Known Vulnerabilities for products from Invoiceninja
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Invoiceninja".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33742 json | Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Product notes fields in... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-33628 json | Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Invoice line item descr... | Not Provided | 2026-03-26 | 2026-03-30 |
| CVE-2026-29925 json | Invoice Ninja v5.12.46 and v5.12.48 is vulnerable to Server-Side Request Forgery (SSRF) in CheckDatabaseRequest.php. | Not Provided | 2026-03-30 | 2026-04-02 |
| CVE-2021-33898 json | In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories/AccountRepository.php that ... | 8.1 - HIGH | 2021-06-06 | 2021-06-15 |
| CVE-2021-3977 json | invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | 5.4 - MEDIUM | 2021-12-24 | 2021-12-30 |
| CVE-2017-1000466 json | Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, whi... | 5.4 - MEDIUM | 2018-01-03 | 2018-01-16 |
Known software with vulnerabilities from Invoiceninja
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Invoiceninja | Invoice Ninja | 1.0.2 |