Browse all 3 CVE security advisories affecting Kaltura. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kaltura provides an open-source video platform for enterprises and educational institutions to manage, host, and deliver video content. Historically, the platform has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. While no major public security incidents have been widely documented, the three recorded CVEs highlight potential risks in areas like API endpoints and media processing. Organizations implementing Kaltura should prioritize regular patching and secure configuration to mitigate these common web application security challenges.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2016-15044 | Kaltura < 11.1.0-2 PHP Object Injection RCE — Video PlatformCWE-502 | 9.8 | - | 2025-07-23 |
| CVE-2022-4882 | kaltura mwEmbed Share Plugin share.js cross site scripting — mwEmbedCWE-79 | 2.6 | Low | 2023-01-09 |
| CVE-2022-4876 | Kaltura mwEmbed DefaultSettings.php cross site scripting — mwEmbedCWE-79 | 3.5 | Low | 2023-01-04 |
This page lists every published CVE security advisory associated with Kaltura. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.