cbcvebase.

Erlang Otp vulnerabilities

28 known vulnerabilities affecting erlang/otp.

Total CVEs
28
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL3HIGH6MEDIUM15LOW4

Vulnerabilities

Page 2 of 2
CVE-2026-32147P4MEDIUMCVSS 4.3≥ 3.01, < *≥ 17.0, < *+1 more2026-04-21
CVE-2026-32147 [MEDIUM] CWE-22 CVE-2026-32147: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon (ssh_sftpd) stores the raw, user-supplied path in file handles instead of the chroot-resolved path. When
nvd
CVE-2026-49760P4MEDIUMCVSS 5.5≥ 3.7.16, < *≥ 17.0, < *+1 more2026-06-10
CVE-2026-49760 [MEDIUM] CWE-121 CVE-2026-49760: Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Ov Stack-based Buffer Overflow vulnerability in Erlang OTP (erl_interface) allows Stack-based Buffer Overflow. This vulnerability is associated with program file lib/erl_interface/src/misc/ei_printterm.c and program routine ei_s_print_term. The C function ei_s_print_term uses an internal 2000-character stack buffer to format terms. When called with a
nvd
CVE-2024-53846P4MEDIUMCVSS 5.5v>= 25.3.2.8, <= 25.3.2.16v>= 26.2, <= 26.2.5.6+1 more2024-12-05
CVE-2024-53846 [MEDIUM] CWE-295 CVE-2024-53846: OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to- OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8, OTP-26.2, and OTP-27.0, resulting in a server or client verifying the pe
nvd
CVE-2025-4748P4MEDIUMCVSS 4.8≥ 2.0, < *≥ 17.0, < *+1 more2025-06-16
CVE-2025-4748 [MEDIUM] CWE-22 CVE-2025-4748: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erla Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2, zip:extract/1, zip:extract/2 unless the memory option is
nvd
CVE-2026-42791P4LOWCVSS 3.7≥ 1.16, < *≥ 27.0, < *+1 more2026-05-27
CVE-2026-42791 [LOW] CWE-295 CVE-2026-42791: Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows f Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkey_ocsp:verify_response/5 and pubkey_ocsp:is_authorized_responder/3 in lib/public_key/src/pubkey_ocsp.erl does not check the val
nvd
CVE-2026-28810P4LOWCVSS 3.7≥ 3.0, < *≥ 17.0, < *+1 more2026-04-07
CVE-2026-28810 [LOW] CWE-340 CVE-2026-28810: Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel (inet_res, inet_ Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel (inet_res, inet_db modules) allows DNS Cache Poisoning. The built-in DNS resolver (inet_res) uses a sequential, process-global 16-bit transaction ID for UDP queries and does not implement source port randomization. Response validation relies almost entirely on this ID,
nvd
CVE-2026-21620P4LOWCVSS 2.3≥ 17.0, < *≥ 07b8f441ca711f9812fad9e9115bab3c3aa92f79, < *+2 more2026-02-20
CVE-2026-21620 [LOW] CWE-23 CVE-2026-21620: Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erla Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp (tftp_file modules), erlang otp inets (tftp_file modules), erlang otp tftp (tftp_file modules) allows Relative Path Traversal. This vulnerability is associated with program files lib/tftp/src/tftp_file.erl, src/tftp_file.erl. This issue affects ot
nvd
CVE-2025-46712P4LOWCVSS 3.7v>= OTP 27.0, < OTP 27.3.4v>= OTP 26.2.1, < OTP 26.2.5.12+1 more2025-05-08
CVE-2025-46712 [LOW] CWE-440 CVE-2025-46712: Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3. Erlang/OTP is a set of libraries for the Erlang programming language. In versions prior to OTP-27.3.4 (for OTP-27), OTP-26.2.5.12 (for OTP-26), and OTP-25.3.2.21 (for OTP-25), Erlang/OTP SSH fails to enforce strict KEX handshake hardening measures by allowing optional messages to be exchanged. This allows a Man-in-the-Middle attacker to inject these me
nvd
Erlang Otp vulnerabilities | cvebase