Known Vulnerabilities for Salt by Saltstack
Listed below are 10 of the newest known vulnerabilities associated with "Salt" by "Saltstack".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45787 json | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-1... | Not Provided | 2026-05-28 | 2026-05-28 |
| CVE-2026-45027 json | WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes th... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-43873 json | WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php ech... | Not Provided | 2026-05-11 | 2026-05-12 |
| CVE-2026-42610 json | Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged user (EX: Content Editor with only pages.update pe... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-41893 json | Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoin... | Not Provided | 2026-05-09 | 2026-05-14 |
| CVE-2026-9370 json | A weakness has been identified in ulisesbocchio jasypt-spring-boot up to 3.0.5/4.0.4. Affected by this vulnerability is the f... | Not Provided | 2026-05-24 | 2026-05-24 |
| CVE-2026-5737 json | The Independent Analytics plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and includ... | Not Provided | 2026-05-28 | 2026-05-28 |
| CVE-2026-5088 json | Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _mak... | Not Provided | 2026-04-15 | 2026-05-01 |
| CVE-2026-4430 json | Out-of-bounds write vulnerability in The Document Foundation LibreOffice via crafted OOXML documents with mismatched encrypti... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2023-20898 json | Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior t... | 7.8 - HIGH | 2023-09-05 | 2023-09-14 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Saltstack | Salt | 3002.2 | |||
| Application | Saltstack | Salt | 3002.1 | |||
| Application | Saltstack | Salt | 3002 | |||
| Application | Saltstack | Salt | 3001.3 | |||
| Application | Saltstack | Salt | 3001.2 | |||
| Application | Saltstack | Salt | 3001.1 | |||
| Application | Saltstack | Salt | 3001 | |||
| Application | Saltstack | Salt | 3000.3 | |||
| Application | Saltstack | Salt | 3000.2 | |||
| Application | Saltstack | Salt | 3000.13 | |||
| Application | Saltstack | Salt | 3000.1 | |||
| Application | Saltstack | Salt | 3000.0 | |||
| Application | Saltstack | Salt | 3000 | |||
| Application | Saltstack | Salt | 2019.8.0 | |||
| Application | Saltstack | Salt | 2019.2.5 | |||
| Application | Saltstack | Salt | 2019.2.4 | |||
| Application | Saltstack | Salt | 2019.2.3 | |||
| Application | Saltstack | Salt | 2019.2.2 | |||
| Application | Saltstack | Salt | 2019.2.1 | |||
| Application | Saltstack | Salt | 2019.2.0 |