Skip to main content

Bamboo Data Center

2 CVEs product

Monthly

CVE-2026-21570 HIGH This Week

Remote code execution in Atlassian Bamboo Data Center versions 9.6.0 through 12.1.0 allows authenticated attackers with high privileges to execute arbitrary code on affected systems with a CVSS score of 8.6. The vulnerability impacts multiple major versions with no patch currently available, requiring immediate upgrade to patched releases such as 9.6.24, 10.2.16, or 12.1.3. Organizations unable to upgrade should prioritize access controls for high-privileged accounts until remediation is possible.

RCE Atlassian Code Injection Bamboo Data Center
NVD VulDB
CVSS 4.0
8.6
EPSS
0.6%
CVE-2023-22506 HIGH PATCH This Week

This High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Atlassian Bamboo Data Center Bamboo Server
NVD
CVSS 3.1
8.8
EPSS
1.8%
EPSS 1% CVSS 8.6
HIGH This Week

Remote code execution in Atlassian Bamboo Data Center versions 9.6.0 through 12.1.0 allows authenticated attackers with high privileges to execute arbitrary code on affected systems with a CVSS score of 8.6. The vulnerability impacts multiple major versions with no patch currently available, requiring immediate upgrade to patched releases such as 9.6.24, 10.2.16, or 12.1.3. Organizations unable to upgrade should prioritize access controls for high-privileged accounts until remediation is possible.

RCE Atlassian Code Injection +1
NVD VulDB
EPSS 2% CVSS 8.8
HIGH PATCH This Week

This High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Atlassian +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy