Cryostat

This hub aggregates every CVE we track for Cryostat, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Cryostat.

• CVE-2026-33812Excessive memory allocation when decoding malicious SFNT in golang.org/x/image6.1Apr 21, 2026
• CVE-2026-32281Inefficient policy validation in crypto/x5097.5Apr 8, 2026
• CVE-2026-32280Unexpected work during chain building in crypto/x5097.5Apr 8, 2026
• CVE-2026-32288Unbounded allocation for old GNU sparse in archive/tar5.5Apr 8, 2026
• CVE-2026-32283Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls7.5Apr 8, 2026
• CVE-2026-33810Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x5098.2Apr 8, 2026
• CVE-2026-32289JsBraceDepth Context Tracking Bugs (XSS) in html/template6.1Apr 8, 2026
• CVE-2026-33809OOM from malicious IFD offset in golang.org/x/image/tiff5.3Mar 25, 2026
• CVE-2026-27137Incorrect enforcement of email constraints in crypto/x5097.5Mar 6, 2026
• CVE-2026-27903minimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments7.5Feb 26, 2026
• CVE-2025-8415Cryostat: authentication bypass if network policies are disabled5.9Aug 20, 2025
• CVE-2025-48734Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default8.8May 28, 2025
• CVE-2025-30204jwt-go allows excessive memory allocation during header parsing7.5Mar 21, 2025
• CVE-2025-24970SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine7.5Feb 10, 2025
• CVE-2025-22866Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec4.0Feb 6, 2025