gradle
Security Risk Profile
45
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 73 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from June 12, 2012 to present
73
Total CVEs
36
Critical+High
0
Exploited
27
Unpatched
Threat Assessment
Avg CVSS
7.4
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
27
Critical/High
Risk Level
45/100
medium
Severity Distribution
Critical
10High
26Medium
19Low
1Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
5Age Distribution
Common Weaknesses (CWE)
1
Infoleak
4
2
Path Traversal
3
3
SSRF
3
4
CSRF
3
5
OS Command Injection
2
Most Affected Products
1. gradle Gradle36
2. Gradle Enterprise21
3. Gradle Gradle17
4. redhat/gradle7
5. Fedoraproject Fedora6
Recent Vulnerabilities
See more →CVE-2026-25063
CVSS 8.3EPSS 0%high
gradle-completion has a Bash command injection issue
1/29/2026
CVE-2026-22865
CVSS 8.6EPSS 0%high
Gradle's failure to disable repositories failing to answer can expose builds to malicious artifacts
1/16/2026🔧 No Patch
CVE-2026-22816
CVSS 8.6EPSS 0%high
Gradle fails to disable repositories which can expose builds to malicious artifacts
1/16/2026
EOL-gradle-9
unknown
7/31/2025
CVE-2025-27148
CVSS 8.8EPSS 0%high
Gradle vulnerable to local privilege escalation through system temporary directory
2/25/2025🔧 No Patch
CVE-2025-24858
CVSS 8.3EPSS 0%high
1/26/2025🔧 No Patch
CVE-2024-46881
CVSS 7.1high
1/26/2025🔧 No Patch
latest-version-gradle-8
unknown
11/10/2024
EOL-gradle-8
unknown
11/10/2024
CVE-2023-49238
CVSS 9.8critical
1/9/2024🔧 No Patch
Monitor gradle in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.