Hestiacp Latest Vulnerabilities

IP Spoofing Vulnerability in HestiaCP Affects Multiple Versions

CVE-2026-43634

HestiacpHestiacp👾🟡8.7HIGH

Deserialization Vulnerability in HestiaCP Web Terminal Component

CVE-2026-43633

HestiacpHestiacp👾🟡9.5CRITICAL

Privilege Chaining in hestiacp/hestiacp

CVE-2023-5839

HestiacpHestiacp/hestiacp8.8HIGH

Cross-site Scripting (XSS) - Stored in hestiacp/hestiacp

CVE-2023-4517

hestiacphestiacp/hestiacp5.4MEDIUM

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

CVE-2023-5084

hestiacphestiacp/hestiacp6.1MEDIUM

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

CVE-2023-3479

HestiacpHestiacp/hestiacpEPSS 23%4.3MEDIUM

XSS Vulnerability in Hestia Control Panel Software by HestiaCP

CVE-2021-30071

HestiacpControl Panel6.1MEDIUM

Arbitrary Package Installation Vulnerability in HestiaCP by HestiaCP

CVE-2021-30070

HestiacpHestiacp7.5HIGH

Code Injection in hestiacp/hestiacp

CVE-2022-2636

HestiacpHestiacp/hestiacp8.5HIGH

Incorrect Privilege Assignment in hestiacp/hestiacp

CVE-2022-2626

HestiacpHestiacp/hestiacp9.1CRITICAL

OS Command Injection in hestiacp/hestiacp

CVE-2022-2550

HestiacpHestiacp/hestiacp9.9CRITICAL

Command Injection Vulnerability in hestiacp/hestiacp

CVE-2022-1509

HestiacpHestiacp/hestiacp9.9CRITICAL

Reflected Cross-site Scripting (XSS) Vulnerability in hestiacp/hestiacp

CVE-2022-0986

HestiacpHestiacp/hestiacp2.4LOW

Cross-site Scripting (XSS) - Generic in hestiacp/hestiacp

CVE-2022-0752

HestiacpHestiacp/hestiacp3.5LOW

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

CVE-2022-0838

HestiacpHestiacp/hestiacp6.6MEDIUM

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

CVE-2022-0753

HestiacpHestiacp/hestiacp3.5LOW

Use of Wrong Operator in String Comparison in hestiacp/hestiacp

CVE-2021-3797

HestiacpHestiacp/hestiacp4.8MEDIUM

Subdomain Spoofing Vulnerability in Hestia Control Panel by HestiaCP

CVE-2021-27231

HestiacpControl Panel5.4MEDIUM

Password Reset Vulnerability in VESTA Control Panel and Hestia Control Panel

CVE-2020-10966

HestiacpControl Panel6.5MEDIUM

hestiacp Latest Vulnerabilities

Vulnerability Published:

Sort By:

19 May 2026

IP Spoofing Vulnerability in HestiaCP Affects Multiple Versions

Deserialization Vulnerability in HestiaCP Web Terminal Component

29 October 2023

Privilege Chaining in hestiacp/hestiacp

13 October 2023

Cross-site Scripting (XSS) - Stored in hestiacp/hestiacp

20 September 2023

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

30 June 2023

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

18 August 2022

XSS Vulnerability in Hestia Control Panel Software by HestiaCP

Arbitrary Package Installation Vulnerability in HestiaCP by HestiaCP

5 August 2022

Code Injection in hestiacp/hestiacp

Incorrect Privilege Assignment in hestiacp/hestiacp

27 July 2022

OS Command Injection in hestiacp/hestiacp

28 April 2022

Command Injection Vulnerability in hestiacp/hestiacp

16 March 2022

Reflected Cross-site Scripting (XSS) Vulnerability in hestiacp/hestiacp

4 March 2022

Cross-site Scripting (XSS) - Generic in hestiacp/hestiacp

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

3 March 2022

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

15 September 2021

Use of Wrong Operator in String Comparison in hestiacp/hestiacp

16 February 2021

Subdomain Spoofing Vulnerability in Hestia Control Panel by HestiaCP

25 March 2020

Password Reset Vulnerability in VESTA Control Panel and Hestia Control Panel