Browse all 9 CVE security advisories affecting Altium. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Altium develops electronic design automation software for PCB creation and component management. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from input validation failures and insecure design. The company maintains a moderate CVE count with 9 records, though no major public security incidents have been widely reported. Security researchers have identified issues in web interfaces and file parsing components that could allow unauthorized access or system compromise. While not a high-risk target, the software's complexity and integration with hardware design processes necessitate regular security assessments to mitigate potential exploitation risks in engineering environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-27380 | HTML Injection Leading to Script Execution in Altium Enterprise Server — AESCWE-79 | 7.6 | High | 2026-01-22 |
| CVE-2025-27379 | Stored Cross-Site Scripting in AES BOM Viewer — AESCWE-79 | 6.8 | Medium | 2026-01-22 |
| CVE-2025-27378 | SQL Injection in AES Due to Inactive SQL Parsing Configuration — AESCWE-89 | 8.6 | High | 2026-01-22 |
This page lists every published CVE security advisory associated with Altium. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.