FLAT-36RWAÂ (CVE-2026-54134)
External control of file name or path In octoprint
4.7
Medium
Ecosystem: PyPI
Package: octoprint
FLAT-ES7MZÂ (CVE-2026-35163)
Lack of data validation - Path Traversal In octoprint
1.0
Low
Ecosystem: PyPI
Package: octoprint
FLAT-JLMHNÂ (CVE-2026-23892)
Lack of data validation - Path Traversal In octoprint
2.3
Low
Ecosystem: PyPI
Package: octoprint
FLAT-O2FG9Â (CVE-2025-64187)
Server side cross-site scripting In octoprint
1.0
Low
Ecosystem: PyPI
Package: octoprint
FLAT-A7UWKÂ (CVE-2025-58180)
OS Command Injection In octoprint
4.8
Medium
Ecosystem: PyPI
Package: octoprint
FLAT-K6BH7Â (CVE-2025-48879)
Insecure file upload In octoprint
4.9
Medium
Ecosystem: PyPI
Package: octoprint
FLAT-XY9XDÂ (CVE-2025-48067)
External control of file name or path In octoprint
1.3
Low
Ecosystem: PyPI
Package: octoprint
FLAT-KPX85Â (CVE-2025-32788)
Spoofing In octoprint
2.7
Low
Ecosystem: PyPI
Package: octoprint
FLAT-W3Z1OÂ (CVE-2024-51493)
Authentication mechanism absence or evasion In octoprint
1.1
Low
Ecosystem: PyPI
Package: octoprint
FLAT-82JK7Â (CVE-2024-49377)
Reflected cross-site scripting (XSS) In octoprint
1.2
Low
Ecosystem: PyPI
Package: octoprint
FLAT-BFISKÂ (CVE-2024-32977)
Spoofing In octoprint
7.1
High
Ecosystem: PyPI
Package: octoprint
FLAT-WC64EÂ (CVE-2024-28237)
Reflected cross-site scripting (XSS) In octoprint
0.1
Low
Ecosystem: PyPI
Package: octoprint
FLAT-12E60Â (CVE-2024-23637)
Improper authorization control for web services In octoprint
1.0
Low
Ecosystem: PyPI
Package: octoprint
FLAT-SV1C4Â (CVE-2023-41047)
Server side template injection In octoprint
5.7
Medium
Ecosystem: PyPI
Package: octoprint
FLAT-9I8XPÂ (CVE-2022-3607)
Lack of data validation In octoprint
2.1
Low
Ecosystem: PyPI
Package: octoprint
FLAT-8ANWRÂ (CVE-2022-2872)
Insecure file upload In octoprint
0.5
Low
Ecosystem: PyPI
Package: octoprint
FLAT-7USJPÂ (CVE-2022-2888)
Session Fixation In octoprint
1.3
Low
Ecosystem: PyPI
Package: octoprint
FLAT-A2VHIÂ (CVE-2022-3068)
Excessive privileges In octoprint
6.3
Medium
Ecosystem: PyPI
Package: octoprint
FLAT-IRT21Â (CVE-2022-2930)
Password change without identity check In octoprint
1.1
Low
Ecosystem: PyPI
Package: octoprint
FLAT-0PCGOÂ (CVE-2022-2822)
Lack of protection against brute force attacks In octoprint
1.7
Low
Ecosystem: PyPI
Package: octoprint
FLAT-ACUO4Â (MAL-2022-5015)
Use of software with malware In octoprint-slackbot
5.2
Medium
Ecosystem: Npm
Package: octoprint-slackbot
FLAT-X692AÂ (CVE-2021-32560)
Improper authorization control for web services In octoprint
4.9
Medium
Ecosystem: PyPI
Package: octoprint
FLAT-4S93TÂ (CVE-2021-32561)
Reflected cross-site scripting (XSS) In octoprint
1.3
Low
Ecosystem: PyPI
Package: octoprint
FLAT-VGCFBÂ (CVE-2022-1430)
Reflected cross-site scripting (XSS) In octoprint
5.2
Medium
Ecosystem: PyPI
Package: octoprint
FLAT-WPZMKÂ (CVE-2022-1432)
Reflected cross-site scripting (XSS) In octoprint
5.2
Medium
Ecosystem: PyPI
Package: octoprint