Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Openstack:
>> Ironic
>> 20.1.0
Security Vulnerabilities
CVE-2026-48681
OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image.
CVSS Score
5.9
EPSS Score
0.006
Published
2026-06-04
CVE-2026-44917
OpenStack Ironic before 35.0.2 allows a malicious authenticated project admin or manager to read local files on the Ironic conductor via a pxe_template.
CVSS Score
4.9
EPSS Score
0.003
Published
2026-06-04
CVE-2026-46447
OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info.
CVSS Score
5.8
EPSS Score
0.003
Published
2026-06-03
CVE-2026-44916
In OpenStack Ironic before 35.0.2 (in a certain non-default configuration), instance_info['ks_template'] is rendered without sandboxing.
CVSS Score
3.0
EPSS Score
0.003
Published
2026-05-08
CVE-2026-42510
OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.
CVSS Score
6.6
EPSS Score
0.006
Published
2026-04-28
Page 1
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved