Wso2 Micro Integrator
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Wso2 Micro Integrator.
By the Year
In 2026 there have been 0 vulnerabilities in Wso2 Micro Integrator. Last year, in 2025 Wso2 Micro Integrator had 2 security vulnerabilities published. Right now, Wso2 Micro Integrator is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 8.40 |
It may take a day or so for new Wso2 Micro Integrator vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Wso2 Micro Integrator Security Vulnerabilities
Arbitrary Code Exec via Unrestricted GraalJS/NashornJS in WSO2 Integrators
CVE-2025-11093
8.4 - High
- November 05, 2025
An arbitrary code execution vulnerability exists in multiple WSO2 products due to insufficient restrictions in the GraalJS and NashornJS Script Mediator engines. Authenticated users with elevated privileges can execute arbitrary code within the integration runtime environment. By default, access to these scripting engines is limited to administrators in WSO2 Micro Integrator and WSO2 Enterprise Integrator, while in WSO2 API Manager, access extends to both administrators and API creators. This may allow trusted-but-privileged users to perform unauthorized actions or compromise the execution environment.
Code Injection
WSO2 Admin SOAP Services Arbitrary File Upload (RCE)
CVE-2025-10907
8.4 - High
- November 05, 2025
An arbitrary file upload vulnerability exists in multiple WSO2 products due to insufficient validation of uploaded content and destination in SOAP admin services. A malicious actor with administrative privileges can upload a specially crafted file to a user-controlled location within the deployment. Successful exploitation may lead to remote code execution (RCE) on the server, depending on how the uploaded file is processed. By default, this vulnerability is only exploitable by users with administrative access to the affected SOAP services.
Unrestricted File Upload
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Wso2 Micro Integrator or by Wso2? Click the Watch button to subscribe.
