Active storage

This hub aggregates every CVE we track for Active storage, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 2 most recently published vulnerabilities affecting Active storage.

• CVE-2026-33195Rails Active Storage has possible Path Traversal in DiskService9.8Mar 23, 2026
• CVE-2022-21831A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.9.8May 26, 2022