Yeti-platform CVEs & Vulnerabilities
2 CVEs affecting Yeti-platform products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
yeti 2
CVE-2024-46508HIGH
yeti-platform yeti before 2.1.12 allows attackers to generate valid JWT tokens is the secret is not changed (by setting YETI_AUTH_SECRET_KEY to a value other than SECRET).
8 May 2026
7.5
CVSS
CVE-2024-46507KEVHIGHin the wild
A SSTI (server side template injection) vulnerability in the custom template export function in yeti-platform yeti before 2.1.12 allows attackers to execute code on the application server.
11 Apr 2026
7.3
CVSS
← PrevPage 1 / 1Next →