prosody
Security Risk Profile
42
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 23 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from June 22, 2011 to present
23
Total CVEs
13
Critical+High
0
Exploited
2
Unpatched
Threat Assessment
Avg CVSS
6.9
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
2
Critical/High
Risk Level
42/100
medium
Severity Distribution
Critical
1High
12Medium
9Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
0Age Distribution
Common Weaknesses (CWE)
1
Input Validation
3
2
XEE
1
3
Race Condition
1
4
Path Traversal
1
Most Affected Products
1. Prosody prosody100
2. Fedoraproject Fedora19
3. Debian Debian Linux13
4. debian/prosody8
5. Prosody Prosody XMPP Server1
Recent Vulnerabilities
See more →CVE-2026-43507
CVSS 7.5high
5/1/2026
CVE-2026-43506
CVSS 7.5high
5/1/2026
CVE-2026-43505
CVSS 6.5medium
5/1/2026
CVE-2026-43504
CVSS 6.5medium
5/1/2026
https://seclists.org/oss-sec/2026/q2/311
unknown
Prosody XMPP server security advisory 2026-04-31 (multiple vulnerabilities)
5/1/2026🔧 No Patch
CVE-2022-0217
CVSS 7.5high
1/14/2022
CVE-2021-37601
CVSS 7.5high
7/28/2021🔧 No Patch
CVE-2021-32921
CVSS 5.9medium
5/13/2021
CVE-2021-32920
CVSS 7.8high
5/13/2021
CVE-2021-32919
CVSS 7.5high
5/13/2021
Monitor prosody in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.