Icewarp
This hub aggregates every CVE we track for Icewarp, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
1
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM6HIGH2CRITICAL1
Monthly trend
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
2
0
0
1
1
0
0
0
2024-082026-07
Latest CVEs
The 9 most recently published vulnerabilities affecting Icewarp.
- CVE-2018-25269ICEWARP 11.0.0.0 Cross-Site Scripting via Email HTML Injection6.1
- CVE-2026-2493IceWarp collaboration Directory Traversal Information Disclosure Vulnerability7.5
- CVE-2025-14500IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability9.8
- CVE-2025-14499IceWarp gmaps Cross-Site Scripting Authentication Bypass Vulnerability8.8
- CVE-2024-55218IceWarp Server 10.2.1 is vulnerable to Cross Site Scripting (XSS) via the meta parameter.6.1
- CVE-2024-0246IceWarp Utility Download cross site scripting4.3
- CVE-2023-41013Cross Site Scripting (XSS) in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field.6.1
- CVE-2023-39600IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.6.1
- CVE-2023-37728IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter.6.1
Product normalization is registry-driven with AI assist and human review. How it works