Maas
This hub aggregates every CVE we track for Maas, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
2
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM3HIGH2CRITICAL2LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
1
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 8 most recently published vulnerabilities affecting Maas.
- CVE-2025-7044Privilege Escalation in MAAS via Websocket Request Manipulation7.7
- CVE-2024-6107Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corre...9.6
- CVE-2015-1320Probe-and-enlist for SeaMicro chassis writes password to the log5.5
- CVE-2014-1428uuid.uuid1() is not suitable as an unguessable identifier/token2.0
- CVE-2014-1427MAAS API vulnerable to CSRF attack9.6
- CVE-2014-1426get_file_by_name does not check owner8.6
- CVE-2013-1058maas-import-pxe-files in MAAS before 13.10 does not verify the integrity of downloaded files, which allows remote attackers to modify these files via a man-in-the-middle (MITM) attack.5.8
- CVE-2013-1057Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current ...4.4
Product normalization is registry-driven with AI assist and human review. How it works