Known Vulnerabilities for Arcgis For Server by Esri
Listed below are 5 of the newest known vulnerabilities associated with "Arcgis For Server" by "Esri".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-13020 json | A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal for ArcGIS versions 12.1 and earlier on Windo... | Not Provided | 2026-07-07 | 2026-07-08 |
| CVE-2026-9182 json | Esri ArcGIS Server contains an unrestricted file upload vulnerability. An unauthenticated attacker could exploit this issue b... | Not Provided | 2026-07-06 | 2026-07-08 |
| CVE-2026-9181 json | Esri ArcGIS Server contains a directory traversal vulnerability. ArcGIS Enterprise on Kubernetes is not impacted. An unauthen... | Not Provided | 2026-07-06 | 2026-07-08 |
| CVE-2026-2813 json | ArcGIS Server contains an input validation weakness in the login redirection workflow. An Authenticated attacker could exploi... | Not Provided | 2026-05-20 | 2026-05-20 |
| CVE-2026-2812 json | ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticate... | Not Provided | 2026-05-20 | 2026-05-20 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Esri | Arcgis For Server | 10.1.1 |