Openmicroscopy Openmicroscopy

  1. Vendors
  2. Openmicroscopy

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Openmicroscopy product.

RSS Feeds for Openmicroscopy security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Openmicroscopy products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Openmicroscopy Sorted by Most Security Vulnerabilities since 2018

Openmicroscopy Omero5 vulnerabilities

Openmicroscopy Omero Web4 vulnerabilities

Openmicroscopy Omero Figure1 vulnerability

By the Year

In 2026 there have been 0 vulnerabilities in Openmicroscopy. Last year, in 2025 Openmicroscopy had 1 security vulnerability published. Right now, Openmicroscopy is on track to have less security vulnerabilities in 2026 than it did last year.




Year Vulnerabilities Average Score
2026 0 0.00
2025 1 0.00
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 3 6.00
2020 2 5.30
2019 0 0.00
2018 3 7.03

It may take a day or so for new Openmicroscopy vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Openmicroscopy Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2025-54791 Aug 13, 2025
OMERO.web info disclosure via Forgot Password before 5.29.2 OMERO.web provides a web based client and plugin infrastructure. Prior to version 5.29.2, if an error occurred when resetting a user's password using the Forgot Password option in OMERO.web, the error message displayed on the Web page can disclose information about the user. This issue has been patched in version 5.29.2. A workaround involves disabling the Forgot password option in OMERO.web using the omero.web.show_forgot_password configuration property.
Omero Web
CVE-2021-41132 Oct 14, 2021
OMERO.web provides a web based client and plugin infrastructure OMERO.web provides a web based client and plugin infrastructure. In versions prior to 5.11.0, a variety of templates do not perform proper sanitization through HTML escaping. Due to the lack of sanitization and use of ``jQuery.html()``, there are a whole host of cross-site scripting possibilities with specially crafted input to a variety of fields. This issue is patched in version 5.11.0. There are no known workarounds aside from upgrading.
Omero Figure
Omero Web
CVE-2021-21376 Mar 23, 2021
OMERO.web is open source Django-based software for managing microscopy imaging OMERO.web is open source Django-based software for managing microscopy imaging. OMERO.web before version 5.9.0 loads various information about the current user such as their id, name and the groups they are in, and these are available on the main webclient pages. This represents an information exposure vulnerability. Some additional information being loaded is not used by the webclient and is being removed in this release. This is fixed in version 5.9.0.
Omero Web
CVE-2021-21377 Mar 23, 2021
OMERO.web is open source Django-based software for managing microscopy imaging OMERO.web is open source Django-based software for managing microscopy imaging. OMERO.web before version 5.9.0 supports redirection to a given URL after performing login or switching the group context. These URLs are not validated, allowing redirection to untrusted sites. OMERO.web 5.9.0 adds URL validation before redirecting. External URLs are not considered valid, unless specified in the omero.web.redirect_allowed_hosts setting.
Omero Web
CVE-2020-6752 Jun 17, 2020
In OMERO before 5.6.1, group owners In OMERO before 5.6.1, group owners can access members' data in other groups.
Omero
CVE-2019-16245 Jun 17, 2020
OMERO before 5.6.1 makes the details of each user available to all users. OMERO before 5.6.1 makes the details of each user available to all users.
Omero
CVE-2018-1000633 Aug 20, 2018
The Open Microscopy Environment OMERO.web version prior to 5.4.7 contains an Information Exposure Through Log Files vulnerability in the login form and change password form The Open Microscopy Environment OMERO.web version prior to 5.4.7 contains an Information Exposure Through Log Files vulnerability in the login form and change password form that can result in User's password being revealed. Attacker can log in as that user. This attack appear to be exploitable via an attacker reading the web server log. This vulnerability appears to have been fixed in 5.4.7.
Omero
CVE-2018-1000634 Aug 20, 2018
The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains an Improper Access Control vulnerability in User management The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains an Improper Access Control vulnerability in User management that can result in administrative user with privilege restrictions logging in as a more powerful administrator. This attack appear to be exploitable via Use user administration privilege to set the password of a more powerful administrator. This vulnerability appears to have been fixed in 5.4.7.
Omero
CVE-2018-1000635 Aug 20, 2018
The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains a Information Exposure Through Sent Data vulnerability in OMERO.server The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains a Information Exposure Through Sent Data vulnerability in OMERO.server that can result in an Attacker gaining full administrative access to server and may be able to disable it. This vulnerability appears to have been fixed in 5.4.7.
Omero
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.