zitadel Summary
Latest vulnerabilities published by zitadel
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Password Reset Mechanism Vulnerability in Zitadel Identity Infrastructure
CVE-2025-48936ZitadelZitadel8.1HIGHSession API Vulnerability in ZITADEL Identity Infrastructure Software
CVE-2025-46815ZitadelZitadel8HIGHUser Enumeration Vulnerability in Zitadel Identity Infrastructure Software
CVE-2025-31124ZitadelZitadel5.3MEDIUMIdentity Infrastructure Vulnerability in Zitadel Affecting Token Authorization
CVE-2025-31123ZitadelZitadel8.7HIGHInsecure Direct Object Reference Vulnerability in Zitadel Identity Infrastructure Software
CVE-2025-27507ZitadelZitadel9CRITICALZitadel Disables User Self-Registration Due to Security Vulnerability
CVE-2024-49757ZitadelZitadel7.5HIGHZitadel Vulnerability Allows Bypass of Security Measures
CVE-2024-49753ZitadelZitadel5.9MEDIUMZitadel Fixes Deactivation Mechanism Vulnerability
CVE-2024-46999ZitadelZitadel6.5MEDIUMService Account Deactivation Issue in Zitadel Identify Management Platform
CVE-2024-47000ZitadelZitadel7.5HIGHUnauthorized Access to Deactivated Projects in Zitadel Due to Tightly Coupled Applications
CVE-2024-47060ZitadelZitadel6.5MEDIUMZitadel Identity Management System Vulnerability
CVE-2024-41953ZitadelZitadel6.1MEDIUMIdentity Management System Vulnerability in Zitadel
CVE-2024-41952ZitadelZitadel5.3MEDIUMZITADEL Fixes Issue Exposing Other Users' Sessions
CVE-2024-39683ZitadelZitadel6.5MEDIUMZitadel Addresses Connection Issues in Latest Point Release
CVE-2024-32967ZitadelZitadel5.3MEDIUMZITADEL Patches (T)OTP Check Lockout Mechanism in Version 2.50.0
CVE-2024-32868ZitadelZitadel8.1HIGHUser-Uploaded Avatar Image Vulnerability in ZITADEL by ZITADEL
CVE-2024-29891ZitadelZitadel8.7HIGHZITADEL's actions can overload reserved claims
CVE-2024-29892ZitadelZitadel4.9MEDIUMZITADEL Authentication Management Software Vulnerability
CVE-2024-28855ZitadelZitadel6.1MEDIUMZitadel Fixes Cookie Vulnerability Affecting User Sessions
CVE-2024-28197ZitadelZitadel7.5HIGHZITADEL vulnerable account takeover via malicious host header injection
CVE-2023-49097ZitadelZitadel8.1HIGHZITADEL race condition in lockout policy execution
CVE-2023-47111ZitadelZitadel7.3HIGHXSS with User Avatar image in ZITADEL
CVE-2023-46238zitadelzitadel5.4MEDIUMZITADEL's password reset does not respect the "Ignoring unknown usernames" setting
CVE-2023-44399ZitadelZitadel5.3MEDIUMRefreshToken invalidation vulnerability
CVE-2023-22492ZitadelZitadel5.9MEDIUMBroken Authorization in ZITADEL Actions
CVE-2022-36051ZitadelZitadel8.7HIGH