pi-hole Summary
Latest vulnerabilities published by pi-hole
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Stored HTML Injection in Pi-hole Admin Interface Affects Network-level Ad Blocker
CVE-2026-33405Pi-holeWeb3.1LOWLocal Privilege Escalation in Pi-hole by Pi-hole Developers
CVE-2026-33727Pi-holePi-hole6.4MEDIUMHTML Attribute Injection in Pi-hole Admin Interface for Pi-hole
CVE-2026-33406Pi-holeWeb5.4MEDIUMWeb Interface Vulnerability in Pi-hole Admin Interface by Pi-hole
CVE-2026-33404Pi-holeWeb3.4LOWReflected DOM-based XSS in Pi-hole Admin Interface Affects Pi-hole
CVE-2026-33403Pi-holeWeb6.1MEDIUMOS Command Injection Vulnerability in Pi-hole Admin Interface by Pi-hole
CVE-2026-33765Pi-holeWeb8.9HIGHStored HTML Injection Vulnerability in Pi-hole Admin Interface by Pi-hole
CVE-2026-26953Pi-holeWeb5.4MEDIUMStored HTML Injection Vulnerability in Pi-hole Admin Interface
CVE-2026-26952Pi-holeWeb5.4MEDIUMCRLF Injection Vulnerability in Pi-hole Admin Interface by Pi-hole
CVE-2025-59151Pi-holeWeb8.2HIGHReflected XSS Vulnerability in Pi-hole Admin Interface by Pi-hole
CVE-2025-53533Pi-holeWeb👾🟡5.1MEDIUMXSS Vulnerability in Pi-hole Admin Interface by Pi-hole
CVE-2025-32785Pi-holeWeb2LOWAuthenticated Command Injection in Pi-hole by Pi-hole
CVE-2025-34087Pi-hole LlcWeb👾🟡EPSS 50%9CRITICALPi-hole Before 6 Allows Unauthorized Temperature Unit Changes
CVE-2024-44069Pi-holePi-hole7.5HIGHPi-hole vulnerability allows remote command execution
CVE-2024-34361Pi-holePi-hole👾🟡EPSS 58%8.6HIGHPi-hole Vulnerability Allows Reading of Internal Server Files
CVE-2024-28247Pi-holePi-hole👾🟡7.6HIGHImproper session handling of "Remember me for 7 days" functionality
CVE-2023-23614Pi-holeAdminlte8.8HIGHPi-Hole/AdminLTE vulnerable due to improper access control in queryads endpoint
CVE-2022-23513Pi-holeAdminlte5.3MEDIUMAuthenticated XSS in Pi-hole AdminLTE
CVE-2022-31029Pi-holeAdminlte5.9MEDIUMStored XSS in Client Groups Management (Authenticated)
CVE-2021-41175Pi-holeAdminlte7.3HIGHCross-site Scripting (XSS) - Reflected in pi-hole/adminlte
CVE-2021-3812Pi-holePi-hole/adminlte6.7MEDIUMCross-site Scripting (XSS) - Reflected in pi-hole/adminlte
CVE-2021-3811Pi-holePi-hole/adminlte6.7MEDIUMSensitive Cookie Without 'HttpOnly' Flag in pi-hole/adminlte
CVE-2021-3706Pi-holePi-hole/adminlte7.4HIGHStored XSS Vulnerability in the Pi-hole Webinterface
CVE-2021-32793Pi-holeAdminlte5.7MEDIUM(Authenticated) Remote Code Execution Possible in Web Interface 5.5
CVE-2021-32706Pi-holeAdminlteEPSS 61%7.6HIGHStored DOM XSS in Pi-hole Admin Web Interface
CVE-2021-29448Pi-holeAdminlte7.6HIGH