Sonatype
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Sonatype product.
RSS Feeds for Sonatype security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Sonatype products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Sonatype Sorted by Most Security Vulnerabilities since 2018
Known Exploited Sonatype Vulnerabilities
The following Sonatype vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability |
Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution. CVE-2019-7238 Exploit Probability: 94.4% |
December 10, 2021 |
| Nexus Repository Manager 3 Remote Code Execution Vulnerability |
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). CVE-2020-10199 Exploit Probability: 94.4% |
November 3, 2021 |
Of the known exploited vulnerabilities above, 2 are in the top 1%, or the 99th percentile of the EPSS exploit probability rankings.
By the Year
In 2026 there have been 2 vulnerabilities in Sonatype. Last year, in 2025 Sonatype had 2 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Sonatype in 2026 could surpass last years number.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 0.00 |
| 2025 | 2 | 0.00 |
| 2024 | 1 | 6.50 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 4.30 |
| 2021 | 8 | 5.35 |
| 2020 | 9 | 6.80 |
| 2019 | 9 | 7.72 |
| 2018 | 6 | 6.30 |
It may take a day or so for new Sonatype vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Sonatype Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-0600 | Jan 14, 2026 |
Nexus Repository 3 SSRF via Proxy Repo URL (v3.0.0+; fixed 3.88.0+)Server-Side Request Forgery (SSRF) vulnerability in Sonatype Nexus Repository 3 versions 3.0.0 and later allows authenticated administrators to configure proxy repositories with URLs that can access unintended network destinations, potentially including cloud metadata services and internal network resources. A workaround configuration is available starting in version 3.88.0, but the product remains vulnerable by default. |
Nexus Repository Manager
|
| CVE-2026-0601 | Jan 14, 2026 |
CVE-2026-0601: Reflected XSS in Nexus Repository 3 via Unsanitized InputA reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted request requiring user interaction. |
Nexus Repository Manager
|
| CVE-2025-13488 | Dec 04, 2025 |
Sonatype Nexus Repo 3.83.0: XSS from missing security headerDue to a regression introduced in version 3.83.0, a security header is no longer applied to certain user-uploaded content served from repositories. This may allow an authenticated attacker with repository upload privileges to exploit a stored cross-site scripting (XSS) vulnerability with user context. |
Nexus Repository Manager
|
| CVE-2025-9868 | Oct 08, 2025 |
SSRF in Sonatype Nexus Repository 2.15.2 Remote Browser PluginServer-Side Request Forgery (SSRF) in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests. |
Nexus Repository Manager
|
| CVE-2024-5764 | Oct 23, 2024 |
Hard-Coded Credentials in Sonatype Nexus Repository 3.0.0-3.72.0Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (SMTP or HTTP proxy credentials, user tokens, tokens, among others). The affected versions relied on a static hard-coded encryption passphrase. While it was possible for an administrator to define an alternate encryption passphrase, it could only be done at first boot and not updated. This issue affects Nexus Repository: from 3.0.0 through 3.72.0. |
Nexus
|
| CVE-2022-27907 | Mar 30, 2022 |
Sonatype Nexus Repository Manager 3.x before 3.38.0Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF. |
Nexus Repository Manager
|
| CVE-2021-43961 | Mar 17, 2022 |
Sonatype Nexus Repository Manager 3.36.0Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection. |
Nexus Repository Manager
|
| CVE-2021-43293 | Nov 04, 2021 |
Sonatype Nexus Repository Manager 3.x before 3.36.0Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote authenticated attacker to potentially perform network enumeration via Server Side Request Forgery (SSRF). |
Nexus Repository Manager
|
| CVE-2021-42568 | Nov 02, 2021 |
Sonatype Nexus Repository Manager 3.x through 3.35.0Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers to access the SSL Certificates Loading function via a low-privileged account. |
Nexus Repository Manager
|
| CVE-2021-40143 | Sep 07, 2021 |
Sonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injectionSonatype Nexus Repository 3.x through 3.33.1-01 is vulnerable to an HTTP header injection. By sending a crafted HTTP request, a remote attacker may disclose sensitive information or request external resources from a vulnerable instance. |
Nexus Repository Manager 3
|