GNU Savane
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in GNU Savane.
By the Year
In 2026 there have been 1 vulnerability in GNU Savane with an average score of 3.7 out of ten. Savane did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 3.70 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 0.00 |
It may take a day or so for new Savane vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent GNU Savane Security Vulnerabilities
Auth Bypass via Untrusted Data in Savane <=3.17 (CVE-2026-56355)
CVE-2026-56355
3.7 - Low
- June 20, 2026
GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.
Incorrect Behavior Order
RCE via crafted file upload in GNU Savane v3.13 and earlier (upload.php)
CVE-2024-29399
- April 11, 2024
An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for GNU Savane or by GNU? Click the Watch button to subscribe.
