Kiteworks Latest Vulnerabilities

Session Management Flaw in Kiteworks Email Protection Gateway by Kiteworks

CVE-2026-29092

KiteworksKiteworks Email Protec...4.9MEDIUM

Unrestricted File Upload in Kiteworks Secure Data Forms

CVE-2026-23636

KiteworksSecure Data Forms5.5MEDIUM

Misconfiguration in Kiteworks Secure Data Forms Exposes Credentials

CVE-2026-23635

KiteworksSecure Data Forms6.5MEDIUM

Stored XSS Vulnerability in Kiteworks Secure Data Forms

CVE-2026-24750

KiteworksSecure Data Forms7.6HIGH

Access Control Vulnerability in Kiteworks Core Affects Authenticated Users

CVE-2026-23514

KiteworksCore8.8HIGH

Script Injection Vulnerability in Kiteworks Email Protection Gateway

CVE-2026-28272

KiteworksSecurity-advisories8.1HIGH

Configuration Bypass Vulnerability in Kiteworks Private Data Network

CVE-2026-28271

KiteworksSecurity-advisories6.5MEDIUM

Arbitrary File Upload Vulnerability in Kiteworks by Kiteworks

CVE-2026-28270

KiteworksSecurity-advisories4.9MEDIUM

Command Execution Vulnerability in Kiteworks Private Data Network

CVE-2026-28269

KiteworksSecurity-advisories5.9MEDIUM

Improper Input Validation in Kiteworks Affects Role Management

CVE-2025-53939

KiteworksSecurity-advisories6.3MEDIUM

Privilege Escalation Vulnerability in Kiteworks MFT

CVE-2025-53900

KiteworksSecurity-advisories6.5MEDIUM

Privilege Escalation Vulnerability in Kiteworks MFT

CVE-2025-53899

KiteworksSecurity-advisories7.2HIGH

Cross-Site Scripting in Kiteworks MFT Prior to Version 9.1.0

CVE-2025-53897

KiteworksSecurity-advisories6.8MEDIUM

Session Management Flaw in Kiteworks MFT

CVE-2025-53896

KiteworksSecurity-advisories7.1HIGH

Unauthenticated Attacker Can Bypass CSRF Check and Create New Admin Account

CVE-2023-7273

KiteworksOwncloud6.8MEDIUM

Totemmail vulnerable to reflected XSS through /responsiveUI/EnvelopeOpenServlet

CVE-2024-28063

KiteworksTotemomail6.1MEDIUM

Unauthenticated File Read and Delete, and Write Operations via Directory Traversal in Totemmail 7.x and 8.x Before 8.3.0

CVE-2024-28064

Kiteworks9.8CRITICAL

kiteworks Latest Vulnerabilities

Vulnerability Published:

Sort By:

25 March 2026

Session Management Flaw in Kiteworks Email Protection Gateway by Kiteworks

Unrestricted File Upload in Kiteworks Secure Data Forms

Misconfiguration in Kiteworks Secure Data Forms Exposes Credentials

Stored XSS Vulnerability in Kiteworks Secure Data Forms

Access Control Vulnerability in Kiteworks Core Affects Authenticated Users

27 February 2026

Script Injection Vulnerability in Kiteworks Email Protection Gateway

Configuration Bypass Vulnerability in Kiteworks Private Data Network

Arbitrary File Upload Vulnerability in Kiteworks by Kiteworks

26 February 2026

Command Execution Vulnerability in Kiteworks Private Data Network

29 November 2025

Improper Input Validation in Kiteworks Affects Role Management

Privilege Escalation Vulnerability in Kiteworks MFT

Privilege Escalation Vulnerability in Kiteworks MFT

Cross-Site Scripting in Kiteworks MFT Prior to Version 9.1.0

Session Management Flaw in Kiteworks MFT

1 October 2024

Unauthenticated Attacker Can Bypass CSRF Check and Create New Admin Account

18 May 2024

Totemmail vulnerable to reflected XSS through /responsiveUI/EnvelopeOpenServlet

Unauthenticated File Read and Delete, and Write Operations via Directory Traversal in Totemmail 7.x and 8.x Before 8.3.0