Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how erlang compares to other vendors in security performance

View Risk Score →

Erlang Erlang\/otpSFTP chroot bypass via path traversal in SSH_FXP_FSETSTAT

Risk 26
Severity
5.3
First published (updated )
CVE-2026-32147

Erlang Erlang\/inetsScriptAlias CGI targets bypass directory auth in inets httpd (mod_auth vs mod_cgi path mismatch)

Risk 86
Severity
8.3
First published (updated )
CVE-2026-28808

Erlang Erlang\/otpOCSP designated-responder authorization bypass via missing signature verification

Risk 55
Severity
7.6
First published (updated )
CVE-2026-32144

Erlang Erlang\/otpPredictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver

Risk 29
Severity
6.3
First published (updated )
CVE-2026-28810

hex/esamlXXE in esaml SAML library allows local file read and potential SSRF

Risk 29
Severity
6.3
First published (updated )
CVE-2026-28809
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Erlang Erlang\/inetsRequest smuggling via first-wins Content-Length parsing in inets httpd

Risk 76
Severity
7
First published (updated )
CVE-2026-23941

Erlang Erlang\/otpPre-auth SSH DoS via unbounded zlib inflate

Risk 33
Severity
6.9
First published (updated )
CVE-2026-23943

Erlang Erlang\/otpSFTP root escape via component-agnostic prefix check in ssh_sftpd

Risk 34
Severity
5.3
First published (updated )
CVE-2026-23942

hexpm/hex_coreUnsafe Deserialization of Erlang Terms in hex_core

Risk 46
Severity
2
First published (updated )
CVE-2026-21619

Erlang OTPSSH_FXP_OPENDIR may Lead to Exhaustion of File Handles

Risk 43
Severity
7.5
First published (updated )
CVE-2025-48041
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Erlang OTPMalicious Key Exchange Messages may Lead to Excessive Resource Consumption

Risk 33
Severity
6.9
First published (updated )
CVE-2025-48040

Microsoft cbl2 erlang 25.3.2.21-2Unverified Paths can Cause Excessive Use of System Resources

Risk 26
Severity
5.3
First published (updated )
CVE-2025-48039

Erlang OTPUnverified File Handles can Cause Excessive Use of System Resources

Risk 26
Severity
5.3
First published (updated )
CVE-2025-48038

Erlang OTPAbsolute path traversal in zip:unzip/1,2

Risk 32
Severity
4.8
First published (updated )
CVE-2025-4748

Erlang Erlang 28End of life details

EOL
May 20, 2028
First published (updated )
EOL-erlang-28
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

The RegisterToday's LLMs craft exploits from patches at lightning speed

Exploited
First published (updated )
News
The Register

BleepingComputerCritical Erlang/OTP SSH RCE bug now has public exploits, patch now

Exploited
First published (updated )
News
BleepingComputer

CVE-2025-32433: Unauthenticated mote Code Execution in Erlang/OTP SSH

First published (updated )
https://seclists.org/oss-sec/2025/q2/68

BleepingComputerCritical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now

Exploited
First published (updated )
News
BleepingComputer

Cisco Network Services OrchestratorErlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability

Risk 81
Severity
10
Exploited
EPSS
3.62%
First published (updated )
CVE-2025-32433
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

debian/erlangKEX init error results with excessive memory usage

Risk 31
Severity
7.5
EPSS
0.05%
First published (updated )
CVE-2025-30211

debian/erlangSSH SFTP packet size not verified properly in Erlang OTP

Risk 28
Severity
7
EPSS
0.06%
First published (updated )
CVE-2025-26618

Erlang Erlang 26Reached end of life

EOL
May 15, 2026
Support Ends
May 17, 2024
First published (updated )
latest-version-erlang-26

Erlang Erlang 26Reached end of life

EOL
May 15, 2026
Support Ends
May 17, 2024
First published (updated )
EOL-erlang-26

Erlang Erlang 27Out of support

EOL
May 20, 2027
Support Ends
May 20, 2025
First published (updated )
EOL-erlang-27
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Erlang Erlang 27Out of support

EOL
May 20, 2027
Support Ends
May 20, 2025
First published (updated )
latest-version-erlang-27

Erlang Erlang 25Reached end of life

EOL
May 17, 2025
Support Ends
May 15, 2023
First published (updated )
latest-version-erlang-25

Erlang Erlang 25Reached end of life

EOL
May 17, 2025
Support Ends
May 15, 2023
First published (updated )
EOL-erlang-25

CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)

First published (updated )
https://seclists.org/oss-sec/2023/q4/300

CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)

First published (updated )
https://seclists.org/oss-sec/2023/q4/297
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203