Known Vulnerabilities for products from Uipath
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Uipath".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45321 json | On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published... | Not Provided | 2026-05-12 | 2026-05-29 |
| CVE-2021-44043 json | An issue was discovered in UiPath App Studio 21.4.4. There is a persistent XSS vulnerability in the file-upload functionality... | 5.4 - MEDIUM | 2021-12-14 | 2021-12-20 |
| CVE-2021-44042 json | An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI ... | 9.8 - CRITICAL | 2021-12-14 | 2022-07-12 |
| CVE-2021-44041 json | UiPath Assistant 21.4.4 will load and execute attacker controlled data from the file path supplied to the --dev-widget argume... | 9.8 - CRITICAL | 2021-12-14 | 2021-12-20 |
| CVE-2018-19855 json | UiPath Orchestrator before 2018.3.4 allows CSV Injection, related to the Audit export, Robot log export, and Transaction log ... | 5.5 - MEDIUM | 2019-08-08 | 2020-08-24 |
| CVE-2018-17305 json | UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even adminis... | 8.8 - HIGH | 2019-04-11 | 2019-10-03 |
Known software with vulnerabilities from Uipath
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Uipath | Orchestrator | 2016.2 |