← All weakness types
Unrestricted File Upload
CWE-4344,140 vulnerabilities are classified as Unrestricted File Upload (CWE-434). The most exploitable are shown first (by EPSS), each with its CVSS score, exploit-prediction, CISA KEV status, and available fix.
| CVE | Severity | CVSS | EPSS | Exploited | Fix |
|---|---|---|---|---|---|
| CVE-2017-12617 | High | 8.1 | 100% | KEV | Fix |
| CVE-2018-15961 | Critical | 9.8 | 100% | KEV | - |
| CVE-2021-31207 | Medium | 6.6 | 100% | KEV + Ransom | Fix |
| CVE-2017-12615 | High | 8.1 | 100% | KEV + Ransom | - |
| CVE-2025-31324 | Critical | 10.0 | 99% | KEV + Ransom | - |
| CVE-2024-50623 | Critical | 9.8 | 99% | KEV + Ransom | Fix |
| CVE-2016-3088 | Critical | 9.8 | 99% | KEV | Fix |
| CVE-2021-3378 | Critical | 9.8 | 98% | - | Fix |
| CVE-2020-25213 | Critical | 10.0 | 97% | KEV | Fix |
| CVE-2018-9206 | Critical | 9.8 | 97% | - | Fix |
| CVE-2020-8260 | High | 7.2 | 96% | KEV | - |
| CVE-2017-6090 | High | 8.8 | 96% | - | - |
| CVE-2020-6754 | Critical | 9.8 | 95% | - | Fix |
| CVE-2020-24186 | Critical | 10.0 | 95% | - | - |
| CVE-2024-8856 | Critical | 9.8 | 94% | - | Fix |
| CVE-2021-37539 | Critical | 9.8 | 93% | - | Fix |
| CVE-2022-1329 | High | 8.8 | 93% | - | - |
| CVE-2024-7399 | High | 8.8 | 92% | KEV | Fix |
| CVE-2014-8739 | Critical | 9.8 | 92% | - | Fix |
| CVE-2023-46264 | Critical | 9.8 | 90% | - | Fix |
| CVE-2020-35489 | Critical | 10.0 | 90% | - | Fix |
| CVE-2023-20073 | Medium | 5.3 | 89% | - | - |
| CVE-2022-30216 | High | 8.8 | 88% | - | Fix |
| CVE-2021-24145 | High | 7.2 | 88% | - | Fix |
| CVE-2020-28871 | Critical | 9.8 | 86% | - | - |
| CVE-2025-52691 | Critical | 10.0 | 85% | KEV + Ransom | Fix |
| CVE-2023-28128 | High | 7.2 | 85% | - | - |
| CVE-2021-24155 | High | 7.2 | 84% | - | Fix |
| CVE-2023-50386 | High | 8.8 | 84% | - | Fix |
| CVE-2020-7246 | High | 8.8 | 83% | - | - |
| CVE-2019-8942 | High | 8.8 | 83% | - | Fix |
| CVE-2021-21351 | Medium | 5.4 | 82% | - | Fix |
| CVE-2023-46263 | Critical | 9.8 | 82% | - | Fix |
| CVE-2023-5360 | Critical | 9.8 | 82% | - | Fix |
| CVE-2014-8516 | Critical | 9.8 | 82% | - | - |
| CVE-2021-42125 | High | 8.8 | 82% | - | Fix |
| CVE-2021-42362 | High | 8.8 | 80% | - | - |
| CVE-2018-17553 | High | 8.8 | 79% | - | - |
| CVE-2020-12800 | Critical | 9.8 | 79% | - | Fix |
| CVE-2020-11108 | High | 8.8 | 78% | - | - |
| CVE-2024-53677 | Critical | 9.8 | 78% | - | Fix |
| CVE-2017-9101 | Critical | 9.8 | 77% | - | - |
| CVE-2021-21346 | Medium | 6.1 | 76% | - | Fix |
| CVE-2023-4220 | High | 8.1 | 76% | - | - |
| CVE-2021-21344 | Medium | 5.3 | 76% | - | Fix |
| CVE-2023-3486 | High | 8.2 | 76% | - | Fix |
| CVE-2019-10267 | High | 8.8 | 76% | - | Fix |
| CVE-2017-11357 | Critical | 9.8 | 76% | KEV + Ransom | Fix |
| CVE-2013-0803 | Critical | 9.8 | 75% | - | - |
| CVE-2013-7390 | Critical | 9.8 | 75% | - | - |
| CVE-2018-20526 | Critical | 9.8 | 74% | - | - |
| CVE-2021-37926 | Critical | 9.8 | 74% | - | Fix |
| CVE-2021-37918 | Critical | 9.8 | 74% | - | Fix |
| CVE-2015-8249 | Critical | 9.8 | 74% | - | - |
| CVE-2023-3836 | Medium | 6.3 | 74% | - | - |
| CVE-2023-2034 | High | 8.8 | 73% | - | Fix |
| CVE-2023-38836 | High | 8.8 | 73% | - | - |
| CVE-2020-27386 | High | 8.8 | 73% | - | Fix |
| CVE-2025-34299 | Critical | 9.8 | 73% | - | - |
| CVE-2020-29597 | Critical | 9.8 | 72% | - | - |
| CVE-2024-0352 | High | 7.3 | 71% | - | - |
| CVE-2020-19364 | High | 8.8 | 71% | - | - |
| CVE-2019-7257 | Critical | 10.0 | 70% | - | - |
| CVE-2021-34995 | High | 8.8 | 69% | - | - |
| CVE-2021-40324 | High | 7.5 | 69% | - | Fix |
| CVE-2019-7816 | Critical | 9.8 | 68% | - | - |
| CVE-2021-40344 | High | 7.2 | 66% | - | - |
| CVE-2022-0415 | High | 8.8 | 65% | - | Fix |
| CVE-2024-29848 | High | 7.2 | 64% | - | Fix |
| CVE-2018-19422 | High | 7.2 | 64% | - | - |
| CVE-2020-28328 | High | 8.8 | 64% | - | Fix |
| CVE-2019-8394 | Medium | 6.5 | 64% | KEV | Fix |
| CVE-2017-18048 | High | 8.8 | 64% | - | - |
| CVE-2023-51409 | Critical | 10.0 | 63% | - | Fix |
| CVE-2023-38095 | High | 8.8 | 62% | - | Fix |
| CVE-2017-9080 | High | 8.8 | 62% | - | - |
| CVE-2017-1000119 | High | 7.2 | 61% | - | - |
| CVE-2023-27179 | High | 7.5 | 61% | - | - |
| CVE-2021-24499 | Critical | 9.8 | 60% | - | Fix |
| CVE-2021-30118 | Critical | 9.8 | 60% | - | Fix |
| CVE-2023-0587 | Critical | 9.1 | 60% | - | - |
| CVE-2021-42342 | Critical | 9.8 | 59% | - | Fix |
| CVE-2021-43829 | High | 7.4 | 59% | - | Fix |
| CVE-2025-2748 | Medium | 6.1 | 59% | - | - |
| CVE-2021-42840 | High | 8.8 | 59% | - | Fix |
| CVE-2021-34427 | Critical | 9.8 | 58% | - | - |
| CVE-2015-4553 | High | 8.8 | 57% | - | - |
| CVE-2021-25003 | Critical | 9.8 | 56% | - | Fix |
| CVE-2011-4908 | Critical | 9.8 | 56% | - | Fix |
| CVE-2021-39352 | High | 7.2 | 56% | - | - |
| CVE-2022-25487 | Critical | 9.8 | 55% | - | - |
| CVE-2021-3277 | High | 7.2 | 55% | - | - |
| CVE-2024-24809 | High | 8.5 | 54% | - | - |
| CVE-2021-36356 | Critical | 9.8 | 54% | - | - |
| CVE-2026-0740 | Critical | 9.8 | 54% | - | - |
| CVE-2019-11447 | High | 8.8 | 53% | - | - |
| CVE-2020-12255 | High | 8.8 | 53% | - | - |
| CVE-2023-6187 | High | 7.5 | 52% | - | - |
| CVE-2024-5084 | Critical | 9.8 | 51% | - | Fix |
| CVE-2025-26319 | Critical | 9.8 | 51% | - | - |
Showing the top 100 of 4,140. Browse all 4,140 in the lookup tool.