9 advisories tracked · NetApp Product Security Advisories (PSIRT) · direct feeds checked every minute; rate-limited backstops use a safe source cadence
Pick your product and enter the exact software release it runs. We match it against the affected/fixed versions in NetApp's recent advisories.
NetApp Product Security Advisories (PSIRT)
Polled through NetApp Product Security's official advisory API. It supplies the canonical NTAP advisory ID, NetApp-calculated CVSS, affected and investigating products, remediation releases, workarounds and revision dates without relying on a third-party keyword search.
Visit NetApp security advisoriesMariaDB versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, Denial of Service (DoS). Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
All supported versions of FreeBSD are susceptible to a vulnerability which when successfully exploited could allow an attacker to achieve remote code execution in the kernel. Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp states there is no workaround available at this time.
All supported versions of FreeBSD are susceptible to vulnerabilities in iconv encoding modules which when successfully exploited could be used to trigger buffer overflows. Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Linux Kernel versions 6.6.32 prior to 6.7, 6.9 prior to 6.12.84, 6.13 prior to 6.18.25, 6.19 prior to 7.0.2, and prior to 7.1-rc1 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Apache Netty. Apache Netty versions prior to 4.1.135.Final and 4.2.0 prior to 4.2.15.Final are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Apache Netty. Apache Netty versions prior to 4.1.133.Final and 4.2.0 prior to 4.2.13.Final are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). <br><br> OnCommand Insight:<br> Affected only by CVE-2026-41417. Affected products: OnCommand Insight. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate MySQL. MySQL versions 8.0.0 through 8.0.45, 8.4.0 through 8.4.8, and 9.0.0 through 9.6.0 are susceptible to a vulnerability that could allow unauthenticated attacker with logon to the infrastructure, unauthorized creation, deletion or modification access to critical data or complete access to all MySQL Server accessible data, unauthenticated attacker or low or high privileged attacker with network access via multiple protocols to compromise MySQL Server. Refer to “Oracle Critical Patch Update Advisory - April 2026” for additional details. OR Multiple NetApp products incorporate MySQL. MySQL versions 8.0.0 through 8.0.45, 8.4.0 through 8.4.8, and 9.0.0 through 9.6.0 are susceptible to a vulnerability that could allow an attacker to create, delete, or modify critical data, or potentially gain full access to all data accessible by the MySQL Server. Refer to “Oracle Critical Patch Update Advisory - April 2026” for additional details. Successful attacks of this vulnerability can result in takeover, unauthorized read access to a subset of MySQL Server accessible data, and cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. <br><br> Active IQ Unified Manager for Microsoft Windows: <br> Not affected by CVE-2026-34276 or CVE-2026-34271. <br> Active IQ Unified Manager for VMware vSphere: <br> Not affected by CVE-2026-34270, CVE-2026-34276, CVE-2025-14017 or CVE-2026-34271. <br> SnapCenter: <br> Not affected by CVE-2025-15467. Affected products: Active IQ Unified Manager for Microsoft Windows, Active IQ Unified Manager for VMware vSphere, OnCommand Insight, SnapCenter.
Multiple NetApp products incorporate Axios. Axios versions prior to 1.15.0 and 0.31.0 are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Affected products: NetApp Shift Toolkit, Storage Manager for ProxMox. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Python. Certain versions of Python are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Affected products: Active IQ Unified Manager for Microsoft Windows, Active IQ Unified Manager for VMware vSphere. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.