Browse all 9 CVE security advisories affecting DataDog. AI-powered Chinese analysis, POCs, and references for each vulnerability.
DataDog provides cloud-scale monitoring and security analytics for infrastructure and applications. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and authentication flaws. While no major public security incidents have been widely reported, the platform maintains a moderate CVE count with 9 records to date. Security characteristics include its extensive agent-based architecture, which requires careful permission management, and its cloud-native integrations that expand potential attack surfaces. The platform's complexity increases exposure to misconfiguration risks, though its security team typically addresses reported vulnerabilities through timely patches.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-22871 | GuardDog Path Traversal Vulnerability Leads to Arbitrary File Overwrite and RCE — guarddogCWE-22 | 9.8AI | CriticalAI | 2026-01-13 |
| CVE-2026-22870 | GuardDog Zip Bomb Vulnerability in safe_extract() Allows DoS — guarddogCWE-409 | 7.5AI | HighAI | 2026-01-13 |
| CVE-2022-23531 | Arbitrary file write when scanning a specially-crafted local PyPI package — guarddogCWE-23 | 5.8 | Medium | 2022-12-16 |
| CVE-2022-23530 | GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package — guarddogCWE-22 | 5.8 | Medium | 2022-12-16 |
This page lists every published CVE security advisory associated with DataDog. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.