Tgstation13 Tgstation-server — known CVE vulnerabilities
Every CVE whose affected-product data names Tgstation13 Tgstation-server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2018-17107 — CVSS 9.8 (critical): In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to…
CVE-2025-21611 — CVSS 8.8 (high): tgstation-server is a production scale tool for BYOND server management. Prior to 6.12.3, roles used to authorize API methods were…
CVE-2024-41799 — CVSS 8.4 (high): tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users using the "Set .dme Path"…
CVE-2020-16136 — CVSS 7.7 (high): In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine…
CVE-2023-32687 — CVSS 7.7 (high): tgstation-server is a toolset to manage production BYOND servers. Starting in version 4.7.0 and prior to 5.12.1, instance users with the…
CVE-2023-33198 — CVSS 6.1 (medium): tgstation-server is a production scale tool for BYOND server management. The DreamMaker API (DMAPI) chat channel cache can possibly be…
CVE-2023-34243 — CVSS 5.8 (medium): TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user was registered in tgstation-server (TGS)…