Browse all 18 CVE security advisories affecting gradle. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Gradle serves as an automation tool for building, testing, and deploying software, primarily used in Java-based projects. Historically, it has been susceptible to remote code execution vulnerabilities through insecure deserialization and path traversal flaws, along with cross-site scripting issues in web interfaces. Privilege escalation risks have also been documented in certain configurations. While no major public security incidents have been widely reported, the 18 recorded CVEs highlight potential risks, particularly in environments where build processes interact with untrusted inputs or legacy systems. Regular updates and proper input validation remain critical for maintaining secure build pipelines.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25063 | gradle-completion has a Bash command injection issue — gradle-completionCWE-78 | 8.8AI | HighAI | 2026-01-29 |
This page lists every published CVE security advisory associated with gradle. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.