Payara Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Payara Server.
By the Year
In 2026 there have been 0 vulnerabilities in Payara Server. Payara Server did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 1 | 9.80 |
It may take a day or so for new Payara Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Payara Server Security Vulnerabilities
Payara Server JNDI Rebind RCE 4.1.2.191+ (Java 1.8u181-)
CVE-2023-28462
9.8 - Critical
- March 30, 2023
A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 (Enterprise), 5.20.0 and newer (Enterprise), and 5.2020.1 and newer (Community), when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Payara Server or by Payara? Click the Watch button to subscribe.
