Manageengine adselfservice plus
This hub aggregates every CVE we track for Manageengine adselfservice plus, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
53
CVEs tracked
18
Critical
12
High
3
In CISA KEV
Severity distribution
MEDIUM23CRITICAL18HIGH12
Monthly trend
0
0
0
0
0
0
0
0
1
0
1
0
0
0
0
0
0
0
1
1
0
0
1
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Manageengine adselfservice plus.
- CVE-2026-2740Remote Code Execution8.4
- CVE-2026-1367SQL Injection8.3
- CVE-2025-11250Authentication Bypass9.1
- CVE-2025-3833SQL Injection8.1
- CVE-2025-1723Account takeover8.1
- CVE-2024-27310DOS Vulnerability5.3
- CVE-2024-0252Remote code execution8.8
- CVE-2023-6105ManageEngine Information Disclosure in Multiple Products5.5
- CVE-2023-35719ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability6.8
- CVE-2023-35854Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privil...9.8
- CVE-2023-28342Zoho ManageEngine ADSelfService Plus before 6218 allows anyone to conduct a Denial-of-Service attack via the Mobile App Authentication API.7.5
- CVE-2022-36413Zoho ManageEngine ADSelfService Plus through 6203 is vulnerable to a brute-force attack that leads to a password reset on IDM applications.9.1
- CVE-2022-47966Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because ...KEV9.8
- CVE-2022-34829Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service (application restart) via a crafted payload to the Mobile App Deployment API.7.5
- CVE-2022-28987Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login.5.3
Product normalization is registry-driven with AI assist and human review. How it works