caddyserver Cyber Security Vulnerability Stats and Metrics

Vulnerability in Caddy's FastCGI Transport Can Lead to Remote Code Execution

CVE-2026-45135

CaddyserverCaddy8.1HIGH

Authorization Layer Mismatch in Caddy Server Platform

CVE-2026-45692

CaddyserverCaddy5.4MEDIUM

Header Injection Flaw in Caddy Server by Caddy Corp

CVE-2026-52845

CaddyserverCaddy8.1HIGH

Path Traversal Vulnerability in Caddy Server on Windows

CVE-2026-52844

CaddyserverCaddy7.5HIGH

Cross-Site Scripting Risk in Caddy Server by Caddy Technologies

CVE-2026-52846

CaddyserverCaddy4.2MEDIUM

Identity Injection and Privilege Escalation in Caddy Server Platform

CVE-2026-30851

CaddyserverCaddy8.1HIGH

TLS Server Vulnerability in Caddy Affects User-Controlled Input Handling

CVE-2026-30852

CaddyserverCaddy5.5MEDIUM

Path Confusion Vulnerability in Caddy Server by Caddy Software

CVE-2026-27590

CaddyserverCaddy8.9HIGH

Caddy Server Vulnerability Exposes Admin API to Unauthorized Configuration Changes

CVE-2026-27589

CaddyserverCaddy6.9MEDIUM

Caddy Server Platform Vulnerability in HTTP Host Matching

CVE-2026-27588

CaddyserverCaddy7.7HIGH

Case Sensitivity Issue in Caddy Server from Caddy

CVE-2026-27587

CaddyserverCaddy7.7HIGH

mTLS Authentication Vulnerability in Caddy by Caddy Server

CVE-2026-27586

CaddyserverCaddy8.8HIGH

Path Sanitization Bypass in Caddy Server Affecting Specific Environments

CVE-2026-27585

CaddyserverCaddy6.9MEDIUM

IP Spoofing Vulnerability in Caddy 2 Middleware by Shift72

CVE-2023-50463

CaddyserverCaddy6.5MEDIUM

Open Redirection Vulnerability in Caddy Web Server by Caddy Labs

CVE-2022-28923

CaddyserverCaddy6.1MEDIUM

Out-of-Bounds Read Vulnerability in Caddy Web Server

CVE-2022-34037

CaddyserverCaddy7.5HIGH

Open Redirect Vulnerability in Caddy Web Server by Caddy Server

CVE-2022-29718

CaddyserverCaddy6.1MEDIUM

TLS Client Authentication Flaw in Caddy Web Server by Caddy Server

CVE-2018-21246

CaddyserverCaddy9.8CRITICAL

Hostname Enumeration Vulnerability in Caddy Web Server

CVE-2018-19148

CaddyserverCaddy3.7LOW

caddyserver Summary

Vulnerability Published:

Sort By:

23 June 2026

Vulnerability in Caddy's FastCGI Transport Can Lead to Remote Code Execution

Authorization Layer Mismatch in Caddy Server Platform

Header Injection Flaw in Caddy Server by Caddy Corp

Path Traversal Vulnerability in Caddy Server on Windows

Cross-Site Scripting Risk in Caddy Server by Caddy Technologies

7 March 2026

Identity Injection and Privilege Escalation in Caddy Server Platform

TLS Server Vulnerability in Caddy Affects User-Controlled Input Handling

24 February 2026

Path Confusion Vulnerability in Caddy Server by Caddy Software

Caddy Server Vulnerability Exposes Admin API to Unauthorized Configuration Changes

Caddy Server Platform Vulnerability in HTTP Host Matching

Case Sensitivity Issue in Caddy Server from Caddy

mTLS Authentication Vulnerability in Caddy by Caddy Server

Path Sanitization Bypass in Caddy Server Affecting Specific Environments

10 December 2023

IP Spoofing Vulnerability in Caddy 2 Middleware by Shift72

6 February 2023

Open Redirection Vulnerability in Caddy Web Server by Caddy Labs

22 July 2022

Out-of-Bounds Read Vulnerability in Caddy Web Server

2 June 2022

Open Redirect Vulnerability in Caddy Web Server by Caddy Server

15 June 2020

TLS Client Authentication Flaw in Caddy Web Server by Caddy Server

10 November 2018

Hostname Enumeration Vulnerability in Caddy Web Server