Known Vulnerabilities for products from Xchat

Listed below are 12 of the newest known vulnerabilities associated with the vendor "Xchat".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2013-7449 json The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the serv... Not Provided 2016-04-21 2026-05-06
CVE-2012-0828 json Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attac... 9.8 - CRITICAL 2020-02-21 2020-03-05
CVE-2011-5129 json Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possib... Not Provided 2012-08-30 2026-04-29
CVE-2009-0315 json Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan h... Not Provided 2009-01-28 2026-04-23
CVE-2008-2841 json Argument injection vulnerability in XChat 2.8.7b and earlier on Windows, when Internet Explorer is used, allows remote attack... Not Provided 2008-06-24 2026-04-23
CVE-2006-4455 json ** DISPUTED ** Unspecified vulnerability in Xchat 2.6.7 and earlier allows remote attackers to cause a denial of service (cr... 5 - MEDIUM 2006-08-30 2023-11-07
CVE-2004-0409 json Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote ... Not Provided 2004-06-01 2025-04-03
CVE-2003-1000 json xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number,... Not Provided 2004-01-05 2025-04-03
CVE-2002-0382 json XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup ... Not Provided 2002-06-25 2025-04-03
CVE-2002-0006 json XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IR... Not Provided 2002-06-25 2025-04-03
CVE-2001-0792 json Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname. Not Provided 2001-10-18 2025-04-03
CVE-2000-0787 json IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metachara... Not Provided 2000-10-20 2025-04-03

Known software with vulnerabilities from Xchat

Type Vendor Product Version
ApplicationXchatXchat1.2.1
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report