Known Vulnerabilities for products from Diagrams
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Diagrams".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-42140 json | Not Provided | 2026-05-04 | 2026-05-04 | |
| CVE-2026-40608 json | Not Provided | 2026-04-21 | 2026-04-21 | |
| CVE-2026-40322 json | Not Provided | 2026-04-16 | 2026-04-17 | |
| CVE-2026-31519 json | Not Provided | 2026-04-22 | 2026-04-23 | |
| CVE-2023-3975 json | OS Command Injection in GitHub repository jgraph/drawio prior to 21.5.0. | 9.8 - CRITICAL | 2023-07-27 | 2023-08-03 |
| CVE-2023-3974 json | OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0. | 9.8 - CRITICAL | 2023-07-27 | 2023-08-03 |
| CVE-2023-3973 json | Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3. | 6.1 - MEDIUM | 2023-07-27 | 2023-08-03 |
| CVE-2023-3398 json | Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3. | 7.5 - HIGH | 2023-06-26 | 2023-06-30 |
| CVE-2023-3026 json | Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8. | 6.1 - MEDIUM | 2023-06-01 | 2023-06-06 |
| CVE-2022-3873 json | Cross-site Scripting (XSS) - DOM in GitHub repository jgraph/drawio prior to 20.5.2. | 6.1 - MEDIUM | 2022-11-07 | 2022-11-08 |
| CVE-2022-3223 json | Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.3.1. | 6.1 - MEDIUM | 2022-09-16 | 2022-09-20 |
| CVE-2022-3148 json | Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0. | 6.1 - MEDIUM | 2022-09-08 | 2022-09-09 |
| CVE-2022-3138 json | Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0. | 6.1 - MEDIUM | 2022-09-08 | 2022-09-09 |
| CVE-2022-3133 json | OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0. | 7.8 - HIGH | 2022-09-09 | 2022-09-15 |
| CVE-2022-3127 json | Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.2.8. | 5.4 - MEDIUM | 2022-09-05 | 2022-09-08 |
| CVE-2022-3065 json | Improper Access Control in GitHub repository jgraph/drawio prior to 20.2.8. | 7.5 - HIGH | 2022-09-02 | 2022-09-08 |
| CVE-2022-2015 json | Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2. | 5.4 - MEDIUM | 2022-06-09 | 2022-06-15 |
| CVE-2022-2014 json | Code Injection in GitHub repository jgraph/drawio prior to 19.0.2. | 5.4 - MEDIUM | 2022-06-09 | 2022-06-15 |
| CVE-2022-1815 json | Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2. | 7.5 - HIGH | 2022-05-25 | 2022-06-07 |
| CVE-2022-1784 json | Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8. | 7.5 - HIGH | 2022-05-20 | 2022-06-07 |