Coolercontrol Coolercontrold — known CVE vulnerabilities
Every CVE whose affected-product data names Coolercontrol Coolercontrold, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2026-5208 — CVSS 8.2 (high): Command injection in alerts in CoolerControl/coolercontrold <4.0.0 allows authenticated attackers to execute arbitrary code as root via…
CVE-2026-5301 — CVSS 7.6 (high): Stored XSS in log viewer in CoolerControl/coolercontrol-ui <4.0.0 allows unauthenticated attackers to take over the service via malicious…
CVE-2026-5302 — CVSS 6.3 (medium): CORS misconfiguration in CoolerControl/coolercontrold <4.0.0 allows unauthenticated remote attackers to read data and send commands to the…
CVE-2026-5300 — CVSS 5.9 (medium): Unauthenticated functionality in CoolerControl/coolercontrold <4.0.0 allows unauthenticated attackers to view and modify potentially…