Browse all 12 CVE security advisories affecting Altium. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Altium develops electronic design automation software for PCB creation and component management. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation failures and insecure design. The company maintains a moderate CVE count with 9 records, though no major public security incidents have been widely reported. Security researchers have identified issues in web interfaces and file parsing components that could allow unauthorized access or system compromise. While not a high-risk target, the software's complexity and integration with hardware design processes necessitate regular security assessments to mitigate potential exploitation risks in engineering environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-9152 | Unauthenticated SOAP Endpoint in Altium 365 SearchService Allows Cross-Tenant Data Exfiltration and Index Destruction — Altium 365CWE-306 | - | - | 2026-05-21 |
| CVE-2026-1181 | Altium 365 Over-Permissive CORS Configuration Allows Credentialed Cross-Origin Workspace Access — Altium 365CWE-942 | 9.0 | Critical | 2026-01-19 |
This page lists every published CVE security advisory associated with Altium. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.