Manageengine opmanager
This hub aggregates every CVE we track for Manageengine opmanager, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
59
CVEs tracked
20
Critical
23
High
0
In CISA KEV
Severity distribution
HIGH23CRITICAL20MEDIUM16
Monthly trend
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
1
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Manageengine opmanager.
- CVE-2025-9226Stored XSS4.6
- CVE-2025-9227Stored XSS6.5
- CVE-2024-5466Remote Code Execution8.8
- CVE-2023-47211A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can s...9.1
- CVE-2023-6105ManageEngine Information Disclosure in Multiple Products5.5
- CVE-2023-31099Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers.8.8
- CVE-2022-43473A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially crafted XML file can lead to SSRF. An attacker can serve ...5.8
- CVE-2022-38772Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make ...8.8
- CVE-2022-36923Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126...7.5
- CVE-2022-37024Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) a...8.8
- CVE-2022-35404ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.8.2
- CVE-2022-29535Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.9.8
- CVE-2022-27908Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.8.8
- CVE-2021-44514OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories.9.8
- CVE-2021-41075The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.9.8
Product normalization is registry-driven with AI assist and human review. How it works