/server by Bmc
Listed below are 10 of the newest known vulnerabilities associated with "Control-m/server" by "Bmc".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-57527 json | Zed Attack Proxy (ZAP) ViewState add-on before version 4 contains an insecure deserialization vulnerability that allows attac... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-57521 json | Bitwarden Server before 2026.5.0 contains a broken access control vulnerability that allows any authenticated user to access ... | Not Provided | 2026-06-25 | 2026-06-26 |
| CVE-2026-57303 json | Jenkins Assembla Plugin 1.4 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allow... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-56277 json | Flowise before 3.1.2 sets Access-Control-Allow-Origin to a hardcoded wildcard (*) on its text-to-speech (TTS) generation endp... | Not Provided | 2026-06-30 | 2026-07-01 |
| CVE-2026-56231 json | Capgo before 12.128.2 contains a broken object level authorization (BOLA) vulnerability in the POST /build/start/:jobId and P... | Not Provided | 2026-06-24 | 2026-06-25 |
| CVE-2026-56115 json | Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low-privileged users to perf... | Not Provided | 2026-06-23 | 2026-06-25 |
| CVE-2026-55793 json | Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can ... | Not Provided | 2026-07-01 | 2026-07-02 |
| CVE-2026-55792 json | Craft CMS is a content management system (CMS). In versions starting from 4.0.0-RC1 and prior to 4.18.0, and 5.0.0-RC1 and ab... | Not Provided | 2026-07-02 | 2026-07-02 |
| CVE-2026-54753 json | Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP s... | Not Provided | 2026-06-26 | 2026-06-26 |
| CVE-2026-54318 json | Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.5.3, the Loca... | Not Provided | 2026-06-23 | 2026-06-24 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bmc | Control-m/server | 6.4.1 |