Known Vulnerabilities for Snipe-it by Snipeitapp
Listed below are 10 of the newest known vulnerabilities associated with "Snipe-it" by "Snipeitapp".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-44833 json | Snipe-IT is an IT asset/license management system. Prior to 8.4.1, an open redirect vulnerability in Snipe-IT allows attacker... | Not Provided | 2026-05-26 | 2026-05-26 |
| CVE-2026-44832 json | Snipe-IT is an IT asset/license management system. Prior to 8.4.1, aAn authenticated user with only users.edit permission can... | Not Provided | 2026-05-26 | 2026-05-26 |
| CVE-2026-44831 json | Snipe-IT is an IT asset/license management system. Prior to 8.4.1, users with component view access could be impacted by an u... | Not Provided | 2026-05-26 | 2026-05-26 |
| CVE-2026-38533 json | An improper authorization vulnerability in the /api/v1/users/{id} endpoint of Snipe-IT v8.4.0 allows authenticated attackers ... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2026-37709 json | Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allo... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2025-63743 json | Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows... | Not Provided | 2026-04-13 | 2026-04-14 |
| CVE-2025-23776 json | Missing Authorization vulnerability in ekaterir Cache Sniper for Nginx snipe-nginx-cache allows Exploiting Incorrectly Config... | Not Provided | 2025-01-16 | 2026-04-23 |
| CVE-2025-15602 json | Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insufficiently prot... | Not Provided | 2026-03-06 | 2026-03-09 |
| CVE-2023-5511 json | Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3. | 8.8 - HIGH | 2023-10-11 | 2023-10-12 |
| CVE-2023-5452 json | Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.2.2. | 5.4 - MEDIUM | 2023-10-06 | 2023-10-10 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Snipeitapp | Snipe-it | 5.0.0 | |||
| Application | Snipeitapp | Snipe-it | 5.0.0 | |||
| Application | Snipeitapp | Snipe-it | 5.0.0 | |||
| Application | Snipeitapp | Snipe-it | 4.7.6 | |||
| Application | Snipeitapp | Snipe-it | 4.7.5 | |||
| Application | Snipeitapp | Snipe-it | 4.7.4 | |||
| Application | Snipeitapp | Snipe-it | 4.7.3 | |||
| Application | Snipeitapp | Snipe-it | 4.7.2 | |||
| Application | Snipeitapp | Snipe-it | 4.7.1 | |||
| Application | Snipeitapp | Snipe-it | 4.7.0 | |||
| Application | Snipeitapp | Snipe-it | 4.6.9 | |||
| Application | Snipeitapp | Snipe-it | 4.6.8 | |||
| Application | Snipeitapp | Snipe-it | 4.6.7 | |||
| Application | Snipeitapp | Snipe-it | 4.6.6 | |||
| Application | Snipeitapp | Snipe-it | 4.6.5 | |||
| Application | Snipeitapp | Snipe-it | 4.6.4 | |||
| Application | Snipeitapp | Snipe-it | 4.6.3 | |||
| Application | Snipeitapp | Snipe-it | 4.6.2 | |||
| Application | Snipeitapp | Snipe-it | 4.6.18 | |||
| Application | Snipeitapp | Snipe-it | 4.6.17 |