Every CVE whose affected-product data names Osgeo Geonetwork, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2025-30220 — CVSS 9.9 (critical): GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to…
CVE-2021-28398 — CVSS 7.2 (high): A privileged attacker in GeoNetwork before 3.12.0 and 4.x before 4.0.4 can use the directory harvester before-script to execute arbitrary…
CVE-2022-50899 — CVSS 6.5 (medium): Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary…
CVE-2024-32037 — CVSS 0.0 (none): GeoNetwork is a catalog application to manage spatially referenced resources. In versions prior to 4.2.10 and 4.4.5, the search end-point…