Kotlin
This hub aggregates every CVE we track for Kotlin, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
HIGH4MEDIUM4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Kotlin.
- CVE-2026-53914In JetBrains Kotlin before 2.4.20 code execution was possible via unsafe deserialization in the build cache metadata6.7
- CVE-2023-26154Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions ...5.9
- CVE-2022-24329In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.5.3
- CVE-2020-29582In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure perm...5.3
- CVE-2020-15824In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts c...8.8
- CVE-2019-10103JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/JVM Server) IDE Template were resolving Gradle artifacts using an http connection, potentially allowing an MITM attack. This iss...8.1
- CVE-2019-10102JetBrains Ktor framework (created using the Kotlin IDE template) versions before 1.1.0 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attac...8.1
- CVE-2019-10101JetBrains Kotlin versions before 1.3.30 were resolving artifacts using an http connection during the build process, potentially allowing an MITM attack.8.1
Product normalization is registry-driven with AI assist and human review. How it works