Known Vulnerabilities for products from Traccar
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Traccar".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-27694 json | Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email no... | Not Provided | 2026-05-05 | 2026-05-08 |
| CVE-2026-27693 json | Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the KML and ... | Not Provided | 2026-05-05 | 2026-05-08 |
| CVE-2026-27644 json | Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes pos... | Not Provided | 2026-05-05 | 2026-05-08 |
| CVE-2021-21292 json | Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulner... | 6.3 - MEDIUM | 2021-02-02 | 2021-02-08 |
| CVE-2020-5246 json | Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in... | 6.5 - MEDIUM | 2020-07-14 | 2020-07-16 |
| CVE-2019-5748 json | In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks. | 9.8 - CRITICAL | 2019-01-09 | 2019-01-30 |
| CVE-2018-1000881 json | Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') v... | 9.8 - CRITICAL | 2018-12-20 | 2019-01-07 |