Known Vulnerabilities for Salt by Saltstack
Listed below are 10 of the newest known vulnerabilities associated with "Salt" by "Saltstack".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-56272 json | Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommende... | Not Provided | 2026-06-24 | 2026-06-24 |
| CVE-2026-53692 json | Redeight CMS version 1.0 uses the MD5 algorithm without a salt to store user passwords. Because MD5 is a cryptographically br... | Not Provided | 2026-06-30 | 2026-06-30 |
| CVE-2026-46749 json | A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 6). The affected application uses a password... | Not Provided | 2026-06-09 | 2026-06-09 |
| CVE-2026-46395 json | HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the `hmacBase64()` function in ... | Not Provided | 2026-06-05 | 2026-06-05 |
| CVE-2026-45787 json | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-1... | Not Provided | 2026-05-28 | 2026-05-29 |
| CVE-2026-45027 json | WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes th... | Not Provided | 2026-05-27 | 2026-05-27 |
| CVE-2026-43873 json | WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php ech... | Not Provided | 2026-05-11 | 2026-05-12 |
| CVE-2026-42610 json | Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged user (EX: Content Editor with only pages.update pe... | Not Provided | 2026-05-11 | 2026-05-11 |
| CVE-2026-41893 json | Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoin... | Not Provided | 2026-05-09 | 2026-05-14 |
| CVE-2026-30789 json | Use of Password Hash With Insufficient Computational Effort, Improper Restriction of Excessive Authentication Attempts vulner... | Not Provided | 2026-03-05 | 2026-06-22 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Saltstack | Salt | 3002.2 | |||
| Application | Saltstack | Salt | 3002.1 | |||
| Application | Saltstack | Salt | 3002 | |||
| Application | Saltstack | Salt | 3001.3 | |||
| Application | Saltstack | Salt | 3001.2 | |||
| Application | Saltstack | Salt | 3001.1 | |||
| Application | Saltstack | Salt | 3001 | |||
| Application | Saltstack | Salt | 3000.3 | |||
| Application | Saltstack | Salt | 3000.2 | |||
| Application | Saltstack | Salt | 3000.13 | |||
| Application | Saltstack | Salt | 3000.1 | |||
| Application | Saltstack | Salt | 3000.0 | |||
| Application | Saltstack | Salt | 3000 | |||
| Application | Saltstack | Salt | 2019.8.0 | |||
| Application | Saltstack | Salt | 2019.2.5 | |||
| Application | Saltstack | Salt | 2019.2.4 | |||
| Application | Saltstack | Salt | 2019.2.3 | |||
| Application | Saltstack | Salt | 2019.2.2 | |||
| Application | Saltstack | Salt | 2019.2.1 | |||
| Application | Saltstack | Salt | 2019.2.0 |