Every CVE whose affected-product data names Chef Automate, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-40050 — CVSS 9.9 (critical): Upload profile either through API or user interface in Chef Automate prior to and including version 4.10.29 using InSpec check command with…
CVE-2025-8868 — CVSS 9.8 (critical): In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef…
CVE-2025-6724 — CVSS 8.8 (high): In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef…