Enalean Security Vulnerabilities (CVEs)

Track 24 security vulnerabilities affecting Enalean products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

4 High

20 Medium

Sort by:

🔔 Get Alerts for Enalean

CVE-2026-24007 4.6

This CSRF vulnerability in Tuleap allows attackers to trick authenticated users into performing unauthorized actions, specifically creating artifact l...

Feb 2, 2026

CVE-2025-65962 4.6

This CVE-2025-65962 is a Cross-Site Request Forgery (CSRF) vulnerability in Tuleap's tracker field dependencies that allows attackers to modify tracke...

Dec 9, 2025

CVE-2025-64498 4.6

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Tuleap project management software that allows attackers to trick authenticate...

Dec 8, 2025

CVE-2025-64499 4.6

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Tuleap's planning management API. Attackers can trick authenticated users into...

Dec 8, 2025

CVE-2025-64760 4.6

This CVE describes a Cross-Site Request Forgery (CSRF) vulnerability in Tuleap that allows attackers to create or remove tracker triggers without prop...

Dec 8, 2025

CVE-2025-64497 6.5

This CVE describes an authorization bypass vulnerability in Tuleap's file release system. Attackers can access file release information in projects th...

Dec 8, 2025

CVE-2025-52899 5.3

This vulnerability in Tuleap's forgot password form allows attackers to enumerate valid usernames by observing differences in response times or error ...

Jul 29, 2025

CVE-2025-53902 4.3

This CVE describes an authorization bypass vulnerability in Tuleap where authenticated users can access confidential artifact information they shouldn...

Jul 29, 2025

CVE-2025-50179 4.6

This CVE describes a cross-site request forgery (CSRF) vulnerability in Tuleap that allows attackers to trick authenticated users into modifying canne...

Jun 25, 2025

CVE-2025-30155 4.3

Tuleap's REST API fails to enforce read permissions on parent trackers, allowing authenticated users to access tracker data they shouldn't have permis...

Mar 31, 2025

CVE-2025-30203 4.8

This CVE describes a cross-site scripting (XSS) vulnerability in Tuleap's RSS widget functionality. Project administrators or users controlling RSS fe...

Mar 31, 2025

CVE-2025-29929 4.6

This CSRF vulnerability in Tuleap allows attackers to trick authenticated users into unknowingly submitting or editing artifacts or follow-up comments...

Mar 31, 2025

CVE-2025-29766 4.6

CVE-2025-29766 is a Cross-Site Request Forgery (CSRF) vulnerability in Tuleap that allows attackers to trick authenticated users into submitting or ed...

Mar 31, 2025

CVE-2025-27401 4.6

This vulnerability in Tuleap allows authenticated users with access to any tracker to delete all criteria filters across all reports by repeatedly cre...

Mar 4, 2025

CVE-2025-27099 4.8

This CVE describes a stored cross-site scripting (XSS) vulnerability in Tuleap's tracker semantic timeframe deletion messages. A tracker administrator...

Mar 3, 2025

CVE-2025-24029 5.3

CVE-2025-24029 is an improper permissions vulnerability in Tuleap that allows users (including anonymous users in public project dashboards) to access...

Feb 3, 2025

CVE-2024-52599 5.4

This vulnerability allows a malicious user with artifact creation permissions in a tracker with a Gantt chart to execute cross-site scripting (XSS) at...

Dec 9, 2024

CVE-2024-46988 4.8

This vulnerability in Tuleap allows users to receive email notifications containing information they shouldn't have access to, potentially exposing se...

Oct 14, 2024

CVE-2024-47767 4.3

This vulnerability in Tuleap allows users to see tracker names they should not have access to due to improper handling of permissions. It affects all ...

Oct 14, 2024

CVE-2024-39902 4.8

This vulnerability in Tuleap's document manager allows users to retain edit or manage permissions on sub-items when permissions are being restricted v...

Jul 22, 2024

CVE-2022-31058 7.2

CVE-2022-31058 is a SQL injection vulnerability in Tuleap's tracker report functionality. Attackers with permission to create new trackers can execute...

Jun 29, 2022

CVE-2021-43806 8.8

CVE-2021-43806 is an SQL injection vulnerability in Tuleap's CVS repository browsing functionality. Authenticated users with read access to CVS reposi...

Dec 15, 2021

CVE-2021-41154 8.8

This vulnerability allows attackers with read access to SVN core repositories in Tuleap to execute arbitrary SQL queries through SQL injection. It aff...

Oct 18, 2021

CVE-2021-41148 8.8

This SQL injection vulnerability in Tuleap Open ALM allows attackers with dashboard editing permissions to execute arbitrary SQL queries. It affects T...

Oct 15, 2021

Why Monitor Enalean Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 24+ known vulnerabilities affecting Enalean products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Enalean packages in under 60 seconds. No agents required - completely agentless scanning that works across Enalean deployments.

Free vulnerability database: Access detailed information about every Enalean CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Enalean CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Enalean CVEs Free