CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-42897
HighActively exploitedEPSS 83%

Microsoft Exchange Server has an improper neutralization of input during web page generation, leading to a cross-site scripting vulnerability. This flaw allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-20182
CriticalActively exploitedEPSS 100%

CVE-2026-20182 identifies an issue with the authentication mechanism in Cisco Catalyst SD-WAN Controller, Manager, and Validator that allows an unauthenticated attacker to bypass authentication and gain administrative privileges. An attacker could exploit this vulnerability by sending crafted requests to the system.

CVE-2026-0257
CriticalActively exploitedEPSS 98%

CVE-2026-0257 describes authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software, allowing an attacker to bypass security restrictions and establish an unauthorized VPN connection.

CVE-2026-45321
CriticalActively exploited

W dniu 11 maja 2026 roku opublikowano 84 złośliwe wersje w 42 pakietach @tanstack/* w rejestrze npm. Atakujący wykorzystał trzy znane klasy podatności, aby opublikować złośliwe oprogramowanie kradnące dane uwierzytelniające pod zaufaną tożsamością.

CVE-2026-42271
HighActively exploitedEPSS 100%

LiteLLM versions 1.74.2 through 1.83.6 have a vulnerability in the POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list endpoints, which accept a full MCP server configuration including commands to execute. An authenticated user with any API key (even low-privilege) can run arbitrary commands on the proxy host.

CVE-2026-42208
CriticalActively exploitedEPSS 100%

In LiteLLM versions from 1.81.16 to before 1.83.7, a SQL injection vulnerability exists during proxy API key checks. An unauthenticated attacker can send a crafted Authorization header, leading to reading and potentially modifying data in the proxy database.

CVE-2026-6973
HighActively exploitedEPSS 90%

An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated user with administrative access to achieve remote code execution.

CVE-2026-31431
HighActively exploitedEPSS 100%

In the Linux kernel, the in-place optimization for AEAD encryption via AF_ALG sockets has been reverted. Out-of-place operation is restored because source and destination come from different memory mappings, making the optimization unbeneficial. The complexity added for in-place operation has been removed, and associated data is copied directly.

CVE-2026-34197
HighActively exploitedEPSS 100%

A vulnerability in Apache ActiveMQ allows an authenticated attacker to achieve remote code execution via the Jolokia JMX-HTTP endpoint. It stems from improper input validation and code injection, enabling arbitrary code execution on the broker's JVM.

CVE-2026-20127
CriticalActively exploitedEPSS 99%

A vulnerability in the peering authentication mechanism in Cisco Catalyst SD-WAN Controller, Manager, and Validator allows an unauthenticated remote attacker to bypass the login process and gain administrative privileges on an affected system.

CVE-2026-24858
CriticalActively exploitedEPSS 90%

In Fortinet FortiAnalyzer, FortiManager, FortiNAC-F, FortiOS, FortiProxy, and FortiWeb, there is an authentication bypass vulnerability that allows an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts if FortiCloud SSO authentication is enabled on those devices.

CVE-2026-21509
HighActively exploitedEPSS 99%

Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally.

CVE-2025-59718
CriticalActively exploitedEPSS 94%

A vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager related to improper verification of cryptographic signature allows an unauthenticated attacker to bypass FortiCloud SSO login authentication via a crafted SAML response message.

CVE-2025-64328
HighActively exploitedEPSS 100%

The Endpoint Manager module in FreePBX, in versions 17.0.2.36 and above before 17.0.3, is vulnerable to post-authentication command injection by an authenticated known user. An attacker can leverage this vulnerability to gain remote access to the system as an asterisk user.

CVE-2025-57819
CriticalActively exploitedEPSS 100%

FreePBX, an open-source graphical user interface, has vulnerabilities in versions 15, 16, and 17 due to insufficiently sanitized user-supplied data. This allows unauthenticated access to the FreePBX Administrator, leading to arbitrary database manipulation and remote code execution.

CVE-2025-31277
HighActively exploitedEPSS 71%

A vulnerability in WebKit allows memory corruption when processing maliciously crafted web content. The issue was fixed by improving memory handling.

CVE-2024-7593
CriticalActively exploited

Nieprawidłowa implementacja algorytmu uwierzytelniania w Ivanti vTM, z wyjątkiem wersji 22.2R1 lub 22.7R2, umożliwia zdalnemu, nieautoryzowanemu atakującemu ominięcie uwierzytelnienia panelu administracyjnego.

CVE-2024-21182
HighActively exploited

Podatność w produkcie Oracle WebLogic Server w ramach Oracle Fusion Middleware (komponent: Core) dotyczy wersji 12.2.1.4.0 oraz 14.1.1.0.0. Łatwo eksploatowalna podatność pozwala nieautoryzowanemu atakującemu z dostępem do sieci na kompromitację Oracle WebLogic Server.

CVE-2023-41266
HighActively exploitedEPSS 100%

A path traversal vulnerability was found in Qlik Sense Enterprise for Windows in versions up to May 2023 Patch 3, February 2023 Patch 7, November 2022 Patch 10, and August 2022 Patch 12. This allows an unauthenticated remote attacker to generate an anonymous session and transmit HTTP requests to unauthorized endpoints.

CVE-2023-41265
CriticalActively exploitedEPSS 100%

An HTTP Request Tunneling vulnerability was found in Qlik Sense Enterprise for Windows affecting versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier. This allows a remote attacker to elevate their privilege by tunneling HTTP requests in the raw HTTP request.

PreviousPage 2 of 4Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS