Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenStack — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting OpenStack. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenStack is an open-source cloud computing platform primarily used for building and managing private and public clouds. Historically, it has been susceptible to various vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, with 20 CVEs currently documented. The platform's complex, modular architecture introduces multiple attack surfaces. Notable security characteristics include its extensive permission model and isolation mechanisms, though misconfigurations remain a common risk. While no major public security incidents have been widely reported, the platform's widespread adoption in enterprise environments makes it a persistent target for attackers seeking to exploit vulnerabilities in its core services and APIs.

Top products by OpenStack: Keystone Ironic OpenStack Cyborg openstack-tripleo-heat-templates keystonemiddleware Nova Vitrage Glance Skyline ironic-python-agent Horizon
CVE IDTitleCVSSSeverityPublished
CVE-2026-44916 OpenStack Ironic 35.x沙盒绕过漏洞 — IronicCWE-1336 3.0 Low2026-05-08
CVE-2026-40213 OpenStack Cyborg越权漏洞 — CyborgCWE-863 7.4 High2026-05-07
CVE-2026-40214 OpenStack Cyborg <16.0.1越权删除漏洞 — CyborgCWE-282 6.3 Medium2026-05-07
CVE-2026-42997 OpenStack Ironic多版本身份验证绕过漏洞 — IronicCWE-669 7.7 High2026-05-05
CVE-2026-43002 OpenStack Horizon 25.6-25.7.2 未授权会话存储耗尽漏洞 — HorizonCWE-696 5.3 Medium2026-05-05
CVE-2026-43001 OpenStack Keystone跨项目权限绕过漏洞 — KeystoneCWE-863 7.9 High2026-05-01
CVE-2026-43003 OpenStack Ironic Python Agent 1.0-11.5 远程代码执行漏洞 — ironic-python-agentCWE-829 8.0 High2026-05-01
CVE-2026-42510 OpenStack Ironic 安全漏洞 — IronicCWE-829 6.6 Medium2026-04-28
CVE-2026-40683 OpenStack Keystone 安全漏洞 — KeystoneCWE-843 7.7 High2026-04-14
CVE-2026-33551 OpenStack Keystone 安全漏洞 — KeystoneCWE-863 3.5 Low2026-04-10
CVE-2026-40212 OpenStack Skyline 安全漏洞 — SkylineCWE-79 5.4 Medium2026-04-10
CVE-2026-34881 OpenStack Glance 安全漏洞 — GlanceCWE-918 5.0 Medium2026-03-31
CVE-2026-28370 OpenStack Vitrage 安全漏洞 — VitrageCWE-95 9.1 Critical2026-02-27
CVE-2026-24708 OpenStack Nova 安全漏洞 — NovaCWE-669 8.2 High2026-02-18
CVE-2026-22797 OpenStack keystonemiddleware 安全漏洞 — keystonemiddlewareCWE-290 9.9 Critical2026-01-19
CVE-2025-65073 Keystone 安全漏洞 — KeystoneCWE-863 7.5 High2025-11-17
CVE-2025-44021 OpenStack Ironic 安全漏洞 — IronicCWE-22 2.8 Low2025-05-08
CVE-2022-38065 OpenStack 安全漏洞 — OpenStackCWE-269 8.8 -2022-12-21
CVE-2022-38060 OpenStack 代码问题漏洞 — OpenStackCWE-269 8.8 High2022-12-21
CVE-2013-2255 OpenStack Keystone和OpenStack Compute 信任管理问题漏洞 — Keystone 5.9 -2019-11-01
CVE-2017-12155 openstack-tripleo-heat-templates包安全漏洞 — openstack-tripleo-heat-templates 7.1 -2017-12-12

This page lists every published CVE security advisory associated with OpenStack. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.