THREAT WATCH
High Microsoft Active Directory Federation Services: CVE-2026-56155 — Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability Medium Microsoft SharePoint Server: CVE-2026-56164 — Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability Actively Exploited SonicWall SMA1000 Appliances: CVE-2026-15409 — SonicWall SMA1000 Appliances Server-Side Request Forgery Vulnerability Actively Exploited SonicWall SMA1000 Appliances: CVE-2026-15410 — SonicWall SMA1000 Appliances Code Injection Vulnerability Medium Cisco IOS: CVE-2008-4128 — Cisco IOS Cross-Site Request Forgery Vulnerability Critical Balbooa Forms: CVE-2026-56291 — Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability Critical iCagenda iCagenda: CVE-2026-48939 — iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability Critical Joomlack Page Builder: CVE-2026-56290 — Joomlack Page Builder Improper Access Control Vulnerability High Microsoft Active Directory Federation Services: CVE-2026-56155 — Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability Medium Microsoft SharePoint Server: CVE-2026-56164 — Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability Actively Exploited SonicWall SMA1000 Appliances: CVE-2026-15409 — SonicWall SMA1000 Appliances Server-Side Request Forgery Vulnerability Actively Exploited SonicWall SMA1000 Appliances: CVE-2026-15410 — SonicWall SMA1000 Appliances Code Injection Vulnerability Medium Cisco IOS: CVE-2008-4128 — Cisco IOS Cross-Site Request Forgery Vulnerability Critical Balbooa Forms: CVE-2026-56291 — Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability Critical iCagenda iCagenda: CVE-2026-48939 — iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability Critical Joomlack Page Builder: CVE-2026-56290 — Joomlack Page Builder Improper Access Control Vulnerability

Threat Intelligence

Threat Intelligence Center LIVE

Curated threat intelligence from CISA KEV, NVD and EPSS — actively-exploited and recently-disclosed vulnerabilities, explained.

Threat Level High
Heightened risk. Prioritise patching this week.
40Actively Exploited
61Critical (all)
4Ransomware Linked
14%High EPSS (≥50% prob.)
40Recently Disclosed

Threats by Severity

80total
  • Critical61 (76%)
  • High12 (15%)
  • Medium4 (5%)
  • Low1 (1%)
  • Unscored2 (3%)

Threats by Type

  • Other37
  • Remote Code Execution17
  • Injection / Web9
  • Privilege / Auth Bypass8
  • Memory Safety7

Top Vendors

  • Cisco4
  • Microsoft3
  • Apache3
  • Ubiquiti3
  • SonicWall2

Top Affected Technologies

Windows6
Microsoft5
Cisco4
Apache3
Joomla3
Linux2
Severity
Timeframe
Critical Jul 14
CVE-2026-56190

CVE-2026-56190 — Use of uninitialized resource in Windows RDP allows…

Use of uninitialized resource in Windows RDP allows an unauthorized attacker to execute code over a…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-55010

CVE-2026-55010 — Heap-based buffer overflow in Minecraft Bedrock Dedicated Server…

Heap-based buffer overflow in Minecraft Bedrock Dedicated Server allows an unauthorized attacker to execute code over…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-50518

CVE-2026-50518 — Heap-based buffer overflow in Windows DHCP Server allows…

Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-50447

CVE-2026-50447 — Heap-based buffer overflow in Windows Message Queuing allows…

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over a…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-50380

CVE-2026-50380 — Heap-based buffer overflow in Windows GDI+ allows an…

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

Recently Disclosed
CVSS 9.6 Read advisory
Actively Exploited Jul 14
CVE-2026-15410

SonicWall SMA1000 Appliances

SonicWall

SonicWall SMA1000 Appliances contain a code injection vulnerability which in specific conditions could potentially enable a…

Actively ExploitedCISA KEV
Read advisory
Actively Exploited Jul 14
CVE-2026-15409

SonicWall SMA1000 Appliances

SonicWall

SonicWall SMA1000 Appliances contain a server-side request forgery vulnerability that could allow a remote unauthenticated attacker…

Actively ExploitedCISA KEV
Read advisory
Medium Jul 14
CVE-2026-56164

Microsoft SharePoint Server

Microsoft

Microsoft SharePoint contains a missing authentication for critical function vulnerability that allows an unauthorized attacker to…

Actively ExploitedCISA KEV
CVSS 5.3 Read advisory
High Jul 14
CVE-2026-56155

Microsoft Active Directory Federation Services

Microsoft

Microsoft Active Directory Federation Services contains an insufficient granularity of access control vulnerability that allows an…

Actively ExploitedCISA KEV
CVSS 7.8 Read advisory
Critical Jul 14
CVE-2026-58644

CVE-2026-58644 — Deserialization of untrusted data in Microsoft Office SharePoint…

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-55008

CVE-2026-55008 — Improper neutralization of input during web page generation…

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an…

Recently Disclosed
CVSS 9.6 Read advisory
Critical Jul 14
CVE-2026-54990

CVE-2026-54990 — Heap-based buffer overflow in Remote Desktop Client allows…

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-50522

CVE-2026-50522 — Deserialization of untrusted data in Microsoft Office SharePoint…

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-49798

CVE-2026-49798 — Use after free in Windows Kernel allows an…

Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

Recently Disclosed
CVSS 9.3 Read advisory
Critical Jul 14
CVE-2026-49172

CVE-2026-49172 — Heap-based buffer overflow in Windows FTP Service allows…

Heap-based buffer overflow in Windows FTP Service allows an unauthorized attacker to execute code over a…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-48561

CVE-2026-48561 — Improper neutralization of special elements used in a…

Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an…

Recently Disclosed
CVSS 9.6 Read advisory
Critical Jul 14
CVE-2026-42990

CVE-2026-42990 — Heap-based buffer overflow in SQL Server ODBC driver…

Heap-based buffer overflow in SQL Server ODBC driver allows an unauthorized attacker to execute code over…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-15701

CVE-2026-15701 — A weakness has been identified in Totolink NR1800X…

A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B20210910. Affected by this issue is the function…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-62392

Apache Kylin

Apache

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-62390

Apache Kylin

Apache

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Kylin.…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-58319

Apache Doris

Apache

Certain Apache Doris FE HTTP REST administrative APIs were accessible without proper authentication. An unauthenticated attacker…

Recently Disclosed
CVSS 9.1 EPSS 0% Read advisory
Critical Jul 14
CVE-2026-58479

CVE-2026-58479 — Sustainable Irrigation Platform (SIP) through version 5.2.16 contains…

Sustainable Irrigation Platform (SIP) through version 5.2.16 contains a command injection vulnerability in the optional cli_control…

Recently Disclosed
CVSS 9.8 Read advisory
Critical Jul 14
CVE-2026-56451

CVE-2026-56451 — A vulnerability has been identified in Opcenter X…

A vulnerability has been identified in Opcenter X (All versions < V2604). Affected applications do not…

Recently Disclosed
CVSS 10 EPSS 0% Read advisory
Critical Jul 14
CVE-2026-44761

CVE-2026-44761 — SAP Commerce Cloud could retain a sample OAuth2…

SAP Commerce Cloud could retain a sample OAuth2 client with publicly documented sample credentials originating from…

Recently Disclosed
CVSS 9.1 EPSS 0% Read advisory
Critical Jul 14
CVE-2026-44747

CVE-2026-44747 — SAP NetWeaver Application Server ABAP allows an authenticated…

SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management…

Recently Disclosed
CVSS 9.9 EPSS 0% Read advisory
Critical Jul 14
CVE-2026-27690

CVE-2026-27690 — Due to an HTTP Request Smuggling vulnerability in…

Due to an HTTP Request Smuggling vulnerability in SAP Approuter, an unauthenticated attacker could send a…

Recently Disclosed
CVSS 9.1 EPSS 1% Read advisory
Critical Jul 13
CVE-2026-13221

Perl Perl

Perl

Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than…

Recently Disclosed
CVSS 9.1 EPSS 0% Read advisory
Critical Jul 13
CVE-2026-57830

Ollyo Helix Ultimate

Ollyo

The Joomla extension Helix Ultimate is vulnerable to an unauthenticated arbitrary file deletion.

Recently Disclosed
CVSS 9.1 EPSS 0% Read advisory
Critical Jul 13
CVE-2026-40469

Fossies Gawk

Fossies

Integer overflow vulnerability has been found in "builtin.c" program file of gawk (do_sub() routine). This issue…

Recently Disclosed
CVSS 9.1 EPSS 0% Read advisory
Critical Jul 13
CVE-2026-40468

Fossies Gawk

Fossies

Integer overflow vulnerability has been found in "builtin.c" program file of gawk. This issue may lead…

Recently Disclosed
CVSS 9.1 EPSS 0% Read advisory
Critical Jul 13
CVE-2026-62327

CVE-2026-62327 — 9Router through version 0.4.41 contain an unauthenticated information…

9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to retrieve…

Recently Disclosed
CVSS 9.1 EPSS 0% Read advisory
Critical Jul 13
CVE-2026-59801

CVE-2026-59801 — 9Router through version 0.4.41 contains an unauthenticated access…

9Router through version 0.4.41 contains an unauthenticated access vulnerability that allows remote attackers to interact with…

Recently Disclosed
CVSS 9.8 EPSS 1% Read advisory
Critical Jul 13
CVE-2026-61500

CVE-2026-61500 — Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie…

Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie signing key from the non-cryptographic Math.random() generator and…

Recently Disclosed
CVSS 9.8 EPSS 1% Read advisory
Medium Jul 13
CVE-2008-4128

Cisco IOS

Cisco

Cisco IOS 12.4 contains multiple cross-site forgery vulnerabilities that allows remote attackers to execute arbitrary commands…

Actively ExploitedCISA KEV
CVSS 4.3 EPSS 24% Read advisory
Critical Jul 13
CVE-2026-61498

CVE-2026-61498 — Vitec Flamingo 4.12.2 contains an unauthenticated OS command…

Vitec Flamingo 4.12.2 contains an unauthenticated OS command injection vulnerability in the admin/ajax/gen_graphs.php endpoint that allows…

Recently Disclosed
CVSS 9.8 EPSS 2% Read advisory
Critical Jul 13
CVE-2026-4769

CVE-2026-4769 — Certain devices in the WAGO System I/O Field…

Certain devices in the WAGO System I/O Field series activate an internal diagnostic capability during the…

Recently Disclosed
CVSS 9.8 EPSS 0% Read advisory
Critical Jul 12
CVE-2026-15511

CVE-2026-15511 — A vulnerability was determined in Comfast CF-WR631AX V3…

A vulnerability was determined in Comfast CF-WR631AX V3 up to 2.7.0.8. Affected by this vulnerability is…

Recently Disclosed
CVSS 9.8 EPSS 3% Read advisory
Critical Jul 12
CVE-2026-56271

CVE-2026-56271 — Flowise before 3.1.0 (affected versions 3.0.13 and earlier)…

Flowise before 3.1.0 (affected versions 3.0.13 and earlier) uses weak hardcoded default JWT secrets ('auth_token', 'refresh_token')…

Recently Disclosed
CVSS 9.8 EPSS 0% Read advisory
Critical Jul 12
CVE-2026-56260

CVE-2026-56260 — Crawl4AI before 0.8.7 contains an arbitrary file write…

Crawl4AI before 0.8.7 contains an arbitrary file write vulnerability in the Docker API server's /screenshot and…

Recently Disclosed
CVSS 9.1 EPSS 0% Read advisory
Critical Jul 11
CVE-2026-57827

Rsjoomla Rsfiles!

Rsjoomla

The Joomla extension RSFiles is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable…

Recently Disclosed
CVSS 9.8 EPSS 0% Read advisory
Low Jul 11
CVE-2026-56372

Imagemagick Imagemagick

Imagemagick

ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the magnify operation that allows attackers…

Recently Disclosed
CVSS 3.3 EPSS 0% Read advisory
Critical Jul 11
CVE-2026-61447

CVE-2026-61447 — PraisonAI before 1.6.78 contains a remote code execution…

PraisonAI before 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_python() that executes LLM-generated Python code…

Recently Disclosed
CVSS 10 EPSS 1% Read advisory
Critical Jul 11
CVE-2026-61445

CVE-2026-61445 — PraisonAI before 4.6.78 contains arbitrary file write and…

PraisonAI before 4.6.78 contains arbitrary file write and command execution vulnerabilities in the AICoder component due…

Recently Disclosed
CVSS 9.9 EPSS 1% Read advisory
Critical Jul 11
CVE-2026-60090

CVE-2026-60090 — PraisonAI before 4.6.78 fails to validate the caller-controlled…

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store…

Recently Disclosed
CVSS 9.8 EPSS 0% Read advisory
Critical Jul 10
CVE-2026-57156

Freerdp Freerdp

Freerdp

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.28.0 on 32-bit builds,…

Recently Disclosed
CVSS 9.8 EPSS 1% Read advisory
Critical Jul 10
CVE-2026-48939

iCagenda iCagenda

iCagenda

iCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 2% Read advisory
Critical Jul 10
CVE-2026-56291

Balbooa Forms

Balbooa

Balbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 1% Read advisory
Critical Jul 7
CVE-2026-48282

Adobe ColdFusion

Adobe

Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the…

Actively ExploitedCISA KEV
CVSS 10 EPSS 29% Read advisory
Critical Jul 7
CVE-2026-56290

Joomlack Page Builder

Joomlack

Joomlack Page Builder contains an improper access control vulnerability that could allow for remote code execution…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 3% Read advisory
High Jul 7
CVE-2026-55255

Langflow Langflow

Langflow

Langflow contains an authorization bypass through user-controlled key vulnerability which allows an authenticated attacker to execute…

Actively ExploitedCISA KEV
CVSS 8.4 EPSS 1% Read advisory
Critical Jul 7
CVE-2026-48908

JoomShaper SP Page Builder

JoomShaper

JoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 2% Read advisory
High Jul 1
CVE-2026-45659

Microsoft SharePoint Server

Microsoft

Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to…

Actively ExploitedCISA KEV
CVSS 8.8 EPSS 3% Read advisory
Critical Jun 29
CVE-2026-48558

SimpleHelp SimpleHelp

SimpleHelp

SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured,…

Actively ExploitedCISA KEV
CVSS 10 EPSS 1% Read advisory
High Jun 25
CVE-2026-20230

Cisco Unified Communications Manager

Cisco

Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM…

Actively ExploitedCISA KEV
CVSS 8.6 EPSS 42% Read advisory
Critical Jun 25
CVE-2026-12569

PTC Windchill and FlexPLM

PTC

PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 1% Read advisory
Critical Jun 23
CVE-2026-34908

Ubiquiti UniFi OS

Ubiquiti

Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with…

Actively ExploitedCISA KEV
CVSS 10 EPSS 2% Read advisory
Critical Jun 23
CVE-2026-34909

Ubiquiti UniFi OS

Ubiquiti

Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access…

Actively ExploitedCISA KEV
CVSS 10 EPSS 2% Read advisory
Critical Jun 23
CVE-2026-34910

Ubiquiti UniFi OS

Ubiquiti

Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with…

Actively ExploitedCISA KEV
CVSS 10 EPSS 79% Read advisory
Critical Jun 23
CVE-2025-67038

Lantronix EDS5000

Lantronix

Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 1% Read advisory
Critical Jun 18
CVE-2026-20253

Splunk Enterprise

Splunk

Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 88% Read advisory
Critical Jun 16
CVE-2026-48907

Widget Factory Joomla Content Editor

Widget Factory

Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 80% Read advisory
Medium Jun 15
CVE-2026-20262

Cisco Catalyst SD-WAN Manager

Cisco

Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated,…

Actively ExploitedCISA KEV
CVSS 6.5 EPSS 8% Read advisory
High Jun 15
CVE-2026-54420

LiteSpeed cPanel Plugin

LiteSpeed

LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user…

Actively ExploitedCISA KEV
CVSS 8.5 EPSS 1% Read advisory
Critical Jun 12
CVE-2026-35273

Oracle PeopleSoft Enterprise PeopleTools

Oracle

Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an…

Actively ExploitedCISA KEV Ransomware
CVSS 9.8 EPSS 92% Read advisory
Critical Jun 11
CVE-2026-10520

Ivanti Sentry

Ivanti

Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow…

Actively ExploitedCISA KEV
CVSS 10 EPSS 99% Read advisory
High Jun 9
CVE-2026-20245

Cisco Catalyst SD-WAN Manager

Cisco

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability.…

Actively ExploitedCISA KEV
CVSS 7.8 EPSS 25% Read advisory
Medium Jun 9
CVE-2026-7473

Arista Extensible Operating System

Arista

Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch…

Actively ExploitedCISA KEV
CVSS 5.8 EPSS 1% Read advisory
High Jun 9
CVE-2026-11645

Google Chromium V8

Google

Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute…

Actively ExploitedCISA KEV
CVSS 8.8 EPSS 2% Read advisory
Critical Jun 8
CVE-2026-50751

Check Point Security Gateway

Check Point

Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow…

Actively ExploitedCISA KEV Ransomware
CVSS 9.3 EPSS 70% Read advisory
High Jun 8
CVE-2026-42271

BerriAI LiteLLM

BerriAI

BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of…

Actively ExploitedCISA KEV
CVSS 8.8 EPSS 80% Read advisory
High Jun 5
CVE-2026-28318

SolarWinds Serv-U

SolarWinds

SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the…

Actively ExploitedCISA KEV
CVSS 7.5 EPSS 11% Read advisory
Critical Jun 3
CVE-2026-45247

Mirasvit Mirasvit Full Page Cache Warmer

Mirasvit

Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 28% Read advisory
High Jun 2
CVE-2025-48595

Android Framework

Android

Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for…

Actively ExploitedCISA KEV
CVSS 8.4 EPSS 2% Read advisory
High Jun 2
CVE-2022-0492

Linux Kernel

Linux

Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups…

Actively ExploitedCISA KEV
CVSS 7.8 EPSS 6% Read advisory
High Jun 1
CVE-2024-21182

Oracle WebLogic Server

Oracle

Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via…

Actively ExploitedCISA KEV
CVSS 7.5 EPSS 50% Read advisory
Critical May 29
CVE-2026-0257

Palo Alto Networks PAN-OS

Palo Alto Networks

Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions…

Actively ExploitedCISA KEV
CVSS 9.1 EPSS 87% Read advisory
Critical May 27
CVE-2026-8398

Daemon Daemon Tools Lite

Daemon

Daemon Tools contains an unspecified vulnerability that has a high impact on confidentiality, integrity, and availability.

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 1% Read advisory
Critical May 27
CVE-2026-45321

TanStack TanStack

TanStack

TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to…

Actively ExploitedCISA KEV Ransomware
CVSS 9.6 EPSS 2% Read advisory
Critical May 27
CVE-2026-48027

Nx Nx Console

Nx

Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console…

Actively ExploitedCISA KEV Ransomware
CVSS 9.8 EPSS 2% Read advisory
Critical May 26
CVE-2026-48172

LiteSpeed cPanel Plugin

LiteSpeed

LiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, which…

Actively ExploitedCISA KEV
CVSS 9.8 EPSS 19% Read advisory
Data sources CISA KEV NVD EPSS · FIRST.org Refreshed hourly