Every CVE whose affected-product data names Okfn Ckan, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2026-42031 — CVSS 9.8 (critical): CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, a vulnerability…
CVE-2023-32321 — CVSS 9.8 (critical): CKAN is an open-source data management system for powering data hubs and data portals. Multiple vulnerabilities have been discovered in…
CVE-2026-42032 — CVSS 9.1 (critical): CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, a vulnerability…
CVE-2022-43685 — CVSS 8.8 (high): CKAN through 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request. This allows a user…
CVE-2023-32696 — CVSS 8.8 (high): CKAN is an open-source data management system for powering data hubs and data portals. Prior to versions 2.9.9 and 2.10.1, the `ckan` user…
CVE-2023-22746 — CVSS 8.6 (high): CKAN is an open-source DMS (data management system) for powering data hubs and data portals. When creating a new container based on one of…
CVE-2026-41132 — CVSS 7.4 (high): CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, the configured…
CVE-2024-41675 — CVSS 6.8 (medium): CKAN is an open-source data management system for powering data hubs and data portals. The Datatables view plugin did not properly escape…
CVE-2026-41255 — CVSS 6.1 (medium): CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, Access to the…
CVE-2021-25967 — CVSS 5.4 (medium): In CKAN, versions 2.9.0 to 2.9.3 are affected by a stored XSS vulnerability via SVG file upload of users’ profile picture. This allows…
CVE-2024-41674 — CVSS 5.3 (medium): CKAN is an open-source data management system for powering data hubs and data portals. If there were connection issues with the Solr…
CVE-2024-43371 — CVSS 4.5 (medium): CKAN is an open-source data management system for powering data hubs and data portals. There are a number of CKAN plugins, including…
CVE-2023-50248 — CVSS 4.5 (medium): CKAN is an open-source data management system for powering data hubs and data portals. Starting in version 2.0.0 and prior to versions…
CVE-2024-27097 — CVSS 4.3 (medium): A user endpoint didn't perform filtering on an incoming parameter, which was added directly to the application log. This could lead to an…