Altium Enterprise Server vulnerabilities
9 known vulnerabilities affecting altium/altium_enterprise_server.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2026-11429P2CRITICALCVSS 10.0fixed in 8.1.12026-06-05
CVE-2026-11429 [CRITICAL] CWE-22 CVE-2026-11429: Two endpoints in the Vault Service ScriptsController, shared by Altium Enterprise Server and Altium
Two endpoints in the Vault Service ScriptsController, shared by Altium Enterprise Server and Altium 365, accept file uploads where a user-supplied filename component is used to construct the destination path without validation, allowing arbitrary files to be written to any location writable by the service account. Because the file write operation co
nvd
CVE-2026-11420P2CRITICALCVSS 9.8fixed in 8.1.12026-06-05
CVE-2026-11420 [CRITICAL] CWE-22 CVE-2026-11420: Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Se
Two path traversal vulnerabilities in the Network Installation Service (NIS) of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session, or credentials are required.
Because content-co
nvd
CVE-2026-11414P2CRITICALCVSS 9.8fixed in 8.1.12026-06-05
CVE-2026-11414 [CRITICAL] CWE-22 CVE-2026-11414: A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the
A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the Vault storage area without any authentication, session
nvd
CVE-2026-11419P2HIGHCVSS 8.8fixed in 8.1.12026-06-05
CVE-2026-11419 [HIGH] CWE-22 CVE-2026-11419: A path traversal vulnerability exists in the Altium Enterprise Server Vault Service UploadController
A path traversal vulnerability exists in the Altium Enterprise Server Vault Service UploadController due to improper validation of a user-controlled path component in image upload requests. An authenticated user can supply a crafted absolute path so that the configured storage root is discarded, allowing arbitrary files to be written to any location on
nvd
CVE-2026-9102P2CRITICALCVSS 9.4fixed in 8.0.42026-05-20
CVE-2026-9102 [CRITICAL] CWE-22 CVE-2026-9102: A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missi
A path traversal vulnerability exists in the Altium Enterprise Server ComparisonService due to missing filename sanitization in the Gerber file upload APIs. A regular authenticated workspace user can supply a crafted filename in the multipart Content-Disposition header to escape the intended temporary upload directory and write arbitrary files to any
nvd
CVE-2026-11423P2CRITICALCVSS 9.4fixed in 8.1.12026-06-05
CVE-2026-11423 [CRITICAL] CWE-22 CVE-2026-11423: A path traversal vulnerability exists in the Altium Enterprise Server Collaboration Service due to i
A path traversal vulnerability exists in the Altium Enterprise Server Collaboration Service due to improper handling of user-supplied filenames in the MCAD and Simulation file download flows. A regular authenticated user can submit a collaboration message containing a crafted filename, which is later used to construct the download path on the serve
nvd
CVE-2026-9129P3CRITICALCVSS 9.4fixed in 8.0.42026-05-20
CVE-2026-9129 [CRITICAL] CWE-22 CVE-2026-9129: A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due t
A path traversal vulnerability exists in the Altium Enterprise Server Viewer StorageController due to improper handling of file path route parameters. On on-premise deployments that use local filesystem storage, a regular authenticated user can supply a URL-encoded absolute path (such as an encoded drive letter) in a Viewer storage API request, causi
nvd
CVE-2026-11424P3HIGHCVSS 8.3fixed in 8.1.12026-06-05
CVE-2026-11424 [HIGH] CWE-200 CVE-2026-11424: A server-side request forgery (SSRF) vulnerability exists in a GraphQL service component shared by A
A server-side request forgery (SSRF) vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation or destination filtering. The response body is then re
nvd
CVE-2026-1010P4MEDIUMCVSS 5.4≤ 8.0.12026-01-15
CVE-2026-1010 [MEDIUM] CWE-79 CVE-2026-1010: A stored cross-site scripting (XSS) vulnerability exists in the Altium Workflow Engine due to missin
A stored cross-site scripting (XSS) vulnerability exists in the Altium Workflow Engine due to missing server-side input sanitization in workflow form submission APIs. A regular authenticated user can inject arbitrary JavaScript into workflow data.
When an administrator views the affected workflow, the injected payload executes in the administrator’s b
nvd