Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Apache nifiApache NiFi: Missing Execute Code Required Permission on TinkerpopClientService

Risk 83
Severity
7.5
First published (updated )
CVE-2026-39816

Apache nifiApache NiFi: Missing Authorization of Restricted Permissions for Component Updates

Risk 53
Severity
8.7
EPSS
0.01%
First published (updated )
CVE-2026-25903

Apache nifiApache NiFi: Deserialization of Untrusted Data in GetAsanaObject Processor

Risk 84
Severity
8.8
First published (updated )
CVE-2025-66524

maven/org.apache.nifi:nifi-jolt-transform-json-uiApache NiFi: Improper Neutralization of Input in Advanced User Interface for Jolt

Risk 66
Severity
7.9
First published (updated )
CVE-2023-49145

Apache nifiApache NiFi: Potential Code Injection with Properties Referencing Remote Resources

Risk 84
Severity
8.8
First published (updated )
CVE-2023-36542
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.apache.nifi:nifi-dbcp-service-narApache NiFi: Potential Code Injection with Database Services using H2

Risk 82
Severity
8.8
First published (updated )
CVE-2023-34468

maven/org.apache.nifi:nifi-ccda-processorsApache NiFi: Improper Restriction of XML External Entity References in ExtractCCDAAttributes

Risk 45
Severity
7.5
First published (updated )
CVE-2023-22832

Apache nifiImproper Neutralization of Command Elements in Shell User Group Provider

Risk 79
Severity
8.8
First published (updated )
CVE-2022-33140

Apache nifiImproper Restriction of XML External Entity References in Multiple Components

Risk 43
Severity
7.5
First published (updated )
CVE-2022-29265

maven/com.fasterxml.jackson.core:jackson-databindSSRF

Risk 63
Severity
8.3
First published (updated )
CVE-2021-20190
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache nifiIn Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as…

Risk 43
Severity
7.5
First published (updated )
CVE-2020-9491

Apache nifiIn Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed c…

Risk 43
Severity
7.5
First published (updated )
CVE-2020-9487

maven/org.apache.nifi:nifi-statelessIn Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which inclu…

Risk 44
Severity
7.5
First published (updated )
CVE-2020-9486

maven/org.apache.nifi:nifi-security-utilsInfoleak

Risk 44
Severity
7.5
First published (updated )
CVE-2020-1942

maven/org.apache.nifi:nifi-web-apiWhen using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions…

Risk 80
Severity
8.8
First published (updated )
CVE-2019-12421
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Oracle Utilities FrameworkA flaw was found in the Apache Commons BeanUtils, where the class property in PropertyUtilsBean is n…

Risk 55
Severity
7.5
First published (updated )
CVE-2019-10086

maven/org.apache.nifi:nifi-framework-clusterInput Validation

Risk 45
Severity
7.5
First published (updated )
CVE-2018-17194

maven/org.apache.nifi:nifiCSRF

Risk 72
Severity
7.5
First published (updated )
CVE-2018-17195

Apache nifiApache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS conten…

Risk 43
Severity
7.5
First published (updated )
CVE-2018-1310

Apache nifiInput Validation

Risk 43
Severity
7.5
First published (updated )
CVE-2017-12632
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache nifiIn Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user requ…

Risk 43
Severity
7.5
First published (updated )
CVE-2017-5635

Apache nifiApache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers…

Risk 43
Severity
7.5
First published (updated )
CVE-2017-7667

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203