Skip to main content

Spicedb

10 CVEs product

Monthly

CVE-2025-65111 Go LOW PATCH Monitor

SpiceDB is an open source database system for creating and managing security-critical application permissions. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Spicedb
NVD GitHub
CVSS 4.0
2.9
EPSS
0.1%
CVE-2025-64529 Go LOW PATCH Monitor

SpiceDB is an open source database system for creating and managing security-critical application permissions. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Spicedb
NVD GitHub
CVSS 4.0
2.7
EPSS
0.1%
CVE-2024-48909 Go LOW PATCH Monitor

SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Spicedb
NVD GitHub
CVSS 3.1
2.4
EPSS
0.3%
CVE-2024-46989 Go MEDIUM PATCH This Month

spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Spicedb
NVD GitHub
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-38361 Go MEDIUM POC PATCH This Month

Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Google Spicedb
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-32001 Go MEDIUM PATCH This Month

SpiceDB is a graph database purpose-built for storing and evaluating access control data. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Spicedb
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2024-27101 Go CRITICAL PATCH Act Now

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Google Spicedb
NVD GitHub
CVSS 3.1
9.1
EPSS
0.5%
CVE-2023-46255 Go MEDIUM PATCH This Month

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Spicedb
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-35930 Go MEDIUM PATCH This Month

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Spicedb
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-29193 Go HIGH PATCH This Week

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Spicedb
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
EPSS 0% CVSS 2.9
LOW PATCH Monitor

SpiceDB is an open source database system for creating and managing security-critical application permissions. Rated low severity (CVSS 2.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Spicedb
NVD GitHub
EPSS 0% CVSS 2.7
LOW PATCH Monitor

SpiceDB is an open source database system for creating and managing security-critical application permissions. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Spicedb
NVD GitHub
EPSS 0% CVSS 2.4
LOW PATCH Monitor

SpiceDB is an open source database for scalably storing and querying fine-grained authorization data. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Spicedb
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Google Spicedb
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Spicedb is an Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Google Spicedb
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

SpiceDB is a graph database purpose-built for storing and evaluating access control data. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Spicedb
NVD GitHub
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Google +1
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Spicedb
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Spicedb
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Google Spicedb
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy