atlassian

Top products

The 15 most recently published vulnerabilities affecting atlassian.

• CVE-2026-21569This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE (XML External Entity Injection) vulnerability, wit...7.9Jan 28, 2026
• CVE-2025-22178Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...4.3Oct 22, 2025
• CVE-2025-22174Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...4.3Oct 22, 2025
• CVE-2025-22173Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...4.3Oct 22, 2025
• CVE-2025-22170Jira Align is vulnerable to an authorization issue. A low-privilege user without sufficient privileges to perform an action could if they included a particular state-related parameter of a user wit...4.3Oct 22, 2025
• CVE-2025-22169Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...5.4Oct 22, 2025
• CVE-2025-22172Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...4.3Oct 22, 2025
• CVE-2025-22176Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...4.3Oct 22, 2025
• CVE-2025-22171Jira Align is vulnerable to an authorization issue. A low-privilege user is able to alter the private checklists of other users.4.3Oct 22, 2025
• CVE-2025-22177Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...4.3Oct 22, 2025
• CVE-2025-22175Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...5.4Oct 22, 2025
• CVE-2025-22168Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was abl...4.3Oct 22, 2025
• CVE-2025-22167This High severity Path Traversal (Arbitrary Write) vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 of Jira Software Data Center and Server. This Path Traversa...6.5Oct 22, 2025
• CVE-2025-22166This High severity DoS (Denial of Service) vulnerability was introduced in version 2.0 of Confluence Data Center. This DoS (Denial of Service) vulnerability, with a CVSS Score of 8.3, allows an ...7.5Oct 21, 2025
• CVE-2025-35112Agiloft XML external entity local path traversal4.1Aug 26, 2025