CVE-2023-2868CISA KEVEPSS p99.7%

CVE-2023-2868Barracuda Networks ESG Appliance Improper Input Validation Vulnerability

Barracuda Networks / Email Security Gateway (ESG) Appliance

Description

Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.

Scoring

EPSS86.96% probability of exploitation · percentile 99.7% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2023-05-26

(incoming)1

TypeTargetConfidenceTier
KEVEntryBarracuda Networks ESG Appliance Improper Input Validation Vulnerabilitykev-cve-2023-28680%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Cisco Multiple Products Improper Input Validation Vulnerability
CVE
Libraesva Email Security Gateway Command Injection Vulnerability
CVE
CVE-2025-26477
CVE
SolarView Compact Command Injection Vulnerability
CVE
CVE-2026-33000
CVE
QNAP QTS Improper Input Validation Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.