CVE-2021-21311

CISA KEV

Published September 29, 2025 · Updated April 3, 2026

high

Official Description+

Adminer contains a server-side request forgery vulnerability that, when exploited, allows a remote attacker to obtain potentially sensitive information.

Affected Products

Vendor	Product
Adminer	Adminer

Patch Status

Patch by 2025-10-20

Recommended Actions

Check if your systems use any of the affected products listed above.
Apply vendor patches immediately if available.
This vulnerability is in CISA's Known Exploited Vulnerabilities catalog — prioritize remediation.
Monitor vendor advisories for updates and additional mitigations.
Review logs for indicators of compromise related to CVE-2021-21311.