umbraco security advisories
2 threat alerts tracking vulnerabilities and security advisories that affect umbraco products.
Vulnios monitors umbraco CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent umbraco security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2025-67288 — umbraco — umbraco_cms
An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary code by uploading a crafted PDF file. NOTE: this is disputed by the Supplier because the responsibil
criticalCVE-2025-67288Critical Vulnerability: CVE-2012-1301 — umbraco — umbraco_cms
The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter.
criticalCVE-2012-1301
Track umbraco exposure across your environment
Vulnios automatically cross-references your asset inventory against new umbraco CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan