Sonatype Sonatype

  1. Vendors
  2. Sonatype

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Sonatype product.

RSS Feeds for Sonatype security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Sonatype products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Sonatype Sorted by Most Security Vulnerabilities since 2018

Sonatype Nexus Repository Manager34 vulnerabilities

Sonatype Nexus7 vulnerabilities

Sonatype Nexus Repository Manager 33 vulnerabilities

Sonatype Nexus Iq Server1 vulnerability

Known Exploited Sonatype Vulnerabilities

The following Sonatype vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.
CVE-2019-7238 Exploit Probability: 94.4% 		December 10, 2021
Nexus Repository Manager 3 Remote Code Execution Vulnerability Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
CVE-2020-10199 Exploit Probability: 94.4% 		November 3, 2021

Of the known exploited vulnerabilities above, 2 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings.

By the Year

In 2026 there have been 7 vulnerabilities in Sonatype. Last year, in 2025 Sonatype had 2 security vulnerabilities published. That is, 5 more vulnerabilities have already been reported in 2026 as compared to last year.




Year Vulnerabilities Average Score
2026 7 0.00
2025 2 0.00
2024 1 6.50
2023 0 0.00
2022 2 4.30
2021 8 5.35
2020 9 6.80
2019 9 7.72
2018 6 6.30

It may take a day or so for new Sonatype vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Sonatype Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-7308 May 11, 2026
XSS via Repository HTML Index in Nexus Repository 3.6.0-3.92.0 An authenticated user with upload permission to a hosted repository can store content that causes arbitrary JavaScript to execute in the browser of any user who browses that repository directory via the HTML index page in Sonatype Nexus Repository versions 3.6.0 through versions before 3.92.0. This could allow the attacker to perform actions in the context of the victim's session.
Nexus Repository Manager
CVE-2026-3048 May 11, 2026
Server-Side Connection Initiation in Nexus Repository Manager 3.x via LDAP Admin An authenticated administrator who configures or tests LDAP connectivity in Sonatype Nexus Repository Manager versions 3.0.0 through 3.91.1 may be able to initiate unintended server-side connections when interacting with a malicious LDAP server.
Nexus Repository Manager
CVE-2026-5189 Apr 15, 2026
Hard-Coded Credentials in Nexus Repository Manager 3.0.0-3.70.5 Allow Unauth OS Cmds CWE-798: Use of Hard-coded Credentials in Sonatype Nexus Repository Manager versions 3.0.0 through 3.70.5 allows an unauthenticated attacker with network access to gain unauthorized read/write access to the internal database and execute arbitrary OS commands as the Nexus process user. Exploitation requires the non-default nexus.orient.binaryListenerEnabled=true configuration to be enabled.
Nexus Repository Manager
CVE-2026-3199 Apr 08, 2026
Sonatype Nexus 3.22.1-3.90.2 Task Exec perm bypassing nexus.scripts.allowCreation A vulnerability in the task management component of Sonatype Nexus Repository versions 3.22.1 through 3.90.2 allows an authenticated attacker with task creation permissions to execute arbitrary code, bypassing the nexus.scripts.allowCreation security control.
Nexus Repository Manager
CVE-2026-3438 Apr 08, 2026
Reflected XSS in Sonatype Nexus Repo 3.0.0-3.90.2 via Craft URL A reflected cross-site scripting vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.90.2 that allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted URL. Exploitation requires user interaction.
Nexus Repository Manager
CVE-2026-0600 Jan 14, 2026
Nexus Repository 3 SSRF via Proxy Repo URL (v3.0.0+; fixed 3.88.0+) Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Repository 3 versions 3.0.0 and later allows authenticated administrators to configure proxy repositories with URLs that can access unintended network destinations, potentially including cloud metadata services and internal network resources. A workaround configuration is available starting in version 3.88.0, but the product remains vulnerable by default.
Nexus Repository Manager
CVE-2026-0601 Jan 14, 2026
CVE-2026-0601: Reflected XSS in Nexus Repository 3 via Unsanitized Input A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted request requiring user interaction.
Nexus Repository Manager
CVE-2025-13488 Dec 04, 2025
Sonatype Nexus Repo 3.83.0: XSS from missing security header Due to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context.
Nexus Repository Manager
CVE-2025-9868 Oct 08, 2025
SSRF in Sonatype Nexus Repository 2.15.2 Remote Browser Plugin Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests.
Nexus Repository Manager
CVE-2024-5764 Oct 23, 2024
Hard-Coded Credentials in Sonatype Nexus Repository 3.0.0-3.72.0 Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated. This issue affects Nexus Repository: from 3.0.0 through 3.72.0.
Nexus
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.