Ocsinventory-ng Ocs Inventory Server — known CVE vulnerabilities
Every CVE whose affected-product data names Ocsinventory-ng Ocs Inventory Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-14857 — CVSS 8.8 (high): Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory…
CVE-2026-22675 — CVSS 5.4 (medium): OCS Inventory NG Server version 2.12.3 and prior contain a stored cross-site scripting vulnerability that allows unauthenticated attackers…