Browse all 34 CVE security advisories affecting Odoo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Odoo is an open-source enterprise resource planning suite providing integrated modules for CRM, inventory, accounting, and manufacturing. With 34 recorded CVEs, its security history reflects typical risks associated with complex web applications. Common vulnerability classes include remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation or improper access control mechanisms within specific modules. Notable incidents have highlighted the impact of outdated dependencies and configuration errors, emphasizing the critical need for timely patching. The platform’s modular architecture allows for extensive customization, which can inadvertently introduce security gaps if third-party apps are not rigorously vetted. Organizations deploying this software must prioritize regular updates and strict access controls to mitigate the inherent risks of its expansive feature set and frequent code changes.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-36259 | Odoo 访问控制错误漏洞 — Odoo CommunityCWE-284 | 7.5 | High | 2025-02-25 |
| CVE-2024-12368 | Odoo 访问控制错误漏洞 — Odoo CommunityCWE-284 | 8.1 | High | 2025-02-25 |
| CVE-2021-23203 | Odoo 安全漏洞 — Odoo CommunityCWE-284 | 7.5 | High | 2023-04-25 |
| CVE-2021-44547 | Odoo 安全漏洞 — Odoo CommunityCWE-267 | 7.2 | - | 2023-04-25 |
| CVE-2021-26947 | Odoo 跨站脚本漏洞 — Odoo CommunityCWE-79 | 6.1 | - | 2023-04-25 |
| CVE-2021-26263 | Odoo 跨站脚本漏洞 — Odoo CommunityCWE-79 | 6.1 | - | 2023-04-25 |
| CVE-2021-44465 | Odoo 安全漏洞 — Odoo CommunityCWE-284 | 4.3 | - | 2023-04-25 |
| CVE-2021-44775 | Odoo 跨站脚本漏洞 — Odoo CommunityCWE-79 | 6.1 | - | 2023-04-25 |
| CVE-2021-23178 | Odoo 安全漏洞 — Odoo CommunityCWE-284 | 5.3 | - | 2023-04-25 |
| CVE-2021-23186 | Odoo 安全漏洞 — Odoo CommunityCWE-267 | 6.5 | - | 2023-04-25 |
| CVE-2021-23166 | Odoo 安全漏洞 — Odoo CommunityCWE-267 | 7.2 | - | 2023-04-25 |
| CVE-2021-44461 | Odoo 跨站脚本漏洞 — Odoo EnterpriseCWE-79 | 6.1 | - | 2023-04-25 |
| CVE-2021-44460 | Odoo 安全漏洞 — Odoo CommunityCWE-284 | 9.8 | - | 2023-04-25 |
| CVE-2021-44476 | Odoo 安全漏洞 — Odoo CommunityCWE-267 | 4.9 | - | 2023-04-25 |
| CVE-2021-45111 | Odoo 安全漏洞 — Odoo CommunityCWE-284 | 8.8 | - | 2023-04-25 |
| CVE-2021-23176 | Odoo 安全漏洞 — Odoo CommunityCWE-284 | 6.5 | - | 2023-04-25 |
| CVE-2021-45071 | Odoo 跨站脚本漏洞 — Odoo CommunityCWE-79 | 6.1 | - | 2023-04-25 |
| CVE-2020-29396 | Odoo 安全漏洞 — Odoo CommunityCWE-267 | 8.8 | - | 2020-12-22 |
| CVE-2019-11786 | Odoo 安全漏洞 — Odoo CommunityCWE-284 | 4.3 | - | 2020-12-22 |
| CVE-2019-11785 | Odoo 访问控制错误漏洞 — Odoo CommunityCWE-284 | 4.3 | - | 2020-12-22 |
| CVE-2019-11784 | Odoo 访问控制错误漏洞 — Odoo CommunityCWE-284 | 6.5 | - | 2020-12-22 |
| CVE-2019-11783 | Odoo 访问控制错误漏洞 — Odoo CommunityCWE-284 | 6.5 | - | 2020-12-22 |
| CVE-2019-11782 | Odoo 安全漏洞 — Odoo CommunityCWE-284 | 8.8 | - | 2020-12-22 |
| CVE-2019-11781 | Odoo 输入验证错误漏洞 — Odoo CommunityCWE-20 | 8.8 | - | 2020-12-22 |
| CVE-2018-15645 | Odoo 访问控制错误漏洞 — Odoo CommunityCWE-284 | 8.8 | - | 2020-12-22 |
| CVE-2018-15641 | Odoo 跨站脚本漏洞 — Odoo CommunityCWE-79 | 5.4 | - | 2020-12-22 |
| CVE-2018-15634 | Odoo 跨站脚本漏洞 — Odoo CommunityCWE-79 | 6.1 | - | 2020-12-22 |
| CVE-2018-15638 | Odoo 跨站脚本漏洞 — Odoo CommunityCWE-79 | 5.4 | - | 2020-12-22 |
| CVE-2018-15633 | Odoo 跨站脚本漏洞 — Odoo CommunityCWE-79 | 6.1 | - | 2020-12-22 |
| CVE-2018-15632 | Odoo 输入验证错误漏洞 — Odoo CommunityCWE-20 | 9.1 | - | 2020-12-22 |
This page lists every published CVE security advisory associated with Odoo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.