Ontap

This hub aggregates every CVE we track for Ontap, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Ontap.

• CVE-2026-22050ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snaps...4.3Jan 12, 2026
• CVE-2025-1861Stream HTTP wrapper truncates redirect location to 1024 bytes9.8Mar 30, 2025
• CVE-2025-1736Stream HTTP wrapper header check might omit basic auth header7.3Mar 30, 2025
• CVE-2025-1734Streams HTTP wrapper does not fail for headers with invalid name and no colon5.3Mar 30, 2025
• CVE-2025-26465Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled6.8Feb 18, 2025
• CVE-2025-24928libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untruste...7.8Feb 18, 2025
• CVE-2024-56171libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be ...7.8Feb 18, 2025
• CVE-2025-0167netrc and default credential leak3.4Feb 5, 2025
• CVE-2024-11053netrc and redirect credential leak3.4Dec 11, 2024
• CVE-2024-8932OOB access in ldap_escape9.8Nov 22, 2024
• CVE-2024-39573Apache HTTP Server: mod_rewrite proxy handler substitution7.5Jul 1, 2024
• CVE-2024-38473Apache HTTP Server proxy encoding problem8.1Jul 1, 2024
• CVE-2024-38472Apache HTTP Server on WIndows UNC SSRF7.5Jul 1, 2024
• CVE-2024-36387Apache HTTP Server: DoS by Null pointer in websocket over HTTP/25.4Jul 1, 2024
• CVE-2024-6387Openssh: regresshion - race condition in ssh allows rce/dos8.1Jul 1, 2024