Kimai Security Vulnerabilities (CVEs)
Track 5 security vulnerabilities affecting Kimai products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
Kimai 2 contains a persistent cross-site scripting (XSS) vulnerability that allows attackers to inject malicious SVG scripts into timesheet descriptio...
Feb 11, 2026This vulnerability allows authenticated users with export permissions in Kimai time-tracking software to deploy malicious Twig templates that bypass s...
Jan 18, 2026Kimai 1.30.10 contains a SameSite cookie vulnerability that allows attackers to steal user session cookies through crafted PHP scripts. This enables s...
Dec 19, 2025CVE-2021-43515 is a CSV injection vulnerability in Kimai time tracking software that allows attackers to inject malicious formulas into exported CSV f...
Apr 8, 2022CVE-2021-3985 is a cross-site scripting (XSS) vulnerability in Kimai2 time-tracking software that allows attackers to inject malicious scripts into we...
Dec 1, 2021Why Monitor Kimai Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 5+ known vulnerabilities affecting Kimai products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Kimai packages in under 60 seconds. No agents required - completely agentless scanning that works across Kimai deployments.
Free vulnerability database: Access detailed information about every Kimai CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Kimai CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
