CVE Tools

netapp

Hardware FirmwareUScommercial

2,107

Cumulative CVEs

90

Monthly snapshots

#3

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting netapp.

CVE-2026-22048StorageGRID (formerly StorageGRID Webscale) versions prior to 11.9.0.12 and 12.0.0.4 with Single Sign-on enabled and configured to use Microsoft Entra ID (formerly Azure AD) as an IdP are susceptib...7.1Feb 17, 2026
CVE-2026-22050ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snaps...4.3Jan 12, 2026
CVE-2025-26517CVE-2025-26517 Privilege Escalation Vulnerability in StorageGRID (formerly StorageGRID Webscale)5.4Sep 19, 2025
CVE-2025-26516CVE-2025-26516 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale)5.3Sep 19, 2025
CVE-2025-26515CVE-2025-26515 Server-Side Request Forgery Vulnerability in StorageGRID (formerly StorageGRID Webscale)7.5Sep 19, 2025
CVE-2025-26514CVE-2025-26514 Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale)6.4Sep 19, 2025
CVE-2025-26513The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a vulnerability which when successfully exploited could allow a local user to escalate their privileges.7.0Aug 7, 2025
CVE-2025-27820Apache HttpComponents: PSL (Public Suffix List) validation bypass7.5Apr 24, 2025
CVE-2025-30722Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit ...5.3Apr 15, 2025
CVE-2025-30691Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerabili...4.8Apr 15, 2025
CVE-2025-21583Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.4.0 and 9.0.0. Easily exploitable vulnerability allows high privileg...4.9Apr 15, 2025
CVE-2025-31672Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names5.3Apr 9, 2025
CVE-2025-1861Stream HTTP wrapper truncates redirect location to 1024 bytes9.8Mar 30, 2025
CVE-2025-1736Stream HTTP wrapper header check might omit basic auth header7.3Mar 30, 2025
CVE-2025-1734Streams HTTP wrapper does not fail for headers with invalid name and no colon5.3Mar 30, 2025