Snipeitapp Security Vulnerabilities (CVEs)
Track 16 security vulnerabilities affecting Snipeitapp products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This stored cross-site scripting (XSS) vulnerability in Snipe-IT allows authenticated users with low privileges to inject malicious JavaScript into th...
Dec 1, 2025This stored cross-site scripting (XSS) vulnerability in Snipe-IT allows authenticated users with low privileges to inject malicious JavaScript that ex...
Dec 1, 2025Snipe-IT v8.3.4 contains a reflected XSS vulnerability in the CSV import workflow where invalid file uploads return unsanitized HTML in progress messa...
Nov 20, 2025CVE-2025-63601 is a critical remote code execution vulnerability in Snipe-IT asset management software. Authenticated attackers can upload malicious b...
Nov 5, 2025CVE-2025-59713 is an unsafe deserialization vulnerability in Snipe-IT versions before 8.1.18 that could allow remote code execution. This affects all ...
Sep 19, 2025CVE-2025-59712 is a cross-site scripting (XSS) vulnerability in Snipe-IT asset management software. It allows attackers to inject malicious scripts in...
Sep 19, 2025CVE-2025-47226 is an authorization bypass vulnerability in Snipe-IT that allows unauthorized access to asset information. Attackers can exploit incorr...
May 2, 2025A stored Cross-Site Scripting (XSS) vulnerability in Snipe-IT v7.0.13 allows attackers to upload malicious XML files containing JavaScript. When execu...
Nov 12, 2024Snipe-IT versions before 7.0.10 contain a remote code execution vulnerability via cookie serialization when an attacker obtains the APP_KEY. This allo...
Oct 11, 2024This CSRF vulnerability in Snipe-IT allows attackers to trick authenticated users into performing unintended actions without their consent. It affects...
Oct 11, 2023CVE-2022-23064 is a host header injection vulnerability in Snipe-IT that allows attackers to send password reset links pointing to attacker-controlled...
May 2, 2022This vulnerability in Snipe-IT allows attackers to bypass authentication by reusing old sessions even after the login enable function is activated. It...
Mar 30, 2022CVE-2022-0611 is a missing authorization vulnerability in Snipe-IT asset management software that allows authenticated users to access unauthorized fu...
Feb 16, 2022CVE-2022-0579 is a missing authorization vulnerability in Snipe-IT asset management software that allows authenticated users to access unauthorized fu...
Feb 14, 2022CVE-2021-4075 is a Server-Side Request Forgery (SSRF) vulnerability in Snipe-IT that allows attackers to make the application send unauthorized reques...
Dec 6, 2021CVE-2021-3858 is a Cross-Site Request Forgery (CSRF) vulnerability in Snipe-IT that allows attackers to trick authenticated users into performing unin...
Oct 19, 2021Why Monitor Snipeitapp Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 16+ known vulnerabilities affecting Snipeitapp products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Snipeitapp packages in under 60 seconds. No agents required - completely agentless scanning that works across Snipeitapp deployments.
Free vulnerability database: Access detailed information about every Snipeitapp CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Snipeitapp CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
