CVE Tools

openstack

Cloud & SaaSUSoss-project

223

Cumulative CVEs

59

Monthly snapshots

#16

Peak rank

Top products

ironic4 mistral1 neutron1

Latest CVEs

The 15 most recently published vulnerabilities affecting openstack.

CVE-2026-55748OpenStack Horizon before 25.7.4 produces scripts for OpenStack RC file downloading that may have a crafted project name with shell metacharacters. NOTE: some parties consider this a security harden...6.0Jun 17, 2026
CVE-2026-46448In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation.5.4Jun 16, 2026
CVE-2026-54421In OpenStack Ironic before 37.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information (such as iSCSI credenti...6.8Jun 14, 2026
CVE-2026-50589In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash.5.3Jun 4, 2026
CVE-2026-50266In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set device_owner to a value that has "network:" at the beginning (...2.2Jun 4, 2026
CVE-2026-48681OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.5.9Jun 4, 2026
CVE-2026-44917OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_template.4.9Jun 4, 2026
CVE-2026-41283OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials.9.9Jun 4, 2026
CVE-2026-46447OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info.5.8Jun 3, 2026
CVE-2026-43000An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to ...6.0May 28, 2026
CVE-2026-42999An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone RBAC policy enforcer in enforce_call unconditionally merges the raw JSON request body into the policy enforcement dictionar...6.0May 28, 2026
CVE-2026-42998An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches t...6.0May 28, 2026
CVE-2026-44394An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone federated token rescoping mechanism does not propagate the original token's expiry to the newly issued token. When a federa...6.0May 28, 2026
CVE-2026-44919In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL.4.3May 14, 2026
CVE-2026-44916In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing.3.0May 8, 2026