Known Vulnerabilities for Networkmanager by Gnome

Listed below are 10 of the newest known vulnerabilities associated with "Networkmanager" by "Gnome".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-33906 Ella Core is a 5G core designed for private networks. Prior to version 1.7.0, the NetworkManager role was granted backup and ... Not Provided 2026-03-27 2026-03-31
CVE-2021-20297 A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkMana... 5.5 - MEDIUM 2021-05-26 2021-06-03
CVE-2020-10754 It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path s... 4.3 - MEDIUM 2020-06-08 2023-11-07
CVE-2018-1000135 GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that ... 7.5 - HIGH 2018-03-20 2019-06-03
CVE-2015-0272 GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value i... 5 - MEDIUM 2015-11-17 2023-02-13
CVE-2012-2736 In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/i... 4.4 - MEDIUM 2019-12-26 2020-08-18
CVE-2012-1096 NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection v... 5.5 - MEDIUM 2020-03-10 2020-03-10
CVE-2011-3364 Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for ... 6.9 - MEDIUM 2011-11-04 2012-01-19
CVE-2011-2176 GNOME NetworkManager before 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to ... 2.1 - LOW 2011-09-02 2012-01-19
CVE-2011-1943 The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedo... 2.1 - LOW 2011-06-14 2021-11-02
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationGnomeNetworkmanager1.9.90AllAllAll
ApplicationGnomeNetworkmanager1.9.3AllAllAll
ApplicationGnomeNetworkmanager1.9.2AllAllAll
ApplicationGnomeNetworkmanager1.8.8AllAllAll
ApplicationGnomeNetworkmanager1.8.6AllAllAll
ApplicationGnomeNetworkmanager1.8.4AllAllAll
ApplicationGnomeNetworkmanager1.8.2AllAllAll
ApplicationGnomeNetworkmanager1.8.0AllAllAll
ApplicationGnomeNetworkmanager1.7.92AllAllAll
ApplicationGnomeNetworkmanager1.7.91AllAllAll
ApplicationGnomeNetworkmanager1.7.2AllAllAll
ApplicationGnomeNetworkmanager1.6.4AllAllAll
ApplicationGnomeNetworkmanager1.6.2AllAllAll
ApplicationGnomeNetworkmanager1.6.0AllAllAll
ApplicationGnomeNetworkmanager1.5.91AllAllAll
ApplicationGnomeNetworkmanager1.5.90AllAllAll
ApplicationGnomeNetworkmanager1.5.3AllAllAll
ApplicationGnomeNetworkmanager1.5.2AllAllAll
ApplicationGnomeNetworkmanager1.4.6AllAllAll
ApplicationGnomeNetworkmanager1.4.4AllAllAll
Results limited to 20 most recent known configurations
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report