Cut the noise.
Know which vulnerabilities demand action.

Monitor and prioritize what really matters — the 1% of vulnerabilities that can cause real impact.

Analytics

EPSS Trending (30d)

Threat Indicators

829
CISA KEV
244
Exploits
493
Proof-of-Concept
82.8%
Average EPSS

EPSS Hot Zone

|
Sort by:
KEV Prediction — Top%
EPSS Percentile — Top%

Emerging Vulnerabilities

11 Jun/26
CVE-2026-35273
CRITICAL

This vulnerability is an authentication bypass affecting the Updates Environment Management component of Oracle PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62. The root cause lies in improper access control mechanisms that allow unauthenticated network requests over HTTP to interact with privileged environment management functions. This flaw enables attackers to bypass normal authentication checks within the PeopleTools update management interface.

CVSS 9.8
EPSS 92.3%
KEV Pred in 1d
Product Oracle Corporation PeopleSoft Enterprise PeopleTools oracle
CVSS v3.1 KEV CWE-306 PoC RANSOMWARE
10 Jun/26
CVE-2026-20253
CRITICAL

This vulnerability is an authentication bypass affecting the PostgreSQL sidecar service endpoint in Splunk Enterprise. The root cause is the absence of authentication controls on this endpoint, which allows unauthenticated network users to invoke file operations. The affected component is the PostgreSQL sidecar service integrated within Splunk Enterprise versions prior to 10.2.4 and 10.0.7.

CVSS 9.8
EPSS 88.2%
KEV Pred N/A
Product Splunk Enterprise splunk
CVSS v3.1 KEV CWE-306 PoC
09 Jun/26
CVE-2026-10520
CRITICAL

The vulnerability is an OS command injection rooted in improper input validation within Ivanti Sentry's command execution routines. Specifically, the affected component fails to sanitize user-supplied input before passing it to underlying system shell commands. This flaw exists in versions prior to R10.5.2, R10.6.2, and R10.7.1, impacting the command processing mechanism that interfaces with the operating system shell.

CVSS 10.0
EPSS 99.0%
KEV Pred 72%
Product ivanti Sentry ivanti
CVSS v3.1 KEV CWE-78 PoC RANSOMWARE
08 Jun/26
CVE-2026-50751
CRITICAL

This vulnerability is an authentication bypass caused by a logic flaw in the certificate validation process within the deprecated IKEv1 key exchange protocol. The affected component is the Remote Access and Mobile Access feature of the Check Point Quantum Security Gateway. The root cause lies in improper handling of certificate validation logic flow, which allows bypassing normal authentication checks during VPN establishment.

CVSS 9.3
EPSS 70.1%
KEV Pred 68%
Product checkpoint Quantum Security Gateway checkpoint
CVSS v3.1 KEV CWE-287 PoC RANSOMWARE
05 Jun/26
CVE-2026-48907
CRITICAL

The vulnerability is an authentication bypass in the Joomla Content Editor (JCE) extension for Joomla, allowing unauthenticated users to create new editor profiles. This flaw arises from improper access control validation in the profile creation component of the JCE editor. The affected feature is the editor profile management functionality within the JCE extension, which fails to restrict profile creation to authorized users only.

CVSS 9.8
EPSS 80.4%
KEV Pred 60%
Product joomlacontenteditor.net Joomla Content Editor (JCE) extension for Joomla joomlacontenteditor.net
CVSS v3.1 CVSS v4.0 KEV CWE-284 PoC
22 May/26
CVE-2026-34910
CRITICAL

This vulnerability is a command injection flaw resulting from improper input validation in UniFi OS Server and related UniFi firmware components. The root cause lies in the failure to sanitize user-supplied input before passing it to system-level command execution functions. Affected components include UniFi OS Server and multiple UniFi device firmware versions, where network-accessible interfaces process untrusted input without adequate validation.

CVSS 10.0
EPSS 78.6%
KEV Pred 76%
Product Ubiquiti Inc UniFi OS Server ubiquiti
CVSS v3.1 KEV CWE-20
20 May/26
CVE-2026-9082
CRITICAL

This vulnerability is a SQL Injection flaw resulting from improper neutralization of special elements within SQL commands in Drupal core. The root cause lies in insufficient input sanitization allowing crafted input to alter SQL queries. The affected component is Drupal core versions from 8.9.0 up to but not including specified patched releases across multiple major versions, impacting database query handling mechanisms.

CVSS 9.8
EPSS 84.6%
KEV Pred 74%
Product Drupal core drupal
CVSS v3.1 KEV CWE-89 PoC
14 May/26
CVE-2026-20182
CRITICAL

This vulnerability is an authentication bypass in the peering authentication mechanism of Cisco Catalyst SD-WAN Controller and Manager. The root cause lies in improper validation during the control connection handshaking process, allowing crafted requests to circumvent authentication checks. The affected component is the peering authentication feature responsible for establishing secure control connections within the SD-WAN fabric.

CVSS 10.0
EPSS 88.5%
KEV Pred 67%
Product Cisco Catalyst SD-WAN Manager cisco
CVSS v3.1 KEV CWE-287 Exploit PoC RANSOMWARE
13 May/26
CVE-2026-0257
CRITICAL

This vulnerability is an authentication bypass affecting the GlobalProtect portal and gateway components within Palo Alto Networks PAN-OS software. The root cause lies in improper validation of authentication mechanisms, allowing unauthorized users to circumvent security controls. The flaw specifically targets the authentication logic in the VPN access control process, enabling bypass without valid credentials.

CVSS 9.1
EPSS 86.7%
KEV Pred 72%
Product Palo Alto Networks Cloud NGFW palo
CVSS v3.1 CVSS v4.0 KEV CWE-565 PoC
13 May/26
CVE-2026-42945
HIGH

This vulnerability is a heap buffer overflow occurring in the ngx_http_rewrite_module of F5 NGINX Plus and NGINX Open Source. It arises when the rewrite directive is followed by another rewrite, if, or set directive using an unnamed PCRE capture group (e.g., $1, $2) combined with a replacement string containing a question mark (?). The flaw is rooted in improper handling of regular expression captures during HTTP request processing within the rewrite module.

CVSS 8.1
EPSS 61.5%
KEV Pred 65%
Product F5 NGINX Plus f5
CVSS v3.1 CVSS v4.0 CWE-122 PoC
12 May/26
CVE-2026-41089
CRITICAL

This vulnerability is a stack-based buffer overflow caused by improper handling of input data within the Windows Netlogon component. Specifically, the flaw arises from insufficient bounds checking during processing of network authentication requests, allowing data to overwrite adjacent memory on the stack. The affected component is the Netlogon Remote Protocol implementation in Microsoft Windows Server 2012 and later versions.

CVSS 9.8
EPSS 72.3%
KEV Pred 71%
Product Microsoft Windows Server 2012 microsoft
CVSS v3.1 CWE-121 PoC RANSOMWARE
08 May/26
CVE-2026-42208
CRITICAL

This vulnerability is a SQL injection caused by improper handling of user-supplied input in a database query. Specifically, the proxy server component of LiteLLM improperly concatenates the Authorization header value directly into the SQL query string instead of using parameterized queries. The affected feature is the API key verification mechanism within the proxy’s error-handling path that interacts with the backend database.

CVSS 9.8
EPSS 86.6%
KEV Pred 59%
Product BerriAI litellm berriai
CVSS v3.1 CVSS v4.0 KEV CWE-89 Exploit PoC
08 May/26
CVE-2026-42271
HIGH

This vulnerability is a command injection flaw in the LiteLLM proxy server component, specifically affecting the AI Gateway's handling of server configuration inputs. The root cause lies in two POST endpoints (/mcp-rest/test/connection and /mcp-rest/test/tools/list) that accept unvalidated server configuration data, including command, args, and env fields, which are executed via stdio transport as subprocesses with proxy process privileges. The lack of role-based access control combined with acceptance of arbitrary commands enables exploitation.

CVSS 8.8
EPSS 80.2%
KEV Pred 69%
Product BerriAI litellm berriai
CVSS v3.1 CVSS v4.0 KEV CWE-77 PoC
29 Apr/26
CVE-2026-41940
CRITICAL

This vulnerability is an authentication bypass affecting the login flow of cPanel and WHM versions later than 11.40. The root cause lies in improper validation within the authentication mechanism that allows unauthenticated requests to circumvent normal login procedures. The affected component is the control panel's authentication module responsible for user session establishment and access control.

CVSS 9.8
EPSS 98.1%
KEV Pred 67%
Product cPanel cpanel
CVSS v3.1 CVSS v4.0 KEV CWE-306 Exploit PoC RANSOMWARE
14 Apr/26
CVE-2026-32202
MEDIUM

This vulnerability is a protection mechanism failure classified under spoofing attacks. The root cause lies in improper validation within the Windows Shell component that handles network-originated inputs. Specifically, the flaw allows crafted network packets to bypass expected authenticity checks, enabling unauthorized manipulation of shell-related network communication.

CVSS 4.3
EPSS 64.1%
KEV Pred 73%
Product Microsoft Windows 10 Version 1607 microsoft
CVSS v3.1 KEV CWE-693 PoC RANSOMWARE
09 Apr/26
CVE-2026-39987
CRITICAL

This vulnerability is an authentication bypass in the marimo reactive Python notebook's WebSocket terminal interface. The root cause lies in the /terminal/ws endpoint, which omits the required authentication validation by skipping the validate_auth() call. Instead, it only verifies the running mode and platform support before establishing connections, exposing the terminal WebSocket to unauthenticated access.

CVSS 9.8
EPSS 95.6%
KEV Pred 53%
Product marimo-team marimo marimo-team
CVSS v3.1 CVSS v4.0 KEV CWE-306 PoC
07 Apr/26
CVE-2026-34197
HIGH

This vulnerability is a code injection flaw caused by improper input validation and control of code generation within Apache ActiveMQ Broker's Jolokia JMX-HTTP bridge. The affected component is the Jolokia endpoint exposed at /api/jolokia/ on the web console, where the default access policy allows execution of operations on all ActiveMQ MBeans. The root cause lies in the BrokerService's acceptance of crafted discovery URIs that trigger loading of remote Spring XML application contexts before configuration validation, enabling injection of malicious code via bean instantiation.

CVSS 8.8
EPSS 96.7%
KEV Pred 35%
Product Apache Software Foundation Apache ActiveMQ Broker apache
CVSS v3.1 KEV CWE-20 Exploit PoC
04 Apr/26
CVE-2026-35616
CRITICAL

This vulnerability is an improper access control flaw in Fortinet FortiClientEMS versions 7.4.5 and 7.4.6. The root cause lies in the failure to enforce authentication checks on certain API endpoints, allowing unauthenticated requests to invoke privileged functions. The affected component is the FortiClientEMS management server handling incoming API requests.

CVSS 9.1
EPSS 88.5%
KEV Pred 73%
Product Fortinet FortiClientEMS fortinet
CVSS v3.1 KEV CWE-284 PoC RANSOMWARE
23 Mar/26
CVE-2026-33634
HIGH

This vulnerability is a supply chain compromise involving credential theft and unauthorized code injection. The root cause is improper credential management and non-atomic credential rotation, which allowed an attacker to use valid tokens to push malicious commits and replace version tags in GitHub repositories. The affected components include the aquasecurity Trivy binary (version 0.69.4), the trivy-action GitHub Action (versions 0.0.1 to 0.34.2), and the setup-trivy GitHub Action (versions 0.2.0 to 0.2.6).

CVSS 8.8
EPSS 60.4%
KEV Pred 72%
Product aquasecurity setup-trivy aquasecurity
CVSS v3.1 CVSS v4.0 KEV CWE-506 PoC
23 Mar/26
CVE-2026-3055
CRITICAL

This vulnerability is a memory overread caused by insufficient input validation within the SAML Identity Provider (IDP) functionality of NetScaler ADC and NetScaler Gateway. Specifically, the flaw arises when processing malformed SAML assertions or requests, leading to out-of-bounds memory access. The affected components are the NetScaler ADC and NetScaler Gateway platforms configured as SAML IDPs, where input handling routines fail to properly verify data boundaries.

CVSS 9.8
EPSS 84.0%
KEV Pred 73%
Product NetScaler ADC netscaler
CVSS v3.1 CVSS v4.0 KEV CWE-125 Exploit PoC
20 Mar/26
CVE-2026-33017
CRITICAL

This vulnerability is an unauthenticated remote code execution caused by improper input validation and insecure code execution. The affected component is the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint in langflow-ai langflow versions prior to 1.9.0. The root cause is that the endpoint accepts attacker-controlled flow data containing arbitrary Python code, which is executed via Python's exec() function without sandboxing or authentication checks.

CVSS 9.8
EPSS 98.2%
KEV Pred 66%
Product langflow-ai langflow langflow-ai
CVSS v3.1 CVSS v4.0 KEV CWE-94 PoC
25 Feb/26
CVE-2026-20127
CRITICAL

This vulnerability is an authentication bypass affecting the peering authentication mechanism in Cisco Catalyst SD-WAN Controller and Manager components. The root cause lies in improper validation of authentication requests during the peering process, which fails to enforce correct credentials. This flaw resides specifically within the peering authentication subsystem responsible for establishing trust between SD-WAN nodes.

CVSS 10.0
EPSS 57.8%
KEV Pred 72%
Product Cisco Catalyst SD-WAN Manager cisco
CVSS v3.1 KEV CWE-287 Exploit PoC RANSOMWARE
10 Feb/26
CVE-2026-1603
HIGH

This vulnerability is an authentication bypass in Ivanti Endpoint Manager versions prior to 2024 SU5. It stems from improper access control mechanisms within the RemoteControlAuth API, specifically the POST /RemoteControlAuth/api/Auth endpoint. The flaw allows unauthenticated remote actors to bypass normal authentication checks and access sensitive credential data stored by the application.

CVSS 7.5
EPSS 80.6%
KEV Pred 79%
Product Ivanti Endpoint Manager ivanti
CVSS v3.1 KEV CWE-288
06 Feb/26
CVE-2026-1731
CRITICAL

This vulnerability is a pre-authentication remote code execution caused by improper input validation in BeyondTrust Remote Support and older Privileged Remote Access versions. The root cause lies in the WebSocket endpoint /nw, which accepts binary payloads without adequate sanitization, allowing injection of operating system commands. The affected components are the WebSocket service and the mechanism that retrieves the company identifier via the /get_mech_list endpoint, which is exploited to authenticate the malicious WebSocket connection.

CVSS 9.8
EPSS 88.1%
KEV Pred 72%
Product BeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) beyondtrust
CVSS v3.1 CVSS v4.0 KEV CWE-78 Exploit PoC RANSOMWARE
06 Feb/26
CVE-2026-21643
CRITICAL

This vulnerability is a SQL injection flaw rooted in improper neutralization of special characters within SQL commands. The issue arises from insufficient input validation in the Fortinet FortiClientEMS web interface, allowing crafted HTTP requests to manipulate backend database queries. The affected component is the FortiClientEMS management system version 7.4.4, specifically its handling of SQL statements triggered by user-supplied input.

CVSS 9.8
EPSS 94.1%
KEV Pred 73%
Product Fortinet FortiClientEMS fortinet
CVSS v3.1 KEV CWE-89 PoC RANSOMWARE
29 Jan/26
CVE-2026-1340
CRITICAL

This vulnerability is a code injection flaw rooted in improper input validation within Ivanti Endpoint Manager Mobile. The affected component fails to sanitize user-supplied data before processing, enabling malicious payloads to be injected and executed. The flaw resides in the core mobile management service handling remote commands or scripts without adequate security controls.

CVSS 9.8
EPSS 84.0%
KEV Pred 70%
Product Ivanti Endpoint Manager Mobile ivanti
CVSS v3.1 KEV CWE-94 Exploit RANSOMWARE
29 Jan/26
CVE-2026-1281
CRITICAL

This vulnerability is a code injection flaw rooted in improper handling of user-supplied input within Ivanti Endpoint Manager Mobile. Specifically, the affected component fails to sanitize input parameters, enabling injection of arbitrary code into the execution context. The flaw resides in the mobile management interface, which processes remote requests without adequate validation, allowing attackers to inject and execute code remotely without authentication.

CVSS 9.8
EPSS 81.2%
KEV Pred 73%
Product Ivanti Endpoint Manager Mobile ivanti
CVSS v3.1 KEV CWE-94 Exploit PoC RANSOMWARE
28 Jan/26
CVE-2025-40551
CRITICAL

This vulnerability is an unsafe deserialization flaw within the jabsorb JSON-RPC library used by SolarWinds Web Help Desk. The root cause lies in the insecure handling of serialized data objects, allowing manipulation of the deserialization process. The affected component is the Apache Xalan JNDIConnectionPool class, which is exploited through crafted JSON-RPC requests processed by the web application.

CVSS 9.8
EPSS 84.1%
KEV Pred 73%
Product SolarWinds Web Help Desk solarwinds
CVSS v3.1 KEV CWE-502 Exploit
28 Jan/26
CVE-2025-40536
CRITICAL

This vulnerability is a security control bypass affecting SolarWinds Web Help Desk, rooted in insufficient enforcement of access restrictions within the application's web interface. The flaw allows unauthenticated users to circumvent authentication and authorization controls, exposing restricted administrative functions. The affected component is the Web Help Desk application prior to version 12.8.8 Hotfix 1, where access control mechanisms fail to properly validate user privileges on sensitive endpoints.

CVSS 9.8
EPSS 81.6%
KEV Pred 78%
Product SolarWinds Web Help Desk solarwinds
CVSS v3.1 KEV CWE-693 Exploit PoC
27 Jan/26
CVE-2026-24858
CRITICAL

This vulnerability is an authentication bypass caused by improper validation of FortiCloud SSO authentication tokens. The flaw resides in Fortinet FortiOS and associated products, where the authentication mechanism fails to correctly verify user-device bindings. This allows an attacker with a valid FortiCloud account and a registered device to exploit alternate authentication paths, bypassing standard credential checks within the FortiCloud SSO integration component.

CVSS 9.8
EPSS 85.8%
KEV Pred 60%
Product Fortinet FortiOS fortinet
CVSS v3.1 KEV CWE-288 PoC RANSOMWARE
23 Jan/26
CVE-2026-24423
CRITICAL

This vulnerability is an unauthenticated remote code execution flaw caused by missing authentication controls in the ConnectToHub API method of SmarterTools SmarterMail. The root cause lies in the ConnectToHub feature accepting arbitrary HTTP server URLs without validation, allowing injection of malicious OS commands. The affected component is the ConnectToHub API method in SmarterMail versions prior to build 9511.

CVSS 9.8
EPSS 87.7%
KEV Pred 76%
Product SmarterTools SmarterMail smartertools
CVSS v3.1 CVSS v4.0 KEV CWE-306 PoC RANSOMWARE
22 Jan/26
CVE-2026-23760
CRITICAL

This vulnerability is an authentication bypass affecting the password reset API of SmarterTools SmarterMail prior to build 9511. The root cause is the force-reset-password endpoint permitting anonymous requests without validating existing credentials or reset tokens. This flaw specifically impacts the system administrator account management functionality within the API, allowing unauthorized password resets.

CVSS 9.8
EPSS 96.3%
KEV Pred 66%
Product SmarterTools SmarterMail smartertools
CVSS v3.1 CVSS v4.0 KEV CWE-288 PoC RANSOMWARE
21 Jan/26
CVE-2026-24061
CRITICAL

This vulnerability is an authentication bypass affecting the telnetd daemon in GNU Inetutils versions up to 2.7. The root cause lies in improper handling of the USER environment variable, where providing a "-f root" value bypasses normal authentication checks. The flaw resides specifically in the telnetd component's user authentication mechanism, allowing unauthorized access without credential verification.

CVSS 9.8
EPSS 98.9%
KEV Pred 65%
Product GNU Inetutils gnu
CVSS v3.1 KEV CWE-88 Exploit PoC RANSOMWARE
29 Dec/25
CVE-2025-52691
CRITICAL

This vulnerability is an unrestricted file upload flaw in SmarterTools SmarterMail's mail server component. The root cause lies in insufficient validation of uploaded file paths and names in the POST /api/upload endpoint. This allows unauthenticated users to manipulate file path parameters, bypassing normal upload restrictions and placing files arbitrarily on the server filesystem.

CVSS 10.0
EPSS 85.5%
KEV Pred 80%
Product SmarterTools SmarterMail smartertools
CVSS v3.1 KEV CWE-434 Exploit PoC RANSOMWARE
19 Dec/25
CVE-2025-68613
HIGH

This vulnerability is a critical remote code execution flaw caused by insufficient isolation in the workflow expression evaluation component of n8n. The root cause lies in the evaluation context for expressions supplied by authenticated users during workflow configuration, which is not adequately sandboxed from the underlying Node.js runtime environment. This permits execution of arbitrary code within the n8n process context via crafted expressions.

CVSS 8.8
EPSS 97.9%
KEV Pred 83%
Product n8n-io n8n n8n-io
CVSS v3.1 KEV CWE-913 Exploit PoC
19 Dec/25
CVE-2025-14847
HIGH

This vulnerability is a memory disclosure issue caused by improper handling of Zlib compressed protocol headers within the MongoDB Server's wire protocol. Specifically, mismatched length fields in the compressed data lead to reading uninitialized heap memory due to the server trusting the client-declared uncompressed size without proper memory initialization. The flaw resides in the zlib decompression logic processing OP_COMPRESSED messages, affecting multiple MongoDB Server versions across several major releases.

CVSS 7.5
EPSS 83.0%
KEV Pred 62%
Product MongoDB Inc. MongoDB Server mongodb
CVSS v3.1 CVSS v4.0 KEV CWE-130 Exploit PoC
16 Dec/25
CVE-2025-37164
CRITICAL

This vulnerability is a remote code execution flaw caused by improper input validation leading to unsafe dynamic command execution within the HPE OneView API. Specifically, the issue arises from the /rest/id-pools/executeCommand endpoint, which accepts user-supplied commands without adequate sanitization. The affected component is the HPE OneView REST API service, which processes these commands and executes them on the underlying system, enabling injection of arbitrary commands.

CVSS 9.8
EPSS 89.7%
KEV Pred 70%
Product Hewlett Packard Enterprise (HPE) HPE OneView hewlett
CVSS v3.1 KEV CWE-94 Exploit PoC
12 Dec/25
CVE-2025-14611
CRITICAL

This vulnerability is a hardcoded credentials flaw involving the use of fixed AES cryptographic keys within Gladinet CentreStack and TrioFox prior to version 16.12.10420.56791. The root cause lies in the insecure implementation of AES cryptoscheme parameters embedded directly in the application code. This affects cryptographic components responsible for securing communications and file handling in publicly exposed endpoints of the affected products.

CVSS 9.8
EPSS 50.9%
KEV Pred 78%
Product Gladinet CentreStack and TrioFox gladinet
CVSS v3.1 CVSS v4.0 KEV CWE-798 Exploit PoC
10 Dec/25
CVE-2025-8110
HIGH

This vulnerability is a symbolic link (symlink) bypass flaw in the PutContents API of the Gogs self-hosted Git service. The root cause lies in improper handling of symlinks during file write operations, where the API fails to verify if the target file paths are symlinks pointing outside the intended repository directory. This allows authenticated users to manipulate file system paths, affecting the repository management component responsible for content storage.

CVSS 8.8
EPSS 76.5%
KEV Pred 72%
Product Gogs gogs
CVSS v3.1 CVSS v4.0 KEV CWE-22 PoC
09 Dec/25
CVE-2025-59718
CRITICAL

This vulnerability is an authentication bypass caused by improper verification of cryptographic signatures in the SAML response processing of Fortinet FortiSwitchManager and related Fortinet products. The root cause lies in the failure to correctly validate the cryptographic signature of SAML assertions, allowing crafted messages to bypass FortiCloud SSO login authentication. The affected component is the SAML authentication mechanism within FortiSwitchManager versions 7.0.0 through 7.0.5 and 7.2.0 through 7.2.6, as well as specific FortiOS and FortiProxy versions.

CVSS 9.8
EPSS 66.3%
KEV Pred 77%
Product Fortinet FortiSwitchManager fortinet
CVSS v3.1 KEV CWE-347 PoC RANSOMWARE
05 Dec/25
CVE-2025-34291
HIGH

This vulnerability is an authentication bypass combined with a cross-origin resource sharing (CORS) misconfiguration in Langflow versions up to 1.6.9. The root cause lies in an overly permissive CORS policy that allows any origin with credentials included, coupled with refresh token cookies set as SameSite=None. This combination enables unauthorized cross-origin requests to the refresh token endpoint, affecting the authentication and session management components of the application.

CVSS 8.8
EPSS 78.9%
KEV Pred 73%
Product Langflow langflow
CVSS v3.1 CVSS v4.0 KEV CWE-346 PoC
03 Dec/25
CVE-2025-55182
CRITICAL

This vulnerability is a remote code execution flaw caused by unsafe deserialization of untrusted data. The root cause lies in the React Server Components feature, specifically in versions 19.0.0 through 19.2.0 and related packages such as react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The affected component improperly processes payloads received via HTTP requests to Server Function endpoints, leading to execution of malicious code without authentication.

CVSS 10.0
EPSS 99.6%
KEV Pred 85%
Product Meta react-server-dom-webpack meta
CVSS v3.1 KEV CWE-502 Exploit PoC RANSOMWARE
25 Nov/25
CVE-2025-58360
CRITICAL

This vulnerability is an XML External Entity (XXE) injection affecting GeoServer's XML input processing. The root cause is insufficient sanitization and restriction of XML external entity definitions within the XML payload submitted to the /geoserver/wms GetMap operation. This flaw resides in the XML parser component handling user-supplied XML data, enabling malicious entity expansion.

CVSS 9.8
EPSS 66.8%
KEV Pred 78%
Product geoserver geoserver
CVSS v3.1 KEV CWE-611 Exploit PoC
18 Nov/25
CVE-2025-58034
HIGH

This vulnerability is an authenticated OS command injection affecting Fortinet FortiWeb versions 7.0.0 through 8.0.1. The root cause is improper neutralization of special elements in user-supplied input, allowing crafted HTTP requests or CLI commands to be interpreted and executed by the underlying operating system. The flaw resides in input handling mechanisms within FortiWeb's management interfaces that fail to sanitize command parameters adequately.

CVSS 7.2
EPSS 55.1%
KEV Pred 69%
Product Fortinet FortiWeb fortinet
CVSS v3.1 KEV CWE-78 Exploit
14 Nov/25
CVE-2025-64446
CRITICAL

This vulnerability is a relative path traversal flaw in the Fortinet FortiWeb web application firewall. It arises from improper validation of user-supplied input in HTTP/HTTPS requests, specifically within the API endpoint handling administrative system configurations. The flaw allows crafted requests to traverse directories and access restricted CGI scripts, bypassing normal access controls in the affected FortiWeb versions.

CVSS 9.8
EPSS 89.2%
KEV Pred 85%
Product Fortinet FortiWeb fortinet
CVSS v3.1 KEV CWE-23 Exploit PoC RANSOMWARE
10 Nov/25
CVE-2025-12480
CRITICAL

The vulnerability is an improper access control flaw affecting the initial setup pages of the Triofox file sharing platform. The root cause is the failure to restrict access to administrative setup endpoints after the initial configuration is complete. Specifically, unauthenticated network requests can access management interfaces that should be disabled post-setup, exposing sensitive administrative functionality.

CVSS 9.1
EPSS 90.5%
KEV Pred 75%
Product TrioFox triofox
CVSS v3.1 KEV CWE-284
07 Nov/25
CVE-2025-64328
HIGH

This vulnerability is a post-authentication command injection in the filestore module of FreePBX Endpoint Manager. The root cause is improper input sanitization in the check_ssh_connect() function invoked via the testconnection feature within the Administrative interface. The flaw allows execution of arbitrary commands due to unsafe handling of SSH connection parameters by authenticated users.

CVSS 7.2
EPSS 84.6%
KEV Pred 80%
Product FreePBX filestore freepbx
CVSS v3.1 CVSS v4.0 KEV CWE-78 Exploit PoC
03 Nov/25
CVE-2025-11953
CRITICAL

This vulnerability is an OS command injection in the Metro Development Server component of the React Native Community CLI. The root cause is that the server binds to external network interfaces by default and exposes an endpoint that improperly sanitizes input, allowing execution of arbitrary system commands. The flaw specifically affects the command execution handling within the server's exposed endpoint, enabling injection of shell commands on Windows platforms with fully controlled arguments.

CVSS 9.8
EPSS 62.4%
KEV Pred 83%
Product React Native Community CLI react
CVSS v3.1 KEV CWE-78 PoC
21 Oct/25
CVE-2025-61757
CRITICAL

This vulnerability is an authentication bypass in the REST WebServices component of Oracle Identity Manager. The root cause lies in improper access control validation on specific REST API endpoints, allowing unauthenticated network access via HTTP. Affected components include the RESTful interface responsible for governance and application management functions in versions 12.2.1.4.0 and 14.1.2.1.0.

CVSS 9.8
EPSS 88.3%
KEV Pred 85%
Product Oracle Corporation Identity Manager oracle
CVSS v3.1 KEV CWE-306 PoC
14 Oct/25
CVE-2025-59287
CRITICAL

This vulnerability is an insecure deserialization flaw in the Windows Server Update Service (WSUS) component of Microsoft Windows Server 2012. The root cause lies in WSUS's handling of untrusted data during deserialization processes within its SOAP-based web services, specifically the soapFormatter. Improper validation allows maliciously crafted serialized objects to be processed, leading to execution of arbitrary code.

CVSS 9.8
EPSS 100.0%
KEV Pred 84%
Product Microsoft Windows Server 2012 microsoft
CVSS v3.1 KEV CWE-502 Exploit PoC RANSOMWARE
Page 1 of 10 (484 total)