Hpe
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Hpe product.
RSS Feeds for Hpe security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Hpe products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Hpe Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 39 vulnerabilities in Hpe with an average score of 6.9 out of ten. Last year, in 2025 Hpe had 60 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Hpe in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.22
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 39 | 6.88 |
| 2025 | 60 | 7.09 |
| 2024 | 7 | 8.81 |
| 2023 | 10 | 7.84 |
| 2022 | 11 | 7.44 |
| 2021 | 4 | 6.15 |
| 2020 | 3 | 6.90 |
| 2019 | 18 | 7.63 |
| 2018 | 234 | 0.00 |
It may take a day or so for new Hpe vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Hpe Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-23817 | Mar 11, 2026 |
Unauth Remote URL Redirect in HPE AOS-CX Switch Web UIA vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL. |
|
| CVE-2026-23816 | Mar 11, 2026 |
CLI Command Injection in HPE AOS-CX SwitchesA vulnerability in the command line interface of AOS-CX Switches could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system. |
|
| CVE-2026-23815 | Mar 11, 2026 |
HPE AOS-CX CLI Custom Binary Command InjectionA vulnerability in a custom binary used in AOS-CX Switches' CLI could allow an authenticated remote attacker with high privileges to perform command injection. Successful exploitation could allow an attacker to execute unauthorized commands. |
|
| CVE-2026-23814 | Mar 11, 2026 |
AOS-CX CLI Command Injection via Parameter TamperingA vulnerability in the command parameters of a certain AOS-CX CLI command could allow a low-privilege authenticated remote attacker to inject malicious commands resulting in unwanted behavior. |
|
| CVE-2026-23813 | Mar 11, 2026 |
Unauthenticated Auth Bypass & Admin Reset in AOS-CX Web UIA vulnerability has been identified in the web-based management interface of AOS-CX switches that could potentially allow an unauthenticated remote actor to circumvent existing authentication controls. In some cases this could enable resetting the admin password. |
|
| CVE-2026-23812 | Mar 04, 2026 |
AP Impersonation via Address-Based Spoofing Enables MitM on HPE ArubaA vulnerability has been identified where an attacker connecting to an access point as a standard wired or wireless client can impersonate a gateway by leveraging an address-based spoofing technique. Successful exploitation enables the redirection of data streams, allowing for the interception or modification of traffic intended for the legitimate network gateway via a Machine-in-the-Middle (MitM) position. |
|
| CVE-2026-23811 | Mar 04, 2026 |
Client Isolation Bypass in HPE ArubaOS Enables Layer 3 MitMA vulnerability in the client isolation mechanism may allow an attacker to bypass Layer 2 (L2) communication restrictions between clients and redirect traffic at Layer 3 (L3). In addition to bypassing policy enforcement, successful exploitation - when combined with a port-stealing attack - may enable a bi-directional Machine-in-the-Middle (MitM) attack. |
|
| CVE-2026-23810 | Mar 04, 2026 |
HPE Aruba AP GTK-Reencrypt Vulnerability (CVE-2026-23810)A vulnerability in the packet processing logic may allow an authenticated attacker to craft and transmit a malicious Wi-Fi frame that causes an Access Point (AP) to classify the frame as group-addressed traffic and re-encrypt it using the Group Temporal Key (GTK) associated with the victim's BSSID. Successful exploitation may enable GTK-independent traffic injection and, when combined with a port-stealing technique, allows an attacker to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks across BSSID boundaries. |
|
| CVE-2026-23809 | Mar 04, 2026 |
HPE WiFi BSSID Isolation Bypass via PortStealingA technique has been identified that adapts a known port-stealing method to Wi-Fi environments that use multiple BSSIDs. By leveraging the relationship between BSSIDs and their associated virtual ports, an attacker could potentially bypass inter-BSSID isolation controls. Successful exploitation may enable an attacker to redirect and intercept the victim's network traffic, potentially resulting in eavesdropping, session hijacking, or denial of service. |
|
| CVE-2026-23808 | Mar 04, 2026 |
HPE Aruba WLAN Roaming Protocol GTK Injection VulnerabilityA vulnerability has been identified in a standardized wireless roaming protocol that could enable a malicious actor to install an attacker-controlled Group Temporal Key (GTK) on a client device. Successful exploitation of this vulnerability could allow a remote malicious actor to perform unauthorized frame injection, bypass client isolation, interfere with cross-client traffic, and compromise network segmentation, integrity, and confidentiality. |
|
| CVE-2026-23601 | Mar 04, 2026 |
Shared-Key Auth Spoofing in HPE Aruba Wi-FiA vulnerability has been identified in the wireless encryption handling of Wi-Fi transmissions. A malicious actor can generate shared-key authenticated transmissions containing targeted payloads while impersonating the identity of a primary BSSID.Successful exploitation allows for the delivery of tampered data to specific endpoints, bypassing standard cryptographic separation. |
|
| CVE-2026-23600 | Mar 02, 2026 |
HPE AutoPass License Server Auth Bypass via RemoteA remote authentication bypass vulnerability exists in HPE AutoPass License Server (APLS). |
Autopass License Server
|
| CVE-2026-23599 | Feb 17, 2026 |
CVE-2026-23599: Local Privilege Escalation in HPE Aruba ClearPass OnGuard (Linux)A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking ClearPass OnGuard Software for Linux. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges. |
|
| CVE-2026-23598 | Feb 17, 2026 |
HPE Aruba 5G Core API Error Disclosure Reveals Sensitive InfoVulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such as user accounts, roles, and system configuration, as well as to gain insight into internal services and workflows, increasing the risk of unauthorized access and elevated privileges when combined with other vulnerabilities. |
|
| CVE-2026-23597 | Feb 17, 2026 |
Unauth Remote Info Disclosure via Aruba 5G Core API Error HandlingVulnerabilities in the API error handling of an HPE Aruba Networking 5G Core server API could allow an unauthenticated remote attacker to obtain sensitive information. Successful exploitation could allow an attacker to access details such as user accounts, roles, and system configuration, as well as to gain insight into internal services and workflows, increasing the risk of unauthorized access and elevated privileges when combined with other vulnerabilities. |
|
| CVE-2026-23596 | Feb 17, 2026 |
Unauthenticated Management API Allows Remote Service RestartA vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system availability. |
|
| CVE-2026-23595 | Feb 17, 2026 |
Auth Bypass API Allows Privileged Account CreationAn authentication bypass in the application API allows an unauthorized administrative account to be created. A remote attacker could exploit this vulnerability to create privileged user accounts. Successful exploitation could allow an attacker to gain administrative access, modify system configurations, and access or manipulate sensitive data. |
|
| CVE-2026-23593 | Jan 27, 2026 |
HPE Aruba Fabric Composer Web UI Unauth File DisclosureA vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer could allow an unauthenticated remote attacker to view some system files. Successful exploitation could allow an attacker to read files within the affected directory. |
|
| CVE-2026-23592 | Jan 27, 2026 |
HPE Aruba Networking Fabric Composer RCE via insecure backup opsInsecure file operations in HPE Aruba Networking Fabric Composerâs backup functionality could allow authenticated attackers to achieve remote code execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. |
|
| CVE-2025-37181 | Jan 14, 2026 |
SQLi in HPE EdgeConnect SDWAN Orchestrator Web UI (authenticated remote)Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading to unauthorized data access or data manipulation. |
|
| CVE-2025-37185 | Jan 14, 2026 |
HPE EdgeConnect SD-WAN Orchestrator Authenticated XSS in Web UIVulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attacks against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface and thereby make unauthorized arbitrary configuration changes to the host. |
|
| CVE-2025-37184 | Jan 14, 2026 |
HPE Orchestrator MFA Bypass Enables Unauth Admin CreationA vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the necessary multi-factor authentication, thereby compromising the integrity of secured access to the system. |
|
| CVE-2025-37183 | Jan 14, 2026 |
EdgeConnect SD-WAN Orchestrator Web UI SQLi via Authenticated Remote AttackerVulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading to unauthorized data access or data manipulation. |
|
| CVE-2025-37182 | Jan 14, 2026 |
Auth Remote SQLi in EdgeConnect SD-WAN Orchestrator Web UIVulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading to unauthorized data access or data manipulation. |
|
| CVE-2025-37186 | Jan 13, 2026 |
HPE Aruba VIA Client Privilege Escalation to Root (CVE-2025-37186)A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual Intranet Access (VIA) client. Successful exploitation of this vulnerability could allow a local attacker to achieve arbitrary code execution with root privileges. |
|
| CVE-2025-37179 | Jan 13, 2026 |
OOB Read in HPE Buffer Component Enables DoSMultiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can result in a crash of the affected process and a potential denial-of-service of the compromised process. |
Arubaos
|
| CVE-2025-37178 | Jan 13, 2026 |
HPE Buffer OOB Read CVE-2025-37178Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can result in a crash of the affected process and a potential denial-of-service of the compromised process. |
Arubaos
|
| CVE-2025-37177 | Jan 13, 2026 |
HPE Mobility Conductor CLI Arbitrary File Deletion (CVE-2025-37177)An arbitrary file deletion vulnerability has been identified in the command-line interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation of this vulnerability could allow an authenticated remote malicious actor to delete arbitrary files within the affected system. |
Arubaos
|
| CVE-2025-37176 | Jan 13, 2026 |
Command Injection in AOS-8 Package Header Authenticated Privileged UserA command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations. Successful exploit could allow an authenticated malicious actor to execute commands with the privileges of the impacted mechanism. |
Arubaos
|
| CVE-2025-37175 | Jan 13, 2026 |
HPE Aruba Mobility Conductor AOS-10/8 Arbitrary File UploadArbitrary file upload vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files as a privilege user and execute arbitrary commands on the underlying operating system. |
Arubaos
|
| CVE-2025-37174 | Jan 13, 2026 |
HPE Mobility Conductor AOS-10/AOS-8 Arb File Write via Auth Web-MgmtAuthenticated arbitrary file write vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor to create or modify arbitrary files and execute arbitrary commands as a privileged user on the underlying operating system. |
Arubaos
|
| CVE-2025-37173 | Jan 13, 2026 |
Improper Input Handling in HP Mobility Conductor AOS Web InterfaceAn improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected system. |
Arubaos
|
| CVE-2025-37172 | Jan 13, 2026 |
Auth Cmd Injection in HPE Aruba Mobility Conductor AOS-8 Web UIAuthenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system. |
Arubaos
|
| CVE-2025-37171 | Jan 13, 2026 |
HPE MobilityConductor AOS-8 Auth Cmd Injection (CVE-2025-37171)Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system. |
Arubaos
|
| CVE-2025-37170 | Jan 13, 2026 |
HPE Aruba Mobility Conductor AOS-8 Authenticated Command InjectionAuthenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system. |
Arubaos
|
| CVE-2025-37169 | Jan 13, 2026 |
Stack Overflow in HPE AOS-10 Web UI Enables Privileged ExecA stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system. |
Arubaos
|
| CVE-2025-37168 | Jan 13, 2026 |
Aruba Mobility Conductor AOS-8 Arbitrary File DeletionArbitrary file deletion vulnerability have been identified in a system function of mobility conductors running AOS-8 operating system. Successful exploitation of this vulnerability could allow an unauthenticated remote malicious actor to delete arbitrary files within the affected system and potentially result in denial-of-service conditions on affected devices. |
Arubaos
|
| CVE-2025-37166 | Jan 13, 2026 |
HPE Instant On Access Points DoS via Crafted PacketA vulnerability affecting HPE Networking Instant On Access Points has been identified where a device processing a specially crafted packet could enter a non-responsive state, in some cases requiring a hard reset to re-establish services. A malicious actor could leverage this vulnerability to conduct a Denial-of-Service attack on a target network. |
|
| CVE-2025-37165 | Jan 13, 2026 |
HPE Instant On AP Router Mode Config DisclosureA vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain network configuration details to unintended interfaces. A malicious actor could gain knowledge of internal network configuration details through inspecting impacted packets. |
|
| CVE-2025-37164 | Dec 16, 2025 |
Remote Code Execution (RCE) in HPE OneViewA remote code execution issue exists in HPE OneView. |
|
| CVE-2025-37162 | Nov 18, 2025 |
Auth Remote CLI Cmd Injection in IoT DeviceA vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. |
|
| CVE-2025-37161 | Nov 18, 2025 |
Unauthenticated DoS via WebMgmt Interface (CVE202537161)A vulnerability in the web-based management interface of affected products could allow an unauthenticated remote attacker to cause a denial of service. Successful exploitation could allow an attacker to crash the system, preventing it from rebooting without manual intervention and disrupting network operations. |
|
| CVE-2025-37163 | Nov 18, 2025 |
Command Injection in HPE Aruba Airwave CLIA command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system. |
|
| CVE-2025-37160 | Nov 18, 2025 |
Broken Access Control (BAC) in Web-Based Management InterfaceA broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation of this vulnerability could enable the attacker to disclose sensitive data. |
|
| CVE-2025-37159 | Nov 18, 2025 |
AOS-CX OS AuthSess Hijack via WebInterface (CVE-2025-37159)A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthorized access to the session, potentially leading to the view or modification of sensitive configuration data. |
|
| CVE-2025-37158 | Nov 18, 2025 |
AOS-CX OS: Remote Authenticated command injection yields RCEA command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system. |
|
| CVE-2025-37157 | Nov 18, 2025 |
CVE-2025-37157: Authenticated Cmd Injection in ArubaOS-CX OSA command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system. |
|
| CVE-2025-37156 | Nov 18, 2025 |
ArubaOS-CX Switch DoS via Admin Code Execution (CVE-2025-37156)A platform-level denial-of-service (DoS) vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and effectively non-functional. |
|
| CVE-2025-37155 | Nov 18, 2025 |
Auth Bypass via SSH Restricted Shell in Network Mgmt ServiceA vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated read-only users. If successfully exploited, this vulnerability could allow an attacker with read-only privileges to gain administrator access on the affected system. |
|
| CVE-2025-37145 | Oct 14, 2025 |
Aruba AOS Low-level Interface Lib: Authenticated Arbitrary File DownloadArbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits. |
Arubaos
|