Jira software server
This hub aggregates every CVE we track for Jira software server, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
5
CVEs tracked
2
Critical
1
High
0
In CISA KEV
Severity distribution
MEDIUM2CRITICAL2HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 5 most recently published vulnerabilities affecting Jira software server.
- CVE-2025-22167This High severity Path Traversal (Arbitrary Write) vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 of Jira Software Data Center and Server. This Path Traversa...6.5
- CVE-2022-26137A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atla...8.8
- CVE-2022-26136A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used b...9.8
- CVE-2022-26135A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to perform a full read server-side request...6.5
- CVE-2022-0540A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center ver...9.8
Product normalization is registry-driven with AI assist and human review. How it works