Known Vulnerabilities for Salt by Saltstack
Listed below are 10 of the newest known vulnerabilities associated with "Salt" by "Saltstack".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-46749 json | A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application uses a password... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-46395 json | HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the `hmacBase64()` function in ... | Not Provided | 2026-06-05 | 2026-06-05 |
| CVE-2026-45787 json | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-1... | Not Provided | 2026-05-28 | 2026-05-29 |
| CVE-2026-45027 json | WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes th... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-43873 json | WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php ech... | Not Provided | 2026-05-11 | 2026-05-12 |
| CVE-2026-42610 json | Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged user (EX: Content Editor with only pages.update pe... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-41893 json | Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoin... | Not Provided | 2026-05-09 | 2026-05-14 |
| CVE-2026-30789 json | Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulner... | Not Provided | 2026-03-05 | 2026-06-22 |
| CVE-2026-28742 json | Naxclow devices use a uniform request-signing scheme based on a hard-coded, platform-wide salt embedded in every firmware ima... | Not Provided | 2026-06-12 | 2026-06-12 |
| CVE-2026-11789 json | A flaw was found in 389 Directory Server. The SMD5 password storage plugin performs unsigned integer underflow when computing... | Not Provided | 2026-06-09 | 2026-06-09 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Saltstack | Salt | 3002.2 | |||
| Application | Saltstack | Salt | 3002.1 | |||
| Application | Saltstack | Salt | 3002 | |||
| Application | Saltstack | Salt | 3001.3 | |||
| Application | Saltstack | Salt | 3001.2 | |||
| Application | Saltstack | Salt | 3001.1 | |||
| Application | Saltstack | Salt | 3001 | |||
| Application | Saltstack | Salt | 3000.3 | |||
| Application | Saltstack | Salt | 3000.2 | |||
| Application | Saltstack | Salt | 3000.13 | |||
| Application | Saltstack | Salt | 3000.1 | |||
| Application | Saltstack | Salt | 3000.0 | |||
| Application | Saltstack | Salt | 3000 | |||
| Application | Saltstack | Salt | 2019.8.0 | |||
| Application | Saltstack | Salt | 2019.2.5 | |||
| Application | Saltstack | Salt | 2019.2.4 | |||
| Application | Saltstack | Salt | 2019.2.3 | |||
| Application | Saltstack | Salt | 2019.2.2 | |||
| Application | Saltstack | Salt | 2019.2.1 | |||
| Application | Saltstack | Salt | 2019.2.0 |