Graylog - 22 CVEs (Page 1/1)

About “Graylog”

A curated feed of “Graylog”-related CVEs appears below. We currently track 22 CVEs for this tag (all time). In the last 365 days, 8 were published. Average CVSS is 6.7 (all time; 6.9 over 365d), and 32% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-639 - Authorization Bypass Through User-Controlled Key, CWE-613 - Insufficient Session Expiration.

In our taxonomy this topic maps to a MODERATE impact class. Logging and monitoring stacks may expose dashboards or collectors. Patch services, enforce auth and TLS, restrict admin endpoints, rotate tokens, and review data retention. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

Support & lifecycle: graylog

This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.

Cycle	Release	Latest	EOL
7.1	2026-05-04	7.1.2	-
7.0	2025-11-03	7.0.7	2026-11-03 Soon
6.3	2025-06-30	6.3.12	2026-06-30 Soon
6.2	2025-04-28	6.2.14	2026-04-28 Expired
6.1	2024-10-20	6.1.16	2025-10-20 Expired
6.0	2024-05-07	6.0.14	2025-05-08 Expired
5.2	2023-11-01	5.2.12	2024-11-01 Expired
5.1	2023-05-17	5.1.13	2024-05-17 Expired
5.0	2022-12-06	5.0.13	2023-12-06 Expired
4.3	2022-05-25	4.3.15	2023-05-25 Expired
4.2	2021-10-13	4.2.13	2022-11-30 Expired
4.1	2021-06-23	4.1.14	2022-05-17 Expired
4.0	2020-11-17	4.0.17	2021-10-13 Expired
3.3	2020-05-20	3.3.17	2022-04-12 Expired
3.2	2020-01-31	3.2.6	2020-05-20 Expired
3.1	2019-08-15	3.1.4	2020-01-31 Expired
3.0	2019-02-11	3.0.2	2019-08-15 Expired
2.5	2018-12-01	2.5.2	2019-02-11 Expired
2.4	2017-12-22	2.4.7	2019-03-01 Expired
2.3	2017-07-26	2.3.2	2017-12-22 Expired
2.2	2017-02-09	2.2.3	2017-07-26 Expired
2.1	2016-09-01	2.1.3	2017-02-09 Expired
2.0	2016-04-26	2.0.3	2016-09-01 Expired
1.3	2015-12-08	1.3.4	2016-04-26 Expired
1.2	2015-09-14	1.2.2	2015-12-08 Expired
1.1	2015-06-04	1.1.6	2015-09-14 Expired
1.0	2015-02-17	1.0.2	2015-06-04 Expired

Maintained Soon (≤ 180 days) Expired

Subscribe lifecycle: RSS · RSS (expired) · ICS

Subscribe CVEs: RSS for “Graylog” · RSS (High+Critical only)

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0

2026-02-18

Medium

CVE-2026-1441

Reflected Cross-Site Scripting (XSS) vulnerability in the Graylog Web Interface console, version 2.2.3, caused by a lack of proper sanitization and escaping in HTML output. Several endpoints include…

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2026-1440

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2026-1439

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2026-1438

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2026-1437

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2026-1436

Improper Access Control (IDOR) in the Graylog API, version 2.2.3, which occurs when modifying the user ID in the URL. An authenticated user can access other user's profiles without proper authorizati…

CVSS: 6.5 CWE: CWE-639 - Authorization Bypass Through User-Controlled Key View on NVD

Critical

CVE-2026-1435

Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new 'sessionI…

CVSS: 9.8 CWE: CWE-613 - Insufficient Session Expiration View on NVD

2025-07-02

High

CVE-2025-53106

Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API toke…

CVSS: 8.8 CWE: CWE-285 - Improper Authorization View on NVD

2025-05-07

High

CVE-2025-46827

Graylog is a free and open log management platform. Prior to versions 6.0.14, 6.1.10, and 6.2.0, it is possible to obtain user session cookies by submitting an HTML form as part of an Event Definitio…

CVSS: 8.0 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

2025-04-07

Medium

CVE-2025-30373

Graylog is a free and open log management platform. Starting with 6.1, HTTP Inputs can be configured to check if a specified header is present and has a specified value to authenticate HTTP-based ing…

CVSS: 6.5 CWE: CWE-285 - Improper Authorization View on NVD

2024-11-18

Medium

CVE-2024-52506

Graylog is a free and open log management platform. The reporting functionality in Graylog allows the creation and scheduling of reports which contain dashboard widgets displaying individual log mess…

CVSS: 6.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD

2024-02-07

High

CVE-2024-24824

Graylog is a free and open log management platform. Starting in version 2.0.0 and prior to versions 5.1.11 and 5.2.4, arbitrary classes can be loaded and instantiated using a HTTP PUT request to the…

CVSS: 8.8 CWE: CWE-284 - Improper Access Control View on NVD

Medium

CVE-2024-24823

Graylog is a free and open log management platform. Starting in version 4.3.0 and prior to versions 5.1.11 and 5.2.4, reauthenticating with an existing session cookie would re-use that session id, ev…

CVSS: 5.7 CWE: CWE-384 - Session Fixation View on NVD

2023-08-31

Low

CVE-2023-41045

Graylog is a free and open log management platform. Graylog makes use of only one single source port for DNS queries. Graylog binds a single socket for outgoing DNS queries and while that socket is b…

CVSS: 3.7 CWE: CWE-345 - Insufficient Verification of Data Authenticity View on NVD

Low

CVE-2023-41044

Graylog is a free and open log management platform. A partial path traversal vulnerability exists in Graylog's `Support Bundle` feature. The vulnerability is caused by incorrect user input validation…

CVSS: 3.3 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD

2023-08-30

Low

CVE-2023-41041

Graylog is a free and open log management platform. In a multi-node Graylog cluster, after a user has explicitly logged out, a user session may still be used for API requests until it has reached its…

CVSS: 2.6 CWE: CWE-613 - Insufficient Session Expiration View on NVD

2021-07-31

Critical

CVE-2021-37760

A Session ID leak in the audit log in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).

CVSS: 9.8 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD

Critical

CVE-2021-37759

A Session ID leak in the DEBUG log file in Graylog before 4.1.2 allows attackers to escalate privileges (to the access level of the leaked session ID).

CVSS: 9.8 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD

2020-07-17

High

CVE-2020-15813

Graylog before 3.3.3 lacks SSL Certificate Validation for LDAP servers. It allows use of an external user/group database stored in LDAP. The connection configuration allows the usage of unencrypted,…

CVSS: 8.1 CWE: CWE-295 - Improper Certificate Validation View on NVD

2018-07-18

Medium

CVE-2018-14380

In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts.

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

2018-06-01

Medium

CVE-2018-11651

Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashb…

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD

Medium

CVE-2018-11650

Graylog before v2.4.4 has an XSS security issue with unescaped text in notifications, related to toastr and util/UserNotification.js.

CVSS: 6.1 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD