A method to assess 'forgivable' vs 'unforgivable' vulnerabilities
Actively exploited. At least one CVE in this advisory is listed in the CISA Known Exploited Vulnerabilities catalog — exploitation has been observed in the wild. Treat remediation as urgent.
Research from the NCSC designed to eradicate vulnerability classes and make the top-level mitigations easier to implement.
CSIRTS triage
- What
- Research aims to categorize vulnerability classes for easier mitigation.
- Who is affected
- Organizations managing vulnerabilities.
- Urgency
- Remediation is important for improving vulnerability management.
- Action
- Review the research findings for implementation.
AI-assisted analysis generated from the source advisory — verify against the original.
Details
Original advisory: https://www.ncsc.gov.uk/report/a-method-to-assess-forgivable-vs-unforgivable-vulnerabilities
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Exploitation confirmedCVE-2023-34362Already exploited in the wild (CISA KEV) — the prediction phase is over. Patch now. Riskier than 100% of all scored CVEs.
- Exploitation confirmedCVE-2023-36934Already exploited in the wild (CISA KEV) — the prediction phase is over. Patch now. Riskier than 100% of all scored CVEs.
- Exploitation confirmedCVE-2023-27997Already exploited in the wild (CISA KEV) — the prediction phase is over. Patch now. Riskier than 100% of all scored CVEs.
- Exploitation confirmedCVE-2021-26084Already exploited in the wild (CISA KEV) — the prediction phase is over. Patch now. Riskier than 100% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2023-34362 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-36934 | coverage & exploitation status | NVD · CVE.org |
| CVE-2023-27997 | coverage & exploitation status | NVD · CVE.org |
| CVE-2021-26084 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- unknownPost-exploitation activities in Fortinet FortiGate (April 11, 2025)cert-fr-alerte
- criticalexploitedCVE-2023-27997: Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerabilitycisa-kev
- criticalexploitedCVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerabilitycisa-kev
- criticalexploitedCVE-2021-26084: Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection …cisa-kev
Recent advisories for A method to
A cluster of recent advisories against the same product widens the attack surface — attackers routinely chain freshly published CVEs on one product, so review these together.
- unknownCVE-2026-58492: grav-plugin-database is the database plugin for Grav CMS. Prior to 1.2.0, the PDO::tableExists…nvd · 2026-07-10
- highCVE-2026-40007: Uncontrolled Recursion, Uncontrolled Resource Consumption vulnerability in Apache IoTDB. When …nvd · 2026-07-10
- lowGHSA-2pg6-44cx-c49v: mint has potential CRLF injection in its HTTP request line via unvalidated `method`/`targ…ghsa · 2026-07-09
- mediumGHSA-6955-hrm5-c4qp: Sylius: Channel-based payment method restriction bypass on shop account orders API endpoi…ghsa · 2026-07-09
- unknownCVE-2026-55590: CakePHP Authentication is an authentication plugin for CakePHP that can also be used in PSR-7 …nvd · 2026-07-09
- highCVE-2026-51600: Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP r…nvd · 2026-07-09
More from NCSC-UK Publications
- unknownCyber Essentials Pathways: from proof of concept to cyber confidence2026-07-09
- unknownCyber Shield: The path to an agentic AI future for cyber defence2026-07-07
- unknownBuilding more resilient CNI: what industry pen testers told us2026-07-01
- unknownThe AI shift in cyber risk: why leaders must act now2026-06-22
- unknownAlert: NCSC issues advice following global targeting of Fortinet firewalls and VPN gateways2026-06-18