CVE Tools

commvault

Enterprise Softwarecommercial

10

Cumulative CVEs

3

Monthly snapshots

#75

Peak rank

Top products

commcell4 commvault4

Latest CVEs

The 15 most recently published vulnerabilities affecting commvault.

CVE-2025-12776Stored Cross-Site Scripting5.4Jan 7, 2026
CVE-2025-57791Argument Injection Vulnerability in CommServe6.5Aug 20, 2025
CVE-2025-57790Path Traversal Vulnerability8.8Aug 20, 2025
CVE-2025-57789Vulnerability in Initial Administrator Login Process5.4Aug 20, 2025
CVE-2025-57788Unauthorized API Access Risk6.5Aug 20, 2025
CVE-2025-3928Commvault Web Server unspecified vulnerabilityKEV8.8Apr 25, 2025
CVE-2025-34028Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path TraversalKEV10.0Apr 22, 2025
CVE-2021-34997This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the...8.8Jan 13, 2022
CVE-2021-34996This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the...8.8Jan 13, 2022
CVE-2021-34995This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the...8.8Jan 13, 2022
CVE-2021-34994This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell 11.22.22. Although authentication is required to exploit this vulnerability, the...8.8Jan 13, 2022
CVE-2021-34993This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell 11.22.22. Authentication is not required to exploit this vulnerability. The speci...9.8Jan 13, 2022
CVE-2020-25780In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can inst...7.5Oct 29, 2020
CVE-2017-18044A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside the Commvault service does not properly validate ...9.8Jan 19, 2018
CVE-2017-3195Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execut...9.8Dec 15, 2017