Browse all 6 CVE security advisories affecting appsmithorg. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Appsmithorg provides an open-source platform for building internal tools and dashboards without coding. Historically, their applications have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from improper input validation and access controls. While no major public security incidents have been documented, the six CVEs on record highlight recurring issues in authentication and sanitization. The platform's extensive plugin architecture introduces additional attack surfaces, with vulnerabilities frequently emerging in third-party integrations. Security researchers have noted that default configurations sometimes leave deployments exposed, requiring careful hardening to prevent unauthorized access and code execution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-5418 | appsmithorg appsmith Dashboard WebClientUtils.java computeDisallowedHosts server-side request forgery — appsmithCWE-918 | 7.3 | High | 2026-04-02 |
| CVE-2026-30862 | Critical Stored XSS & Privilege Escalation in Appsmith — appsmithCWE-79 | 9.1 | Critical | 2026-03-09 |
| CVE-2026-24042 | Appsmith public apps can execute unpublished actions (viewMode confusion) — appsmithCWE-862 | 9.4 | Critical | 2026-01-22 |
| CVE-2026-22794 | Account Takeover Vulnerability in Appsmith — appsmithCWE-346 | 9.7 | Critical | 2026-01-12 |
| CVE-2024-55604 | Appsmith's Broken Access Control Allows Viewer Role User to Query Datasources — appsmithCWE-280 | 6.5AI | MediumAI | 2025-03-25 |
| CVE-2022-4096 | Server-Side Request Forgery (SSRF) in appsmithorg/appsmith — appsmithorg/appsmithCWE-918 | 6.5 | - | 2022-11-21 |
This page lists every published CVE security advisory associated with appsmithorg. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.