Every CVE whose affected-product data names Authzed Spicedb, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2023-29193 — CVSS 8.7 (high): SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions…
CVE-2022-21646 — CVSS 8.1 (high): SpiceDB is a database system for managing security-critical application permissions. Any user making use of a wildcard relationship under…
CVE-2024-27101 — CVSS 7.3 (high): SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer…
CVE-2025-64529 — CVSS 6.5 (medium): SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions prior to 1.45.2…
CVE-2026-40091 — CVSS 6.0 (medium): SpiceDB is an open source database system for creating and managing security-critical application permissions. In versions 1.49.0 through…
CVE-2025-65111 — CVSS 5.3 (medium): SpiceDB is an open source database system for creating and managing security-critical application permissions. Prior to version 1.47.1, if…
CVE-2023-46255 — CVSS 4.2 (medium): SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Prior to…
CVE-2024-46989 — CVSS 3.7 (low): spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications…
CVE-2025-49011 — CVSS 3.7 (low): SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving…
CVE-2023-35930 — CVSS 3.7 (low): SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions…
CVE-2024-38361 — CVSS 3.7 (low): Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications…
CVE-2024-32001 — CVSS 2.2 (low): SpiceDB is a graph database purpose-built for storing and evaluating access control data. Use of a relation of the form: `relation folder…
CVE-2024-48909 — CVSS 2.0 (low): SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Starting in version 1.35.0 and prior…