This page lists publicly disclosed CVE vulnerabilities affecting uipath orchestrator (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-19855 | UiPath Orchestrator before 2018.3.4 allows CSV Injection, related to the Audit export, Robot log export, and Transaction log export features. | [email protected] | 5.5 | 1.09% | 2019-08-08 | 2026-06-16 |
| CVE-2018-17305 | UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even administrators) leading to privilege escalation and remote code execution. | [email protected] | 8.8 | 1.53% | 2019-04-11 | 2026-06-16 |