Known Vulnerabilities for products from Cacti
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Cacti".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40941 json | Not Provided | 2026-06-25 | 2026-06-26 | |
| CVE-2026-40084 json | Not Provided | 2026-06-25 | 2026-06-26 | |
| CVE-2026-40083 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have SQL Injection through unsa... | Not Provided | 2026-06-25 | 2026-06-30 |
| CVE-2026-40082 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing session_regenerate... | Not Provided | 2026-06-25 | 2026-06-29 |
| CVE-2026-40080 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Open Redirect... | Not Provided | 2026-06-25 | 2026-06-29 |
| CVE-2026-40079 json | Not Provided | 2026-06-25 | 2026-06-25 | |
| CVE-2026-39955 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Inj... | Not Provided | 2026-06-24 | 2026-06-26 |
| CVE-2026-39951 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a Stored SQL Injection vul... | Not Provided | 2026-06-25 | 2026-06-26 |
| CVE-2026-39948 json | Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request paramet... | Not Provided | 2026-06-24 | 2026-06-26 |
| CVE-2026-39938 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI throug... | Not Provided | 2026-06-24 | 2026-06-26 |
| CVE-2026-39900 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS... | Not Provided | 2026-06-24 | 2026-06-25 |
| CVE-2026-39899 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversa... | Not Provided | 2026-06-24 | 2026-06-26 |
| CVE-2026-39897 json | Cacti is an open source performance and fault management framework. Versions 1.2.30 and below contain a Reflected XSS vulnera... | Not Provided | 2026-06-24 | 2026-06-25 |
| CVE-2026-39894 json | Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decima... | Not Provided | 2026-06-24 | 2026-06-25 |
| CVE-2026-39893 json | Cacti is an open source performance and fault management framework. In versions 1.2.30 and prior, the rfilter request variabl... | Not Provided | 2026-06-24 | 2026-06-26 |
| CVE-2023-49088 json | 4.8 - MEDIUM | 2023-12-22 | 2024-03-18 | |
| CVE-2023-49086 json | 5.4 - MEDIUM | 2023-12-22 | 2024-03-18 | |
| CVE-2023-49085 json | 8.8 - HIGH | 2023-12-22 | 2024-03-18 | |
| CVE-2023-49084 json | 8.8 - HIGH | 2023-12-21 | 2024-03-18 | |
| CVE-2023-46490 json | SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() ... | 6.5 - MEDIUM | 2023-10-27 | 2023-11-13 |
Known software with vulnerabilities from Cacti
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Cacti | Cacti | 0.8 |
| Application | Cacti | Superlinks | 1.4-2 |