Every CVE whose affected-product data names Pi-hole Ftldns, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2026-39849 — CVSS 8.8 (high): Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the…
CVE-2026-35520 — CVSS 8.8 (high): FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the…
CVE-2026-35521 — CVSS 8.8 (high): FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the…
CVE-2026-35517 — CVSS 8.8 (high): FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the…
CVE-2026-35518 — CVSS 8.8 (high): FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the…
CVE-2026-35519 — CVSS 8.8 (high): FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the…
CVE-2021-29448 — CVSS 7.6 (high): Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin…
CVE-2026-35491 — CVSS 6.1 (medium): FTLDNS (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, Pi-hole…