studio-42 elfinder Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of studio-42 elfinder's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical3

High3

Medium2

Low0

9 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of studio-42 elfinder's CVEs are currently listed in CISA's KEV catalog.

Public exploits

5 of studio-42 elfinder's CVEs have a known public exploit available.

Affected versions and CVEs

Browse every studio-42 elfinder version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

2.1.014 CVEs
2.1.114 CVEs
2.1.1014 CVEs
2.1.1114 CVEs
2.1.1214 CVEs
2.1.1314 CVEs
2.1.1414 CVEs
2.1.1514 CVEs
2.1.1614 CVEs
2.1.1714 CVEs
2.1.1814 CVEs
2.1.1914 CVEs
2.1.214 CVEs
2.1.2014 CVEs
2.1.2114 CVEs
2.1.2214 CVEs
2.1.2314 CVEs
2.1.2414 CVEs
2.1.2514 CVEs
2.1.2614 CVEs
2.1.2714 CVEs
2.1.2814 CVEs
2.1.2914 CVEs
2.1.314 CVEs
2.1.3014 CVEs
2.1.3114 CVEs
2.1.414 CVEs
2.1.514 CVEs
2.1.614 CVEs
2.1.714 CVEs
2.1.814 CVEs
2.1.914 CVEs
2.1.3213 CVEs
2.1.3313 CVEs
2.1.3413 CVEs
2.1.3513 CVEs
2.1.3612 CVEs
2.1.3711 CVEs
2.1.3811 CVEs
2.1.3911 CVEs
2.1.4011 CVEs
2.1.4111 CVEs
2.1.4211 CVEs
2.1.4311 CVEs
2.1.4411 CVEs
2.1.4510 CVEs
2.1.469 CVEs
2.1.479 CVEs
1.0.18 CVEs
1.18 CVEs
2.0-beta8 CVEs
2.0-rc18 CVEs
2.1.488 CVEs
2.1.498 CVEs
2.1.508 CVEs
2.1.518 CVEs
2.1.528 CVEs
2.1.538 CVEs
2.1.548 CVEs
2.1.558 CVEs
2.1.568 CVEs
2.1.578 CVEs
2.1.587 CVEs
2.1.596 CVEs
2.1.606 CVEs
2.1.614 CVEs
2.1.623 CVEs
2.1.631 CVE
2.1.641 CVE

Fixed in

06ada3132cefd057e1d89cb016f8c82473d420d41 CVE
0740028f6adc6505c5897cc740e51e4638d41d6a1 CVE
157f471d7e48f190f74e66eb5bc73360b5352fd31 CVE
2f522db8f037a66ce9040ee0b216aa4a0359286c1 CVE
33bee2654615db62e9b722efb4fdd2a21844fbb21 CVE
3802892cf32e999f08143107c5686e84ce8371641 CVE
3b758495538a448ac8830ee3559e7fb2c260c6db1 CVE
4e8d36c4637ebafea5d559bae668d411ba0a12191 CVE
5d0bdf16873678678be3c654f4588e1eb0e4a38c1 CVE
67799d42e7ee0afd3ed13e95f935694a8b3820d11 CVE
75ea92decc16a5daf7f618f85dc621d1b534b5e11 CVE

Find a version

17 CVEs

Sort

elFinder: SQL Injection MySQL Volume Driver (elFinderVolumeMySQL)
CVE-2026-44521CWE-89
High · CVSS 8.8
EPSS 0.0% (10th pct)2026-05-27
elFinder: Command injection in resize background color parameter when using ImageMagick CLI
CVE-2026-41247
Patch
CWE-78
High · CVSS 7.2
EPSS 0.1% (26th pct)2026-04-23
Medium vulnerability · 2024-10-31
CVE-2023-52045
Public exploit
CWE-79
Medium · CVSS 6.1
EPSS 0.0% (16th pct)2024-10-31
Critical vulnerability · 2024-10-31
CVE-2023-52044
Public exploit
CWE-434
Critical · CVSS 9.8
EPSS 2.6% (86th pct)2024-10-31
Critical vulnerability · 2024-07-30
CVE-2024-38909CWE-284
Critical · CVSS 9.8
EPSS 0.3% (49th pct)2024-07-30
Medium vulnerability · 2023-06-19
CVE-2023-35840
Public exploit
Patch
CWE-22
Medium · CVSS 6.5
EPSS 6.3% (91th pct)2023-06-19
Vulnerability · 2022-04-11
CVE-2022-27115
Patch
Unscored
EPSS 14.8% (95th pct)2022-04-11
Vulnerability · 2022-04-07
CVE-2021-43421
Patch
Unscored
EPSS 79.5% (99th pct)2022-04-07
Vulnerability · 2022-03-21
CVE-2022-26960
Patch
Unscored
EPSS 84.2% (99th pct)2022-03-21
Vulnerability · 2022-02-08
CVE-2021-45919
Unscored
EPSS 0.3% (57th pct)2022-02-08
Critical vulnerability · 2021-06-14
CVE-2021-32682
Public exploit
Patch
CWE-78
Critical · CVSS 9.8
EPSS 92.8% (100th pct)2021-06-14
High vulnerability · 2021-06-13
CVE-2021-23394
Patch
High · CVSS 8.1
EPSS 76.8% (99th pct)2021-06-13
Vulnerability · 2019-02-26
CVE-2019-9194
Public exploit
Patch
Unscored
EPSS 92.8% (100th pct)2019-02-26
Vulnerability · 2019-01-14
CVE-2019-6257
Patch
Unscored
EPSS 0.2% (43th pct)2019-01-14
Vulnerability · 2019-01-10
CVE-2019-5884
Patch
Unscored
EPSS 0.3% (55th pct)2019-01-10
Vulnerability · 2018-03-28
CVE-2018-9110
Patch
Unscored
EPSS 0.8% (75th pct)2018-03-28
Vulnerability · 2018-03-28
CVE-2018-9109
Patch
Unscored
EPSS 0.8% (75th pct)2018-03-28

Severity and exploitation

studio-42 elfinder Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Specific versions

Fixed in

Common weakness types

Disclosure activity by year

Other studio-42 products

Frequently asked questions

How many CVEs does studio-42 elfinder have?

How many studio-42 elfinder CVEs are in CISA KEV?

Are there public exploits for studio-42 elfinder vulnerabilities?

Which versions of studio-42 elfinder are affected?

What are the most common weakness types in studio-42 elfinder CVEs?

How many critical studio-42 elfinder vulnerabilities are there?

What is the average severity of studio-42 elfinder CVEs?

References

Track studio-42 elfinder vulnerabilities