Metasploit framework
This hub aggregates every CVE we track for Metasploit framework, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
0
Critical
5
High
0
In CISA KEV
Severity distribution
HIGH5MEDIUM3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Metasploit framework.
- CVE-2020-7385Metasploit Framework 'drb_remote_codeexec' code execution8.1
- CVE-2019-5645Rapid7 Metasploit HTTP Handler Denial of Service7.5
- CVE-2020-7377Rapid7 Metasploit Framework Relative Path Traversal in telpho10_credential_dump module8.1
- CVE-2020-7376Rapid7 Metasploit Framework Relative Path Traversal in enum_osx module7.1
- CVE-2020-7350Metasploit Framework Plugin Libnotify Command Injection6.1
- CVE-2019-5624Rapid7 Metasploit Framework Zip Import Directory Traversal7.3
- CVE-2011-1056The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by repl...6.2
- CVE-2005-2482The StateToOptions function in msfweb in Metasploit Framework 2.4 and earlier, when running with the -D option (defanged mode), allows attackers to modify temporary environment variables before the...5.0
Product normalization is registry-driven with AI assist and human review. How it works