Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

traccar — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in traccar, with AI-generated Chinese analysis, references, and POCs.

Vendor: Traccar

CVE IDTitleCVSSSeverityPublished
CVE-2026-27694 traccar allows stored HTML injection in notification emails CWE-79 5.4 Medium2026-05-05
CVE-2026-27693 traccar allows XML injection in KML and GPX exports CWE-91 5.4 Medium2026-05-05
CVE-2026-27644 traccar allows CSV formula injection via exported position data CWE-1236 6.5 Medium2026-05-05
CVE-2026-25649 Traccar Vulnerable to Authorization Code Theft via Open Redirect in OIDC Provider Endpoints CWE-352 7.3 High2026-02-23
CVE-2026-25648 Traccar Vulnerable to Stored Cross-Site Scripting (XSS) via Malicious SVG File Upload CWE-79 8.7 High2026-02-23
CVE-2026-23521 Traccar vulnerable to Path Traversal and External Control of File Name or Path CWE-22 6.5 Medium2026-02-23
CVE-2025-68930 Traccar Missing Origin Validation in WebSockets CWE-1385 7.1 High2026-02-23
CVE-2025-61666 Traccar Unauthenticated Local File Inclusion on Windows - Leakage of Traccar Config File CWE-22 9.1AICriticalAI2025-10-02
CVE-2024-31214 Traccar's unrestricted file upload vulnerability in device image upload could lead to remote code execution CWE-434 9.7 Critical2024-04-10
CVE-2024-24809 Traccar vulnerable to Path Traversal: 'dir/../../filename' and Unrestricted Upload of File with Dangerous Type CWE-27 8.5 High2024-04-10
CVE-2023-50729 An unrestricted file upload vulnerability in traccar leads to RCE CWE-434 8.5 High2024-01-15
CVE-2021-21292 Unquoted Windows binary path in Traccar CWE-428 5.5 Medium2021-02-02
CVE-2020-5246 LDAP injection vulnerability in Traccar GPS Tracking System CWE-90 7.7 High2020-07-14

All 13 known CVE vulnerabilities affecting traccar with full Chinese analysis, references, and POCs where available.