Owasp Security Vulnerabilities (CVEs)
Track 11 security vulnerabilities affecting Owasp products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in OWASP Core Rule Set (CRS) allows attackers to bypass multipart request filtering in web application firewalls. When processing m...
Jan 8, 2026CVE-2025-66022 is a critical vulnerability in FACTION PenTesting Report Generation Framework that allows unauthenticated attackers to upload malicious...
Nov 26, 2025This vulnerability in OWASP Java HTML Sanitizer allows cross-site scripting (XSS) attacks when the HtmlPolicyBuilder configuration permits noscript an...
Nov 26, 2025CVE-2024-1019 is a WAF bypass vulnerability in ModSecurity v3 that allows attackers to hide malicious payloads in URL paths by using percent-encoded c...
Jan 30, 2024CVE-2023-38285 is a denial-of-service vulnerability in Trustwave ModSecurity 3.x caused by inefficient algorithmic complexity in four transformation f...
Jul 26, 2023This vulnerability in Trustwave ModSecurity allows attackers to cause a denial of service by triggering a segmentation fault in the Transaction class,...
Apr 28, 2023CVE-2021-42717 is a denial-of-service vulnerability in ModSecurity's JSON parser where excessively nested JSON objects cause excessive CPU consumption...
Dec 7, 2021This vulnerability allows attackers to bypass ModSecurity Core Rule Set request body inspection by appending a trailing pathname to requests. This aff...
Nov 5, 2021CVE-2021-42575 is a critical vulnerability in the OWASP Java HTML Sanitizer that allows bypassing HTML sanitization policies for SELECT, STYLE, and OP...
Oct 18, 2021This vulnerability in OWASP CSRFGuard allows attackers to bypass Cross-Site Request Forgery (CSRF) protection by retrieving the CSRF cookie using only...
Aug 19, 2021CVE-2021-23899 is a vulnerability in OWASP json-sanitizer versions before 1.2.2 where the sanitizer fails to properly escape closing SCRIPT tags and C...
Jan 13, 2021Why Monitor Owasp Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 11+ known vulnerabilities affecting Owasp products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Owasp packages in under 60 seconds. No agents required - completely agentless scanning that works across Owasp deployments.
Free vulnerability database: Access detailed information about every Owasp CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Owasp CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
