Octopus Deploy Octopus Server Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of Octopus Deploy Octopus Server's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical3

High6

Medium21

Low9

20 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of Octopus Deploy Octopus Server's CVEs are currently listed in CISA's KEV catalog.

Public exploits

No Octopus Deploy Octopus Server CVEs currently have a tracked public exploit.

Affected versions and CVEs

Browse every Octopus Deploy Octopus Server version named in a CVE, then pick one to see only the CVEs that affect it.

Fixed in

unspecified37 CVEs
2022.3.1058610 CVEs
2022.1.28945 CVEs
2022.2.85524 CVEs
2022.3.107504 CVEs
2022.3.49534 CVEs
2020.6.51463 CVEs
2021.1.73163 CVEs
2021.3.130213 CVEs
2022.2.68723 CVEs
2022.2.78973 CVEs
2022.2.79653 CVEs
2022.4.28983 CVEs
2022.4.83193 CVEs
2024.2.91933 CVEs
2022.1.31542 CVEs
2022.1.31802 CVEs
2022.1.32642 CVEs
2022.2.69712 CVEs
2022.2.79342 CVEs
2022.2.82772 CVEs
2022.2.83512 CVEs
2022.3.110982 CVEs
2022.3.23872 CVEs
2022.3.91632 CVEs
2022.4.84632 CVEs
2022.4.99972 CVEs
2023.1.102352 CVEs
2023.1.96722 CVEs
2023.2.105452 CVEs
2024.1.127592 CVEs
2024.3.130712 CVEs
2024.3.130972 CVEs
2024.4.70652 CVEs
2024.4.70912 CVEs
2025.4.103592 CVEs
2020.4.2291 CVE
2020.5.2561 CVE
2020.6.53101 CVE
2021.1.76221 CVE
2021.2.80111 CVE
2021.3.110571 CVE
2021.3.125331 CVE
2021.3.131501 CVE
2022.1.26471 CVE
2022.1.28491 CVE
2022.1.30091 CVE
2022.1.31061 CVE
2022.1.31341 CVE
2022.1.31351 CVE
2022.1.32811 CVE
2022.1.531 CVE
2022.2.72441 CVE
2022.2.77181 CVE
2022.3.109291 CVE
2022.3.109571 CVE
2022.3.110431 CVE
2022.3.26161 CVE
2022.3.77821 CVE
2022.4.13711 CVE
2022.4.7911 CVE
2022.4.80631 CVE
2022.4.82211 CVE
2022.4.83321 CVE
2022.4.84011 CVE
2023.1.119421 CVE
2023.1.41891 CVE
2023.1.67151 CVE
2023.1.98791 CVE
2023.2.131511 CVE
2023.3.133611 CVE
2023.3.50491 CVE
2023.4.2961 CVE
2023.4.83381 CVE
2023.4.84321 CVE
2023.4.86081 CVE
2024.1.111271 CVE
2024.1.120871 CVE
2024.1.129311 CVE
2024.1.4371 CVE
2024.2.1011 CVE
2024.2.20751 CVE
2024.2.93131 CVE
2024.3.129851 CVE
2024.3.130071 CVE
2024.4.69621 CVE
2024.4.69951 CVE
2025.3.147151 CVE
2025.3.147311 CVE
2025.3.147611 CVE
2025.4.104091 CVE
2025.4.105231 CVE
2025.4.105451 CVE
2026.1.113131 CVE
2026.1.55711 CVE

Find a version

59 CVEs

Sort

Medium vulnerability · 2026-06-04
CVE-2026-4881
Patch
CWE-862
Medium · CVSS 6.0
EPSS 0.0% (10th pct)2026-06-04
Low vulnerability · 2026-03-17
CVE-2026-3237
Patch
CWE-285
Low · CVSS 2.3
EPSS 0.0% (13th pct)2026-03-17
Low vulnerability · 2026-03-05
CVE-2026-3236
Patch
CWE-863
Low · CVSS 2.3
EPSS 0.0% (13th pct)2026-03-05
Medium vulnerability · 2026-02-25
CVE-2026-0704
Patch
CWE-22
Medium · CVSS 5.9
EPSS 0.1% (25th pct)2026-02-25
Medium vulnerability · 2025-04-10
CVE-2025-0539
Patch
CWE-918
Medium · CVSS 5.9
EPSS 0.2% (42th pct)2025-04-10
Medium vulnerability · 2025-02-11
CVE-2025-0588
Patch
CWE-113
Medium · CVSS 5.9
EPSS 0.4% (60th pct)2025-02-11
Low vulnerability · 2025-02-11
CVE-2025-0513
Patch
CWE-79
Low · CVSS 1.8
EPSS 0.1% (26th pct)2025-02-11
Low vulnerability · 2025-02-11
CVE-2025-0526
Patch
CWE-862
Low · CVSS 2.3
EPSS 0.1% (24th pct)2025-02-11
Low vulnerability · 2025-02-11
CVE-2025-0525
Patch
CWE-200
Low · CVSS 2.3
EPSS 0.2% (48th pct)2025-02-11
Medium vulnerability · 2025-02-11
CVE-2025-0589
Patch
CWE-648
Medium · CVSS 6.9
EPSS 0.3% (53th pct)2025-02-11
Low vulnerability · 2024-09-11
CVE-2024-1656
Patch
Low · CVSS 2.6
EPSS 0.5% (66th pct)2024-09-11
Low vulnerability · 2024-08-21
CVE-2024-7998
Patch
CWE-613
Low · CVSS 2.6
EPSS 0.3% (50th pct)2024-08-21
Medium vulnerability · 2024-07-25
CVE-2024-6972
Patch
CWE-319
Medium · CVSS 6.5
EPSS 0.2% (46th pct)2024-07-25
Low vulnerability · 2024-07-25
CVE-2024-4811
Patch
CWE-863
Low · CVSS 2.2
EPSS 0.3% (49th pct)2024-07-25
Medium vulnerability · 2024-05-08
CVE-2024-4456
Patch
CWE-79
Medium · CVSS 4.1
EPSS 0.3% (49th pct)2024-05-08
Low vulnerability · 2024-04-30
CVE-2024-4226
Patch
CWE-276
Low · CVSS 3.5
EPSS 0.1% (26th pct)2024-04-30
Medium vulnerability · 2024-04-17
CVE-2023-4509
Patch
CWE-319
Medium · CVSS 4.3
EPSS 0.1% (31th pct)2024-04-17
High vulnerability · 2024-04-09
CVE-2024-2975
Patch
CWE-1223
High · CVSS 8.8
EPSS 0.4% (61th pct)2024-04-09
Medium vulnerability · 2023-12-14
CVE-2023-1904
Patch
Medium · CVSS 4.2
EPSS 0.2% (48th pct)2023-12-14
Medium vulnerability · 2023-08-02
CVE-2022-2416
Patch
Medium · CVSS 5.5
EPSS 0.1% (29th pct)2023-08-02
Medium vulnerability · 2023-08-02
CVE-2022-2346
Patch
Medium · CVSS 5.5
EPSS 0.1% (28th pct)2023-08-02
Medium vulnerability · 2023-05-18
CVE-2022-4870
Patch
CWE-209
Medium · CVSS 5.3
EPSS 0.4% (59th pct)2023-05-18
Vulnerability · 2023-05-02
CVE-2023-2247
Patch
Unscored
EPSS 0.2% (47th pct)2023-05-02
Medium vulnerability · 2023-04-19
CVE-2022-2507
Patch
CWE-79
Medium · CVSS 5.3
EPSS 0.5% (68th pct)2023-04-19
High vulnerability · 2023-03-16
CVE-2022-4009
Patch
CWE-77
High · CVSS 8.8
EPSS 1.0% (77th pct)2023-03-16
Medium vulnerability · 2023-03-13
CVE-2022-2259
Patch
CWE-284
Medium · CVSS 4.3
EPSS 0.1% (30th pct)2023-03-13
Medium vulnerability · 2023-03-13
CVE-2022-2258
Patch
Medium · CVSS 4.3
EPSS 0.2% (40th pct)2023-03-13
High vulnerability · 2023-02-22
CVE-2022-2883
Patch
CWE-434
High · CVSS 7.5
EPSS 0.5% (68th pct)2023-02-22
Medium vulnerability · 2023-01-31
CVE-2022-4898
Patch
CWE-79
Medium · CVSS 5.4
EPSS 0.2% (44th pct)2023-01-31
Medium vulnerability · 2023-01-03
CVE-2022-3614
Patch
CWE-288
Medium · CVSS 6.1
EPSS 0.2% (44th pct)2023-01-03

Showing 30 of 59

Severity and exploitation

Octopus Deploy Octopus Server Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Fixed in

Common weakness types

Disclosure activity by year

Other Octopus Deploy products

Frequently asked questions

How many CVEs does Octopus Deploy Octopus Server have?

How many Octopus Deploy Octopus Server CVEs are in CISA KEV?

Are there public exploits for Octopus Deploy Octopus Server vulnerabilities?

Which versions of Octopus Deploy Octopus Server are affected?

What are the most common weakness types in Octopus Deploy Octopus Server CVEs?

How many critical Octopus Deploy Octopus Server vulnerabilities are there?

What is the average severity of Octopus Deploy Octopus Server CVEs?

References

Track Octopus Deploy Octopus Server vulnerabilities