Storagegrid
This hub aggregates every CVE we track for Storagegrid, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.
72
CVEs tracked
9
Critical
27
High
2
In CISA KEV
Severity distribution
HIGH27MEDIUM25LOW11CRITICAL9
Monthly trend
0
0
0
0
1
0
0
0
2
0
0
0
0
0
4
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Storagegrid.
- CVE-2025-26517CVE-2025-26517 Privilege Escalation Vulnerability in StorageGRID (formerly StorageGRID Webscale)5.4
- CVE-2025-26516CVE-2025-26516 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)5.3
- CVE-2025-26515CVE-2025-26515 Server-Side Request Forgery Vulnerability in StorageGRID (formerly StorageGRID Webscale)7.5
- CVE-2025-26514CVE-2025-26514 Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale)6.4
- CVE-2025-25292Ruby SAML vulnerable to SAML authentication bypass due to namespace handling (parser differential)9.8
- CVE-2025-25291ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential)9.8
- CVE-2024-21994CVE-2024-21994 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)4.3
- CVE-2024-21988CVE-2024-21988 SSH Cryptographic Implementation Vulnerability in StorageGRID (formerly StorageGRID Webscale)5.3
- CVE-2024-21984Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale)5.9
- CVE-2024-21983Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) 6.5
- CVE-2023-27318Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) 6.5
- CVE-2022-38734StorageGRID (formerly StorageGRID Webscale) versions prior to 11.6.0.8 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to to a crash of the Local Distrib...7.5
- CVE-2022-23238Linux deployments of StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.2 deployed with a Linux kernel version less than 4.7.0 are susceptible to a vulnerability which could...6.5
- CVE-2022-37434zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected...9.8
- CVE-2022-1678An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.5.9
Product normalization is registry-driven with AI assist and human review. How it works