Terrascan
This hub aggregates every CVE we track for Terrascan, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
3
0
0
2024-082026-07
Latest CVEs
The 3 most recently published vulnerabilities affecting Terrascan.
- CVE-2026-47358Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded AR...7.5
- CVE-2026-47357Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the remote_url parameter in the remote directory scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/remote/dir/s...7.5
- CVE-2026-47356Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the webhook_url parameter in the file scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/local/file/scan) when r...7.5
Product normalization is registry-driven with AI assist and human review. How it works