Known Vulnerabilities for products from Elabftw
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Elabftw".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-28510 json | eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserv... | Not Provided | 2026-05-05 | 2026-05-12 |
| CVE-2022-31178 json | eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in use... | 4.3 - MEDIUM | 2022-08-01 | 2022-08-06 |
| CVE-2022-31007 json | eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authentic... | 7.2 - HIGH | 2022-05-31 | 2022-06-10 |
| CVE-2021-43834 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2021-12-16 | 2021-12-21 |
| CVE-2021-43833 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2021-12-16 | 2021-12-21 |
| CVE-2021-41171 json | eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows ... | 8.8 - HIGH | 2021-10-22 | 2021-10-28 |
| CVE-2021-32698 json | eLabFTW is an open source electronic lab notebook for research labs. This vulnerability allows an attacker to make GET reques... | 4.9 - MEDIUM | 2021-06-21 | 2021-06-28 |
| CVE-2019-12185 json | eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may resul... | 8.8 - HIGH | 2019-05-20 | 2020-08-24 |
| CVE-2017-1000478 json | ELabftw version 1.7.8 is vulnerable to stored cross-site scripting in the experiment infos component resulting in arbitrary e... | 5.4 - MEDIUM | 2018-01-03 | 2018-01-17 |
Known software with vulnerabilities from Elabftw
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Elabftw | Elabftw | 1.7.8 |