| Septeember 27, 2024 | High | Path Traversal in E2Nest |
| August 1, 2024 | Critical | Server-Side Template Injection in Dispatch Message Templates |
| May 16, 2024 | Critical | Arbitrary File Read Vulnerability in ConsoleMe via Limited Git command RCE |
| May 09, 2024 | Critical | Path Traversal vulnerability via File Uploads in Genie |
| November 09, 2023 | Low | CORS check misconfiguration in the DIAL protocol |
| August 17, 2023 | Critical | Secret Key used for signing JWT tokens exposure in Dispatch |
| February 28, 2023 | Low | Insecure random generation in Lemur |
| March 30, 2022 | Critical | Format String Vulnerability in ConsoleMe |
| March 23, 2021 | Important | Local Information Disclosure in Priam |
| March 23, 2021 | Important | Local Information Disclosure in Hollow |
| March 10, 2021 | Important | Critical Vulnerability Exposing Private Keys in Lemur |
| December 08, 2020 | Important | SpEL Template injection on Netflix Spinnaker |
| November 6, 2020 | Important | Multiple Access Control Issues in Dispatch |
| November 6, 2020 | Important | Multiple XSS Vulnerabilities in Dispatch |
| August 27, 2020 | Important | Authenticated Server-Side Request Forgery in Orca Spinnaker |
| March 05, 2020 | Important | Server-Side Template Injection in Netflix Titus |
| February 24, 2020 | Important | Server-Side Template Injection in Netflix Conductor |
| June 20, 2019 | Informational | Dial Reference code implementation has Denial of Service |
| January 10, 2018 | Important | Unauthenticated Server-Side Request Forgery in Hystrix-Dashboard |
| April 14, 2017 | Important | Spinnaker Orca RCE and arbitrary file and URL access |
| August 31, 2016 | Important | zuul.filter.admin.enabled Defaults to True |
| June 6, 2016 | Important | Heap Overflow in Dynomite YAML Configuration Parser |
| February 22, 2015 | Important | External Entity Injection 'XXE' in Recipes-rss Open-Source Application |