OpenStack Ironic
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in OpenStack Ironic.
By the Year
In 2026 there have been 10 vulnerabilities in OpenStack Ironic with an average score of 5.8 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 10 | 5.83 |
It may take a day or so for new Ironic vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent OpenStack Ironic Security Vulnerabilities
OpenStack Ironic 35.0.1: PATCH on volume props leaks iSCSI creds
CVE-2026-54421
6.8 - Medium
- June 14, 2026
In OpenStack Ironic before 37.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information (such as iSCSI credentials). The PATCH outcome is a security issue; the POST outcome is not a security issue.
Improper Removal of Sensitive Information Before Storage or Transfer
Unauth Service Crash via Crafted JSON in OpenStack Ironic 32-35.0.1
CVE-2026-50589
5.3 - Medium
- June 04, 2026
In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash.
Allocation of Resources Without Limits or Throttling
OpenStack Ironic <35.0.2 Local File Read via PXE Template
CVE-2026-44917
4.9 - Medium
- June 04, 2026
OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_template.
Incorrect Resource Transfer Between Spheres
OpenStack Ironic <35.0.2: DT File Overwrite Vulnerability in ISO Deployer
CVE-2026-48681
5.9 - Medium
- June 04, 2026
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.
Relative Path Traversal
OpenStack Ironic <=35.0.x Boot Script Injection
CVE-2026-46447
5.8 - Medium
- June 03, 2026
OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info.
Incorrect Resource Transfer Between Spheres
OpenStack Ironic Infinite Loop via file:///dev/zero URL
CVE-2026-44919
4.3 - Medium
- May 14, 2026
In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL.
Incorrect Behavior Order
OpenStack Ironic ks_template unsandboxed rendering
CVE-2026-44916
3 - Low
- May 08, 2026
In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing.
1336
OpenStack Ironic idrac Remote Credential Exposure <=35.0.1
CVE-2026-42997
7.7 - High
- May 05, 2026
An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token (which provides access to all OpenStack services Ironic is authorized for); or basic credentials configured for molds storage. The fixed versions are 26.1.6, 29.0.5, 32.0.1, and 35.0.1.
Incorrect Resource Transfer Between Spheres
Arbitrary Code Exec via grub-install in OpenStack iPythonAgent <11.5.0
CVE-2026-43003
8 - High
- May 01, 2026
An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image.
Inclusion of Functionality from Untrusted Control Sphere
OpenStack Ironic <=25.0.0 IPMI Tool Execution via Console Interface
CVE-2026-42510
6.6 - Medium
- April 28, 2026
OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.
Inclusion of Functionality from Untrusted Control Sphere
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for OpenStack Ironic or by OpenStack? Click the Watch button to subscribe.
