{"dataset":"csirts-advisories","description":"Index of every durable security advisory aggregated by CSIRTS.com from national CERTs, CERT-EU and vendor PSIRTs (24 sources), normalized to one schema with severity, CVE list, CISA-KEV exploitation flag and public-exploit-code flag. The NVD/GHSA firehose mirrors are excluded.","license":"https://creativecommons.org/licenses/by/4.0/","attribution":"CSIRTS.com — https://www.csirts.com","docs":"https://www.csirts.com/data","generated_at":"2026-07-09T17:23:30.444Z","count":4707,"rows":[{"num":187640,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8522-1","title":"USN-8522-1: LibRaw vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-5342","CVE-2026-20884","CVE-2026-20889","CVE-2026-21413","CVE-2026-24450","CVE-2026-24660"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T12:45:50+00:00","link":"https://ubuntu.com/security/notices/USN-8522-1","csirts_url":"https://www.csirts.com/advisory/usn-8522-1-libraw-vulnerabilities-187640"},{"num":187641,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8521-1","title":"USN-8521-1: Libidn vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2026-57053"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T12:36:22+00:00","link":"https://ubuntu.com/security/notices/USN-8521-1","csirts_url":"https://www.csirts.com/advisory/usn-8521-1-libidn-vulnerability-187641"},{"num":186827,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/cyber-essentials-pathways-from-proof-of-concept-to-cyber-confidence","title":"Cyber Essentials Pathways: from proof of concept to cyber confidence","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/cyber-essentials-pathways-from-proof-of-concept-to-cyber-confidence","csirts_url":"https://www.csirts.com/advisory/cyber-essentials-pathways-from-proof-of-186827"},{"num":191127,"source_id":"cisa","external_id":"/node/25137","title":"OpenPLC v3","severity":"critical","cvss":null,"cves":["CVE-2026-14480"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-190-01","csirts_url":"https://www.csirts.com/advisory/openplc-v3-191127"},{"num":191128,"source_id":"cisa","external_id":"/node/25139","title":"Schneider Electric Easergy MiCOM Px40 Series","severity":"critical","cvss":null,"cves":["CVE-2026-4832"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-190-03","csirts_url":"https://www.csirts.com/advisory/schneider-electric-easergy-micom-px40-191128"},{"num":191126,"source_id":"cisa","external_id":"/node/25138","title":"Schneider Electric PowerChute Serial Shutdown","severity":"critical","cvss":null,"cves":["CVE-2026-2399","CVE-2026-2404","CVE-2026-2405","CVE-2026-2403","CVE-2026-2400","CVE-2026-2401","CVE-2026-2402"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-190-02","csirts_url":"https://www.csirts.com/advisory/schneider-electric-powerchute-serial-191126"},{"num":187642,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8520-1","title":"USN-8520-1: Expat vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2026-41080"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T11:51:02+00:00","link":"https://ubuntu.com/security/notices/USN-8520-1","csirts_url":"https://www.csirts.com/advisory/usn-8520-1-expat-vulnerability-187642"},{"num":1684,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2163","title":"[UPDATE] [medium] Red Hat Enterprise Linux (ruby: net-imap): Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-42245","CVE-2026-42246","CVE-2026-42258"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T11:31:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2163","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1684"},{"num":18,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1393","title":"[UPDATE] [medium] LibreOffice: Vulnerability allows unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-4430"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T11:31:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1393","csirts_url":"https://www.csirts.com/advisory/update-medium-libreoffice-vulnerability-18"},{"num":81948,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1187","title":"[UPDATE] [high] Ruby and Ruby on Rails (erb gem): Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-41316"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T11:31:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1187","csirts_url":"https://www.csirts.com/advisory/update-high-ruby-and-ruby-on-rails-erb-81948"},{"num":186850,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2267","title":"[NEW] [high] n8n: Multiple vulnerabilities","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:46:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2267","csirts_url":"https://www.csirts.com/advisory/new-high-n8n-multiple-vulnerabilities-186850"},{"num":186851,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2266","title":"[NEW] [high] rclone: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-54572","CVE-2026-59732","CVE-2026-59733"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:46:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2266","csirts_url":"https://www.csirts.com/advisory/new-high-rclone-multiple-vulnerabilities-186851"},{"num":186852,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2265","title":"[NEW] [high] GitLab: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-13320","CVE-2026-6896","CVE-2026-11827","CVE-2026-7492","CVE-2026-8472","CVE-2025-12506","CVE-2026-13151","CVE-2026-6352"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:41:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2265","csirts_url":"https://www.csirts.com/advisory/new-high-gitlab-multiple-vulnerabilities-186852"},{"num":186854,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2263","title":"[NEW] [high] LiteLLM: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-59819","CVE-2026-59820","CVE-2026-59821","CVE-2026-59822"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:21:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2263","csirts_url":"https://www.csirts.com/advisory/new-high-litellm-multiple-vulnerabilities-186854"},{"num":186853,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2264","title":"[NEW] [high] FreeRDP: Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-45700"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:21:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2264","csirts_url":"https://www.csirts.com/advisory/new-high-freerdp-vulnerability-allows-186853"},{"num":1658,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1959","title":"[UPDATE] [high] Mozilla Firefox, Firefox ESR and Thunderbird: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-12289","CVE-2026-12290","CVE-2026-12291","CVE-2026-12292","CVE-2026-12293","CVE-2026-12294","CVE-2026-12295","CVE-2026-12296","CVE-2026-12297","CVE-2026-12298","CVE-2026-12299","CVE-2026-12300","CVE-2026-12301","CVE-2026-12302","CVE-2026-12303","CVE-2026-12304","CVE-2026-12305","CVE-2026-12306","CVE-2026-12307","CVE-2026-12308","CVE-2026-12309","CVE-2026-12310","CVE-2026-12311","CVE-2026-12312","CVE-2026-12313","CVE-2026-12314","CVE-2026-12315","CVE-2026-12316","CVE-2026-12317","CVE-2026-12318","CVE-2026-12319","CVE-2026-12320","CVE-2026-12321","CVE-2026-12322","CVE-2026-12323","CVE-2026-12324","CVE-2026-12325","CVE-2026-12326","CVE-2026-12327","CVE-2026-12328","CVE-2026-12329","CVE-2026-12330"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:16:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1959","csirts_url":"https://www.csirts.com/advisory/update-high-mozilla-firefox-firefox-esr-1658"},{"num":186855,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2262","title":"[NEW] [high] Progress Software MOVEit: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-10698","CVE-2026-10699","CVE-2026-11903"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:16:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2262","csirts_url":"https://www.csirts.com/advisory/new-high-progress-software-moveit-186855"},{"num":186857,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1606","title":"[UPDATE] [high] Mozilla Firefox and Thunderbird: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-8388","CVE-2026-8391","CVE-2026-8401","CVE-2026-8706","CVE-2026-8945","CVE-2026-8946","CVE-2026-8947","CVE-2026-8948","CVE-2026-8949","CVE-2026-8950","CVE-2026-8951","CVE-2026-8952","CVE-2026-8953","CVE-2026-8954","CVE-2026-8955","CVE-2026-8956","CVE-2026-8957","CVE-2026-8958","CVE-2026-8959","CVE-2026-8960","CVE-2026-8961","CVE-2026-8962","CVE-2026-8963","CVE-2026-8964","CVE-2026-8965","CVE-2026-8966","CVE-2026-8967","CVE-2026-8968","CVE-2026-8969","CVE-2026-8970","CVE-2026-8971","CVE-2026-8972","CVE-2026-8973","CVE-2026-8974","CVE-2026-8975"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:16:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1606","csirts_url":"https://www.csirts.com/advisory/update-high-mozilla-firefox-and-186857"},{"num":186858,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1503","title":"[UPDATE] [high] Mozilla Firefox: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-8388","CVE-2026-8389","CVE-2026-8390","CVE-2026-8391","CVE-2026-8401"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:16:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1503","csirts_url":"https://www.csirts.com/advisory/update-high-mozilla-firefox-multiple-186858"},{"num":1901,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1038","title":"[UPDATE] [medium] Apache Tomcat and Tomcat Native: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-34486","CVE-2026-24880","CVE-2026-25854","CVE-2026-29129","CVE-2026-29145","CVE-2026-29146","CVE-2026-32990","CVE-2026-34483","CVE-2026-34487","CVE-2026-34500"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:16:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1038","csirts_url":"https://www.csirts.com/advisory/update-medium-apache-tomcat-and-tomcat-1901"},{"num":186860,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2261","title":"[NEW] [high] Palo Alto Networks PAN-OS: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-0279","CVE-2026-0280","CVE-2026-0281","CVE-2026-0282","CVE-2026-0283","CVE-2026-0284","CVE-2026-0285","CVE-2026-0286","CVE-2026-0287","CVE-2026-0288"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:11:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2261","csirts_url":"https://www.csirts.com/advisory/new-high-palo-alto-networks-pan-os-186860"},{"num":186862,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2259","title":"[NEW] [medium] GStreamer: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-59691","CVE-2026-59692"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:11:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2259","csirts_url":"https://www.csirts.com/advisory/new-medium-gstreamer-multiple-186862"},{"num":186861,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2260","title":"[NEW] [high] IBM Operational Decision Manager: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2021-23337","CVE-2024-52046","CVE-2025-13465","CVE-2025-68161","CVE-2026-22731","CVE-2026-22733","CVE-2026-22740","CVE-2026-22741","CVE-2026-22746","CVE-2026-22747","CVE-2026-22751","CVE-2026-22753","CVE-2026-22754","CVE-2026-2332","CVE-2026-2950","CVE-2026-33870","CVE-2026-33871","CVE-2026-34477","CVE-2026-34478","CVE-2026-34479","CVE-2026-34480","CVE-2026-34481","CVE-2026-35554","CVE-2026-40971","CVE-2026-40973","CVE-2026-40974","CVE-2026-40975","CVE-2026-40976","CVE-2026-40977","CVE-2026-41409","CVE-2026-41417","CVE-2026-41635","CVE-2026-41715","CVE-2026-42778","CVE-2026-42779","CVE-2026-4800","CVE-2026-5795"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:11:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2260","csirts_url":"https://www.csirts.com/advisory/new-high-ibm-operational-decision-manager-186861"},{"num":186863,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2258","title":"[NEW] [medium] MISP: Multiple vulnerabilities allow bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-60124","CVE-2026-60125"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:11:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2258","csirts_url":"https://www.csirts.com/advisory/new-medium-misp-multiple-vulnerabilities-186863"},{"num":186864,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2257","title":"[NEW] [high] Juniper JUNOS and JUNOS Evolved: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-21901","CVE-2026-57025","CVE-2026-33799","CVE-2026-33801","CVE-2026-33803","CVE-2026-57028","CVE-2026-33794","CVE-2026-57029","CVE-2020-7450","CVE-2026-57027","CVE-2026-57032","CVE-2026-33802","CVE-2026-57031","CVE-2026-33800","CVE-2026-57019","CVE-2026-57054","CVE-2026-57023","CVE-2026-57026","CVE-2026-57022","CVE-2026-57024","CVE-2026-57020","CVE-2026-57030","CVE-2026-57021"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:11:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2257","csirts_url":"https://www.csirts.com/advisory/new-high-juniper-junos-and-junos-evolved-186864"},{"num":186865,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2256","title":"[NEW] [medium] MailPit: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:11:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2256","csirts_url":"https://www.csirts.com/advisory/new-medium-mailpit-multiple-186865"},{"num":186866,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2255","title":"[NEW] [medium] OpenCTI: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-35211"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:06:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2255","csirts_url":"https://www.csirts.com/advisory/new-medium-opencti-vulnerability-allows-186866"},{"num":186867,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2254","title":"[NEW] [low] RabbitMQ: Vulnerability allows information disclosure","severity":"low","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:06:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2254","csirts_url":"https://www.csirts.com/advisory/new-low-rabbitmq-vulnerability-allows-186867"},{"num":186869,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2252","title":"[NEW] [medium] Palo Alto Networks Cortex XDR Broker VM: Vulnerability allows privilege escalation","severity":"medium","cvss":null,"cves":["CVE-2026-0276"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:06:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2252","csirts_url":"https://www.csirts.com/advisory/new-medium-palo-alto-networks-cortex-xdr-186869"},{"num":186868,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2253","title":"[NEW] [high] IBM Security Verify Access: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2019-19921","CVE-2022-48830","CVE-2022-49024","CVE-2022-49269","CVE-2022-49353","CVE-2022-49357","CVE-2022-49432","CVE-2022-49437","CVE-2022-49443","CVE-2022-49623","CVE-2022-49627","CVE-2022-49643","CVE-2022-49648","CVE-2022-49657","CVE-2022-49670","CVE-2022-49672","CVE-2022-49845","CVE-2023-40403","CVE-2023-53034","CVE-2024-29371","CVE-2024-36350","CVE-2024-36357","CVE-2024-46689","CVE-2024-46744","CVE-2024-47679","CVE-2024-47727","CVE-2024-49570","CVE-2024-49864","CVE-2024-50060","CVE-2024-50195","CVE-2024-50294","CVE-2024-52332","CVE-2024-53052","CVE-2024-53090","CVE-2024-53119","CVE-2024-53135","CVE-2024-53170","CVE-2024-53216","CVE-2024-53229","CVE-2024-53241","CVE-2024-53680","CVE-2024-54456","CVE-2024-56603","CVE-2024-56645","CVE-2024-56662","CVE-2024-56672","CVE-2024-56675","CVE-2024-56690","CVE-2024-56709","CVE-2024-56739","CVE-2024-56786","CVE-2024-57981","CVE-2024-57986","CVE-2024-57987","CVE-2024-57988","CVE-2024-57989","CVE-2024-57990","CVE-2024-57993","CVE-2024-57995","CVE-2024-57998"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:06:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2253","csirts_url":"https://www.csirts.com/advisory/new-high-ibm-security-verify-access-186868"},{"num":186871,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2250","title":"[NEW] [medium] Wazuh: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-56401"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:01:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2250","csirts_url":"https://www.csirts.com/advisory/new-medium-wazuh-vulnerability-allows-186871"},{"num":186870,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2251","title":"[NEW] [high] Drupal Modules: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-15079","CVE-2026-15080","CVE-2026-15081","CVE-2026-15082","CVE-2026-15083","CVE-2026-15084","CVE-2026-15085","CVE-2026-15086","CVE-2026-15087","CVE-2026-15089"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T10:01:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2251","csirts_url":"https://www.csirts.com/advisory/new-high-drupal-modules-multiple-186870"},{"num":182404,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2249","title":"[NEW] [high] Bitwarden: Vulnerability allows bypassing of security measures","severity":"high","cvss":null,"cves":["CVE-2026-60104"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:41:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2249","csirts_url":"https://www.csirts.com/advisory/new-high-bitwarden-vulnerability-allows-182404"},{"num":1747,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1950","title":"[UPDATE] [medium] Red Hat OpenShift Container Platform (kubelet, cri-o, kube-apiserver): Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-35469"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:41:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1950","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-openshift-container-1747"},{"num":825,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1814","title":"[UPDATE] [high] Netty: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-50009","CVE-2026-44249","CVE-2026-44250","CVE-2026-44890","CVE-2026-44892","CVE-2026-44893","CVE-2026-44894","CVE-2026-45416","CVE-2026-45536","CVE-2026-45673","CVE-2026-45674","CVE-2026-46340","CVE-2026-47244","CVE-2026-47691","CVE-2026-48006","CVE-2026-48043","CVE-2026-48059","CVE-2026-48748","CVE-2026-50010","CVE-2026-50020","CVE-2026-50560"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:41:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1814","csirts_url":"https://www.csirts.com/advisory/update-high-netty-multiple-vulnerabilities-825"},{"num":1300,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2058","title":"[UPDATE] [high] FasterXML Jackson: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-50193","CVE-2026-54512","CVE-2026-54513","CVE-2026-54514","CVE-2026-54515","CVE-2026-54516","CVE-2026-54517","CVE-2026-54518"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:41:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2058","csirts_url":"https://www.csirts.com/advisory/update-high-fasterxml-jackson-multiple-1300"},{"num":1384,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1977","title":"[UPDATE] [medium] Red Hat Enterprise Linux (dracut): Vulnerability allows executing arbitrary code with administrator rights","severity":"medium","cvss":null,"cves":["CVE-2026-6893"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:41:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1977","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1384"},{"num":182409,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2248","title":"[NEW] [medium] FreeRDP: Vulnerability allows code execution and denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-56297"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:36:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2248","csirts_url":"https://www.csirts.com/advisory/new-medium-freerdp-vulnerability-allows-182409"},{"num":182410,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2247","title":"[NEW] [medium] Red Hat Enterprise Linux (libsolv, aardvark-dns): Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-35406","CVE-2026-48864"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:36:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2247","csirts_url":"https://www.csirts.com/advisory/new-medium-red-hat-enterprise-linux-182410"},{"num":81907,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1389","title":"[UPDATE] [high] Podman: Vulnerability allows bypassing security measures","severity":"high","cvss":null,"cves":["CVE-2025-6032"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1389","csirts_url":"https://www.csirts.com/advisory/update-high-podman-vulnerability-allows-81907"},{"num":147891,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1529","title":"[UPDATE] [high] Apache HTTP Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2023-38709","CVE-2024-42516","CVE-2024-43204","CVE-2024-43394","CVE-2024-47252","CVE-2025-23048","CVE-2025-49630","CVE-2025-49812","CVE-2025-53020"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1529","csirts_url":"https://www.csirts.com/advisory/update-high-apache-http-server-multiple-147891"},{"num":502,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1206","title":"[UPDATE] [medium] Perl: Vulnerability allows code execution and information disclosure","severity":"medium","cvss":null,"cves":["CVE-2025-40909"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1206","csirts_url":"https://www.csirts.com/advisory/update-medium-perl-vulnerability-allows-502"},{"num":182413,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1261","title":"[UPDATE] [medium] CoreDNS: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-47950"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1261","csirts_url":"https://www.csirts.com/advisory/update-medium-coredns-vulnerability-182413"},{"num":182415,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0679","title":"[UPDATE] [medium] Golang Go: Vulnerability allows bypassing of security measures","severity":"medium","cvss":null,"cves":["CVE-2025-22871"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0679","csirts_url":"https://www.csirts.com/advisory/update-medium-golang-go-vulnerability-182415"},{"num":519,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0226","title":"[UPDATE] [high] Red Hat Enterprise Linux (Advanced Cluster Management): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2024-45337","CVE-2024-45338","CVE-2024-55565"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0226","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-519"},{"num":182417,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3690","title":"[UPDATE] [high] Gitea: Vulnerability allows bypassing of security measures","severity":"high","cvss":null,"cves":["CVE-2024-45337"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3690","csirts_url":"https://www.csirts.com/advisory/update-high-gitea-vulnerability-allows-182417"},{"num":182418,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3339","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-50104","CVE-2024-50105","CVE-2024-50106","CVE-2024-50107","CVE-2024-50108","CVE-2024-50109","CVE-2024-50110","CVE-2024-50111","CVE-2024-50122","CVE-2024-50123","CVE-2024-50124","CVE-2024-50125","CVE-2024-50126","CVE-2024-50127","CVE-2024-50128","CVE-2024-50129","CVE-2024-50130","CVE-2024-50131","CVE-2024-50132","CVE-2024-50133","CVE-2024-50134","CVE-2024-50135","CVE-2024-50136","CVE-2024-50137","CVE-2024-50138","CVE-2023-52920","CVE-2024-50098","CVE-2024-50099","CVE-2024-50100","CVE-2024-50101","CVE-2024-50089","CVE-2024-50090","CVE-2024-50091","CVE-2024-50092","CVE-2024-50093","CVE-2024-50094","CVE-2024-50095","CVE-2024-50096","CVE-2024-50097","CVE-2024-50102","CVE-2024-50103","CVE-2024-50112","CVE-2024-50113","CVE-2024-50114","CVE-2024-50115","CVE-2024-50116","CVE-2024-50117","CVE-2024-50118","CVE-2024-50119","CVE-2024-50120","CVE-2024-50121","CVE-2020-12965"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3339","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-182418"},{"num":182419,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1108","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-27399","CVE-2023-52655","CVE-2024-27400","CVE-2023-52656","CVE-2024-27401","CVE-2024-27398"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1108","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-182419"},{"num":182421,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2038","title":"[UPDATE] [medium] PostgreSQL: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2023-39417","CVE-2023-39418"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2038","csirts_url":"https://www.csirts.com/advisory/update-medium-postgresql-multiple-182421"},{"num":182420,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0681","title":"[UPDATE] [medium] Red Hat Enterprise Linux: Golang component vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2024-1394"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0681","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-182420"},{"num":182423,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1219","title":"[UPDATE] [medium] QEMU: Multiple vulnerabilities allow information disclosure","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1219","csirts_url":"https://www.csirts.com/advisory/update-medium-qemu-multiple-182423"},{"num":182422,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0374","title":"[UPDATE] [high] GStreamer: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-1920","CVE-2022-1921","CVE-2022-1922","CVE-2022-1923","CVE-2022-1924","CVE-2022-1925"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0374","csirts_url":"https://www.csirts.com/advisory/update-high-gstreamer-multiple-182422"},{"num":182424,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1722","title":"[UPDATE] [high] QEMU and libvirt: Multiple vulnerabilities","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1722","csirts_url":"https://www.csirts.com/advisory/update-high-qemu-and-libvirt-multiple-182424"},{"num":182425,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0757","title":"[UPDATE] [medium] Red Hat Enterprise Linux: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:21:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0757","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-182425"},{"num":1321,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0086","title":"[UPDATE] [high] Linux Kernel: Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-68767","CVE-2025-68768","CVE-2025-68769","CVE-2025-68770","CVE-2025-68771","CVE-2025-68772","CVE-2025-68773","CVE-2025-68774","CVE-2025-68775","CVE-2025-68776","CVE-2025-68777","CVE-2025-68778","CVE-2025-68779","CVE-2025-68780","CVE-2025-68781","CVE-2025-68782","CVE-2025-68783","CVE-2025-68784","CVE-2025-68785","CVE-2025-68786","CVE-2025-68787","CVE-2025-68788","CVE-2025-68789","CVE-2025-68790","CVE-2025-68791","CVE-2025-68792","CVE-2025-68793","CVE-2025-68794","CVE-2025-68795","CVE-2025-68796","CVE-2025-68797","CVE-2025-68798","CVE-2025-68799","CVE-2025-68800","CVE-2025-68801","CVE-2025-68802","CVE-2025-68803","CVE-2025-68804","CVE-2025-68805","CVE-2025-68806","CVE-2025-68807","CVE-2025-68808","CVE-2025-68809","CVE-2025-68810","CVE-2025-68811","CVE-2025-68812","CVE-2025-68813","CVE-2025-68814","CVE-2025-68815","CVE-2025-68816","CVE-2025-68817","CVE-2025-68818","CVE-2025-68819","CVE-2025-68820","CVE-2025-68821","CVE-2025-68822","CVE-2025-68823","CVE-2025-71064","CVE-2025-71065","CVE-2025-71066"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:12:12+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0086","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1321"},{"num":182427,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0047","title":"[UPDATE] [medium] CoreDNS: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-68151"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:12:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0047","csirts_url":"https://www.csirts.com/advisory/update-medium-coredns-vulnerability-182427"},{"num":147888,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0044","title":"[UPDATE] [medium] libtasn1: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-13151"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:12:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0044","csirts_url":"https://www.csirts.com/advisory/update-medium-libtasn1-vulnerability-147888"},{"num":182430,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2765","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2022-50631","CVE-2022-50632","CVE-2022-50633","CVE-2022-50634","CVE-2022-50635","CVE-2022-50636","CVE-2022-50637","CVE-2022-50638","CVE-2022-50639","CVE-2022-50640","CVE-2022-50641","CVE-2022-50642","CVE-2022-50643","CVE-2022-50644","CVE-2022-50645","CVE-2022-50646","CVE-2022-50647","CVE-2022-50648","CVE-2022-50649","CVE-2022-50650","CVE-2022-50651","CVE-2022-50652","CVE-2022-50653","CVE-2022-50654","CVE-2022-50655","CVE-2022-50656","CVE-2022-50657","CVE-2022-50658","CVE-2022-50659","CVE-2022-50660","CVE-2022-50661","CVE-2022-50662","CVE-2022-50663","CVE-2022-50664","CVE-2022-50665","CVE-2022-50666","CVE-2022-50667","CVE-2022-50668","CVE-2022-50669","CVE-2022-50670","CVE-2022-50671","CVE-2022-50672","CVE-2022-50673","CVE-2022-50674","CVE-2022-50675","CVE-2022-50676","CVE-2022-50677","CVE-2022-50678","CVE-2022-50679","CVE-2023-53777","CVE-2023-53778","CVE-2023-53779","CVE-2023-53780","CVE-2023-53781","CVE-2023-53782","CVE-2023-53783","CVE-2023-53784","CVE-2023-53785","CVE-2023-53786","CVE-2023-53787"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:12:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2765","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-182430"},{"num":469,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2868","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-40346","CVE-2025-40347","CVE-2025-40348","CVE-2025-40349","CVE-2025-40350","CVE-2025-40351","CVE-2025-40352","CVE-2025-40353","CVE-2025-40354","CVE-2025-40355","CVE-2025-40356","CVE-2025-40357","CVE-2025-40358","CVE-2025-40359","CVE-2025-40360","CVE-2025-40361","CVE-2025-40362","CVE-2025-40363","CVE-2025-68167","CVE-2025-68168","CVE-2025-68169","CVE-2025-68170","CVE-2025-68171","CVE-2025-68172","CVE-2025-68173","CVE-2025-68174","CVE-2025-68175","CVE-2025-68176","CVE-2025-68177","CVE-2025-68178","CVE-2025-68179","CVE-2025-68180","CVE-2025-68181","CVE-2025-68182","CVE-2025-68183","CVE-2025-68184","CVE-2025-68185","CVE-2025-68186","CVE-2025-68187","CVE-2025-68188","CVE-2025-68189","CVE-2025-68190","CVE-2025-68191","CVE-2025-68192","CVE-2025-68193","CVE-2025-68194","CVE-2025-68195","CVE-2025-68196","CVE-2025-68197","CVE-2025-68198","CVE-2025-68199","CVE-2025-68200","CVE-2025-68201","CVE-2025-68202","CVE-2025-68203","CVE-2025-68204","CVE-2025-68205","CVE-2025-68206","CVE-2025-68207","CVE-2025-68208"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:12:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2868","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-469"},{"num":119774,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2747","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-40214","CVE-2025-40215","CVE-2025-40216","CVE-2025-40217","CVE-2025-40218","CVE-2025-40219","CVE-2025-40220","CVE-2025-40221","CVE-2025-40222","CVE-2025-40223","CVE-2025-40224","CVE-2025-40225","CVE-2025-40226","CVE-2025-40227","CVE-2025-40228","CVE-2025-40229","CVE-2025-40230","CVE-2025-40231","CVE-2025-40232","CVE-2025-40233","CVE-2025-40234","CVE-2025-40235","CVE-2025-40236","CVE-2025-40237","CVE-2025-40238","CVE-2025-40239","CVE-2025-40240","CVE-2025-40241","CVE-2025-40242","CVE-2025-40243","CVE-2025-40244","CVE-2025-40245","CVE-2025-40246","CVE-2025-40247","CVE-2025-40248","CVE-2025-40249","CVE-2025-40250","CVE-2025-40251","CVE-2025-40252","CVE-2025-40253","CVE-2025-40254","CVE-2025-40255","CVE-2025-40256","CVE-2025-40257","CVE-2025-40258","CVE-2025-40259","CVE-2025-40260","CVE-2025-40261","CVE-2025-40262","CVE-2025-40263","CVE-2025-40264","CVE-2025-40265","CVE-2025-40266"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:49+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2747","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-119774"},{"num":119775,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2724","title":"[UPDATE] [medium] Golang Go: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-61727","CVE-2025-61729"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2724","csirts_url":"https://www.csirts.com/advisory/update-medium-golang-go-multiple-119775"},{"num":182434,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2518","title":"[UPDATE] [high] Red Hat Enterprise Linux (runc): Multiple vulnerabilities allow bypassing of security measures","severity":"high","cvss":null,"cves":["CVE-2025-31133","CVE-2025-52565","CVE-2025-52881"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2518","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-runc-182434"},{"num":182433,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2635","title":"[UPDATE] [medium] Red Hat Ansible Automation Platform: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-59530"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2635","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-ansible-automation-182433"},{"num":182435,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2227","title":"[UPDATE] [high] Golang Go: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-47912","CVE-2025-58183","CVE-2025-58185","CVE-2025-58186","CVE-2025-58187","CVE-2025-58188","CVE-2025-58189","CVE-2025-61723","CVE-2025-61724","CVE-2025-61725"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2227","csirts_url":"https://www.csirts.com/advisory/update-high-golang-go-multiple-182435"},{"num":182436,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1894","title":"[UPDATE] [medium] Keycloak (admin-ui-ext): Vulnerability allows file manipulation","severity":"medium","cvss":null,"cves":["CVE-2026-11986"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1894","csirts_url":"https://www.csirts.com/advisory/update-medium-keycloak-admin-ui-ext-182436"},{"num":182437,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1708","title":"[UPDATE] [medium] Keycloak: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-9689","CVE-2026-9704","CVE-2026-9791","CVE-2026-9792","CVE-2026-9793","CVE-2026-9794","CVE-2026-9795","CVE-2026-9796","CVE-2026-9798","CVE-2026-9801","CVE-2026-9802","CVE-2026-9803"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1708","csirts_url":"https://www.csirts.com/advisory/update-medium-keycloak-multiple-182437"},{"num":520,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1119","title":"[UPDATE] [medium] X.Org X11, Xwayland: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-33999","CVE-2026-34000","CVE-2026-34001","CVE-2026-34002","CVE-2026-34003"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1119","csirts_url":"https://www.csirts.com/advisory/update-medium-x-org-x11-xwayland-multiple-520"},{"num":182439,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2166","title":"[UPDATE] [medium] OpenSSL and LibreSSL: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-9232","CVE-2025-9230","CVE-2025-9231"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2166","csirts_url":"https://www.csirts.com/advisory/update-medium-openssl-and-libressl-182439"},{"num":182440,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2436","title":"[UPDATE] [high] Xwayland and X.Org X11: Multiple vulnerabilities allow unspecified attack","severity":"high","cvss":null,"cves":["CVE-2025-62229","CVE-2025-62230","CVE-2025-62231"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2436","csirts_url":"https://www.csirts.com/advisory/update-high-xwayland-and-x-org-x11-182440"},{"num":81900,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1974","title":"[UPDATE] [high] Podman: Vulnerability allows file manipulation","severity":"high","cvss":null,"cves":["CVE-2025-9566"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1974","csirts_url":"https://www.csirts.com/advisory/update-high-podman-vulnerability-allows-81900"},{"num":182443,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0435","title":"[UPDATE] [medium] X.Org X11: Multiple vulnerabilities allow unspecified effects, possibly code execution","severity":"medium","cvss":null,"cves":["CVE-2025-26594","CVE-2025-26595","CVE-2025-26596","CVE-2025-26597","CVE-2025-26598","CVE-2025-26599","CVE-2025-26600","CVE-2025-26601"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0435","csirts_url":"https://www.csirts.com/advisory/update-medium-x-org-x11-multiple-182443"},{"num":182442,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1352","title":"[UPDATE] [medium] X.Org X11 and Xwayland: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-49175","CVE-2025-49176","CVE-2025-49177","CVE-2025-49178","CVE-2025-49179","CVE-2025-49180"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1352","csirts_url":"https://www.csirts.com/advisory/update-medium-x-org-x11-and-xwayland-182442"},{"num":182445,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2246","title":"[NEW] [medium] OpenVPN: Vulnerability allows data manipulation","severity":"medium","cvss":null,"cves":["CVE-2025-3110"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2246","csirts_url":"https://www.csirts.com/advisory/new-medium-openvpn-vulnerability-allows-182445"},{"num":1670,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1646","title":"[UPDATE] [medium] Red Hat Enterprise Linux (nodejs, perl): Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-40909","CVE-2025-6965"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:11:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1646","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1670"},{"num":467,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0129","title":"[UPDATE] [medium] Golang Go: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-61726","CVE-2025-61728","CVE-2025-61730","CVE-2025-61731","CVE-2025-68119","CVE-2025-68121"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:06:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0129","csirts_url":"https://www.csirts.com/advisory/update-medium-golang-go-multiple-467"},{"num":182447,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2245","title":"[NEW] [medium] Wireshark: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-15163","CVE-2026-15164","CVE-2026-15165","CVE-2026-15166","CVE-2026-15169","CVE-2026-15170","CVE-2026-15171","CVE-2026-15172","CVE-2026-15173","CVE-2026-15174","CVE-2026-15167","CVE-2026-15168"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:06:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2245","csirts_url":"https://www.csirts.com/advisory/new-medium-wireshark-multiple-182447"},{"num":1915,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1006","title":"[UPDATE] [high] Golang Go: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-27140","CVE-2026-27143","CVE-2026-27144","CVE-2026-32280","CVE-2026-32281","CVE-2026-32282","CVE-2026-32283","CVE-2026-32288","CVE-2026-32289","CVE-2026-33810"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1006","csirts_url":"https://www.csirts.com/advisory/update-high-golang-go-multiple-1915"},{"num":1330,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0985","title":"[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-23412","CVE-2026-23413","CVE-2026-23414","CVE-2026-23415","CVE-2026-23416","CVE-2026-23417","CVE-2026-23418","CVE-2026-23419","CVE-2026-23420","CVE-2026-23421","CVE-2026-23422","CVE-2026-23423","CVE-2026-23424","CVE-2026-23425","CVE-2026-23426","CVE-2026-23427","CVE-2026-23428","CVE-2026-23429","CVE-2026-23430","CVE-2026-23431","CVE-2026-23432","CVE-2026-23433","CVE-2026-23434","CVE-2026-23435","CVE-2026-23436","CVE-2026-23437","CVE-2026-23438","CVE-2026-23439","CVE-2026-23440","CVE-2026-23441","CVE-2026-23442","CVE-2026-23443","CVE-2026-23444","CVE-2026-23445","CVE-2026-23446","CVE-2026-23447","CVE-2026-23448","CVE-2026-23449","CVE-2026-23450","CVE-2026-23451","CVE-2026-23452","CVE-2026-23453","CVE-2026-23454","CVE-2026-23455","CVE-2026-23456","CVE-2026-23457","CVE-2026-23458","CVE-2026-23459","CVE-2026-23460","CVE-2026-23461","CVE-2026-23462","CVE-2026-23463","CVE-2026-23464","CVE-2026-23465","CVE-2026-23466","CVE-2026-23467","CVE-2026-23468","CVE-2026-23469","CVE-2026-23470","CVE-2026-23471"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0985","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1330"},{"num":182450,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0877","title":"[UPDATE] [high] n8n: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-56356","CVE-2026-56359","CVE-2026-27496","CVE-2026-33660","CVE-2026-33663","CVE-2026-33665","CVE-2026-33696","CVE-2026-33720","CVE-2026-33722","CVE-2026-33724","CVE-2026-33749","CVE-2026-33751"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0877","csirts_url":"https://www.csirts.com/advisory/update-high-n8n-multiple-vulnerabilities-182450"},{"num":182451,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0720","title":"[UPDATE] [medium] systemd: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-4105","CVE-2026-40226"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0720","csirts_url":"https://www.csirts.com/advisory/update-medium-systemd-multiple-182451"},{"num":182452,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0627","title":"[UPDATE] [medium] CoreDNS: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-26017","CVE-2026-26018"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0627","csirts_url":"https://www.csirts.com/advisory/update-medium-coredns-multiple-182452"},{"num":1854,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0548","title":"[UPDATE] [high] Golang Go: Multiple vulnerabilities allow unspecified attack","severity":"high","cvss":null,"cves":["CVE-2026-25679","CVE-2026-27137","CVE-2026-27138","CVE-2026-27139","CVE-2026-27142"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0548","csirts_url":"https://www.csirts.com/advisory/update-high-golang-go-multiple-1854"},{"num":182454,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0532","title":"[UPDATE] [high] n8n: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-56350","CVE-2026-56360","CVE-2026-27493","CVE-2026-27494","CVE-2026-27495","CVE-2026-27497","CVE-2026-27498","CVE-2026-27577","CVE-2026-27578","CVE-2026-56357"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0532","csirts_url":"https://www.csirts.com/advisory/update-high-n8n-multiple-vulnerabilities-182454"},{"num":147882,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0525","title":"[UPDATE] [high] GStreamer: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-1940","CVE-2026-2920","CVE-2026-2921","CVE-2026-2922","CVE-2026-2923","CVE-2026-3081","CVE-2026-3082","CVE-2026-3083","CVE-2026-3084","CVE-2026-3085","CVE-2026-3086","CVE-2026-39043","CVE-2026-39044"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0525","csirts_url":"https://www.csirts.com/advisory/update-high-gstreamer-multiple-147882"},{"num":147883,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0494","title":"[UPDATE] [medium] Red Hat Enterprise Linux (389-ds-base): Vulnerability allows code execution and potentially Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-14905"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0494","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-147883"},{"num":473,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0484","title":"[UPDATE] [medium] ImageMagick: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-25984","CVE-2026-56367","CVE-2026-56378","CVE-2026-56371","CVE-2026-56379","CVE-2026-56376","CVE-2026-56368","CVE-2026-24481","CVE-2026-24484","CVE-2026-24485","CVE-2026-25576","CVE-2026-25637","CVE-2026-25638","CVE-2026-25794","CVE-2026-25795","CVE-2026-25796","CVE-2026-25797","CVE-2026-25798","CVE-2026-25799","CVE-2026-25897","CVE-2026-25898","CVE-2026-25965","CVE-2026-25966","CVE-2026-25967","CVE-2026-25968","CVE-2026-25969","CVE-2026-25970","CVE-2026-25971","CVE-2026-25982","CVE-2026-25983","CVE-2026-25985","CVE-2026-25986","CVE-2026-25987","CVE-2026-25988","CVE-2026-25989","CVE-2026-26066","CVE-2026-26283","CVE-2026-26284","CVE-2026-26983"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0484","csirts_url":"https://www.csirts.com/advisory/update-medium-imagemagick-multiple-473"},{"num":182458,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0435","title":"[UPDATE] [low] zlib: Vulnerability allows Denial of Service","severity":"low","cvss":null,"cves":["CVE-2026-27171"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0435","csirts_url":"https://www.csirts.com/advisory/update-low-zlib-vulnerability-allows-182458"},{"num":182460,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2244","title":"[NEW] [high] Google Chrome: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-15107","CVE-2026-15108","CVE-2026-15109","CVE-2026-15110","CVE-2026-15111","CVE-2026-15112","CVE-2026-15113","CVE-2026-15114","CVE-2026-15115","CVE-2026-15116","CVE-2026-15117","CVE-2026-15118","CVE-2026-15119","CVE-2026-15120","CVE-2026-15121","CVE-2026-15122","CVE-2026-15123","CVE-2026-15124","CVE-2026-15125","CVE-2026-15126","CVE-2026-15127","CVE-2026-15128","CVE-2026-15129","CVE-2026-15130","CVE-2026-15131","CVE-2026-15132","CVE-2026-15133"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2244","csirts_url":"https://www.csirts.com/advisory/new-high-google-chrome-multiple-182460"},{"num":1833,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0345","title":"[UPDATE] [high] Golang Go: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-61732","CVE-2025-68121"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T09:01:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0345","csirts_url":"https://www.csirts.com/advisory/update-high-golang-go-multiple-1833"},{"num":249,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1584","title":"[UPDATE] [medium] docker: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-41567","CVE-2026-41568","CVE-2026-42306"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:57:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1584","csirts_url":"https://www.csirts.com/advisory/update-medium-docker-multiple-249"},{"num":182462,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1489","title":"[UPDATE] [critical] Microsoft Windows products: Multiple vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-42897","CVE-2025-54518","CVE-2026-21530","CVE-2026-32161","CVE-2026-32170","CVE-2026-32209","CVE-2026-33834","CVE-2026-33835","CVE-2026-33837","CVE-2026-33838","CVE-2026-33839","CVE-2026-33840","CVE-2026-33841","CVE-2026-34329","CVE-2026-34330","CVE-2026-34331","CVE-2026-34332","CVE-2026-34333","CVE-2026-34334","CVE-2026-34336","CVE-2026-34337","CVE-2026-34338","CVE-2026-34339","CVE-2026-34340","CVE-2026-34341","CVE-2026-34342","CVE-2026-34343","CVE-2026-34344","CVE-2026-34345","CVE-2026-34347","CVE-2026-34350","CVE-2026-34351","CVE-2026-35415","CVE-2026-35416","CVE-2026-35417","CVE-2026-35418","CVE-2026-35419","CVE-2026-35420","CVE-2026-35421","CVE-2026-35422","CVE-2026-35423","CVE-2026-35424","CVE-2026-35438","CVE-2026-40369","CVE-2026-40377","CVE-2026-40380","CVE-2026-40382","CVE-2026-40397","CVE-2026-40398","CVE-2026-40399","CVE-2026-40401","CVE-2026-40402","CVE-2026-40403","CVE-2026-40405","CVE-2026-40406","CVE-2026-40407","CVE-2026-40408","CVE-2026-40410","CVE-2026-40413","CVE-2026-40414"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T08:57:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1489","csirts_url":"https://www.csirts.com/advisory/update-critical-microsoft-windows-182462"},{"num":182463,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1478","title":"[UPDATE] [medium] GStreamer: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-53701","CVE-2026-53702","CVE-2026-46469","CVE-2026-46470"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:57:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1478","csirts_url":"https://www.csirts.com/advisory/update-medium-gstreamer-multiple-182463"},{"num":147854,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1470","title":"[UPDATE] [high] FreeRDP: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-40033","CVE-2026-44420"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:57:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1470","csirts_url":"https://www.csirts.com/advisory/update-high-freerdp-multiple-147854"},{"num":1367,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1454","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-71296","CVE-2025-71297","CVE-2025-71298","CVE-2025-71299","CVE-2025-71300","CVE-2025-71301","CVE-2025-71302","CVE-2026-43285","CVE-2026-43286","CVE-2026-43287","CVE-2026-43288","CVE-2026-43289","CVE-2026-43290","CVE-2026-43291","CVE-2026-43292","CVE-2026-43293","CVE-2026-43294","CVE-2026-43295","CVE-2026-43296","CVE-2026-43297","CVE-2026-43298","CVE-2026-43299","CVE-2026-43300","CVE-2026-43301","CVE-2026-43302","CVE-2026-43303","CVE-2026-43304","CVE-2026-43305","CVE-2026-43306","CVE-2026-43307","CVE-2026-43308","CVE-2026-43309","CVE-2026-43310","CVE-2026-43311","CVE-2026-43312","CVE-2026-43313","CVE-2026-43314","CVE-2026-43315","CVE-2026-43316","CVE-2026-43317","CVE-2026-43318","CVE-2026-43319","CVE-2026-43320","CVE-2026-43321","CVE-2026-43340","CVE-2026-43341","CVE-2026-43342","CVE-2026-43343","CVE-2026-43344","CVE-2026-43345","CVE-2026-43346","CVE-2026-43347","CVE-2026-43348","CVE-2026-43349","CVE-2026-43350","CVE-2026-43351","CVE-2026-43352","CVE-2026-43353","CVE-2026-43354","CVE-2026-43355"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:57:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1454","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1367"},{"num":1281,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1437","title":"[UPDATE] [medium] Golang Go: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-27142","CVE-2026-33811","CVE-2026-33814","CVE-2026-39817","CVE-2026-39819","CVE-2026-39820","CVE-2026-39823","CVE-2026-39825","CVE-2026-39826","CVE-2026-39836","CVE-2026-42499","CVE-2026-42501"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:57:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1437","csirts_url":"https://www.csirts.com/advisory/update-medium-golang-go-multiple-1281"},{"num":1328,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1385","title":"[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-43059","CVE-2026-43060","CVE-2026-43061","CVE-2026-43062","CVE-2026-43063","CVE-2026-43064","CVE-2026-43065","CVE-2026-43066","CVE-2026-43067","CVE-2026-43068","CVE-2026-43069","CVE-2026-43070","CVE-2026-43071","CVE-2026-43072","CVE-2026-43073","CVE-2026-43074","CVE-2026-43075","CVE-2026-43076","CVE-2026-43077","CVE-2026-43078","CVE-2026-43079","CVE-2026-43080","CVE-2026-43081","CVE-2026-43082","CVE-2026-43083","CVE-2026-43084","CVE-2026-43085","CVE-2026-43086","CVE-2026-43087","CVE-2026-43088","CVE-2026-43089","CVE-2026-43090","CVE-2026-43091","CVE-2026-43092","CVE-2026-43093","CVE-2026-43094","CVE-2026-43095","CVE-2026-43096","CVE-2026-43097","CVE-2026-43098","CVE-2026-43099","CVE-2026-43100","CVE-2026-43101","CVE-2026-43102","CVE-2026-43103","CVE-2026-43104","CVE-2026-43105","CVE-2026-43106","CVE-2026-43107","CVE-2026-43108","CVE-2026-43109","CVE-2026-43110","CVE-2026-43111","CVE-2026-43112","CVE-2026-43113","CVE-2026-43114","CVE-2026-43115","CVE-2026-43116","CVE-2026-43117","CVE-2026-43118"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:57:08+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1385","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1328"},{"num":1769,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1405","title":"[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-71271","CVE-2025-71272","CVE-2025-71273","CVE-2025-71274","CVE-2025-71285","CVE-2025-71286","CVE-2025-71287","CVE-2025-71288","CVE-2025-71289","CVE-2025-71290","CVE-2025-71291","CVE-2025-71292","CVE-2025-71293","CVE-2025-71294","CVE-2025-71295","CVE-2026-43121","CVE-2026-43122","CVE-2026-43123","CVE-2026-43124","CVE-2026-43125","CVE-2026-43126","CVE-2026-43127","CVE-2026-43128","CVE-2026-43129","CVE-2026-43130","CVE-2026-43131","CVE-2026-43132","CVE-2026-43133","CVE-2026-43134","CVE-2026-43135","CVE-2026-43136","CVE-2026-43137","CVE-2026-43138","CVE-2026-43139","CVE-2026-43140","CVE-2026-43141","CVE-2026-43142","CVE-2026-43143","CVE-2026-43144","CVE-2026-43145","CVE-2026-43146","CVE-2026-43147","CVE-2026-43148","CVE-2026-43149","CVE-2026-43150","CVE-2026-43151","CVE-2026-43152","CVE-2026-43153","CVE-2026-43154","CVE-2026-43155","CVE-2026-43156","CVE-2026-43157","CVE-2026-43158","CVE-2026-43159","CVE-2026-43160","CVE-2026-43161","CVE-2026-43162","CVE-2026-43163","CVE-2026-43164","CVE-2026-43165"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:57:08+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1405","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1769"},{"num":1729,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1372","title":"[UPDATE] [medium] Netty: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-41417","CVE-2026-42577","CVE-2026-42578","CVE-2026-42579","CVE-2026-42580","CVE-2026-42581","CVE-2026-42582","CVE-2026-42583","CVE-2026-42584","CVE-2026-42585","CVE-2026-42586","CVE-2026-42587","CVE-2026-44248"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1372","csirts_url":"https://www.csirts.com/advisory/update-medium-netty-multiple-1729"},{"num":81933,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1354","title":"[UPDATE] [high] Apache HTTP Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-23918","CVE-2026-24072","CVE-2026-28780","CVE-2026-29168","CVE-2026-29169","CVE-2026-33006","CVE-2026-33007","CVE-2026-33523","CVE-2026-33857","CVE-2026-34032","CVE-2026-34059"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1354","csirts_url":"https://www.csirts.com/advisory/update-high-apache-http-server-multiple-81933"},{"num":2227,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1346","title":"[UPDATE] [high] Linux Kernel: Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-31693","CVE-2026-31694","CVE-2026-31695","CVE-2026-31696","CVE-2026-31697","CVE-2026-31698","CVE-2026-31699","CVE-2026-31700","CVE-2026-31701","CVE-2026-31702","CVE-2026-31703","CVE-2026-31704","CVE-2026-31705","CVE-2026-31706","CVE-2026-31707","CVE-2026-31708","CVE-2026-31709","CVE-2026-31710","CVE-2026-31711","CVE-2026-31712","CVE-2026-31713","CVE-2026-31714","CVE-2026-31715","CVE-2026-31716","CVE-2026-31717","CVE-2026-31718","CVE-2026-31719","CVE-2026-31720","CVE-2026-31721","CVE-2026-31722","CVE-2026-31723","CVE-2026-31724","CVE-2026-31725","CVE-2026-31726","CVE-2026-31727","CVE-2026-31728","CVE-2026-31729","CVE-2026-31730","CVE-2026-31731","CVE-2026-31732","CVE-2026-31733","CVE-2026-31734","CVE-2026-31735","CVE-2026-31736","CVE-2026-31737","CVE-2026-31738","CVE-2026-31739","CVE-2026-31740","CVE-2026-31741","CVE-2026-31742","CVE-2026-31743","CVE-2026-31744","CVE-2026-31745","CVE-2026-31746","CVE-2026-31747","CVE-2026-31748","CVE-2026-31749","CVE-2026-31750","CVE-2026-31751","CVE-2026-31752"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1346","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-2227"},{"num":81937,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1300","title":"[UPDATE] [medium] GNU libc: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-5435","CVE-2026-6238"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1300","csirts_url":"https://www.csirts.com/advisory/update-medium-gnu-libc-multiple-81937"},{"num":1765,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1279","title":"[UPDATE] [high] Linux Kernel: Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-31535","CVE-2026-31536","CVE-2026-31537","CVE-2026-31538","CVE-2026-31539","CVE-2026-31540","CVE-2026-31541","CVE-2026-31542","CVE-2026-31543","CVE-2026-31544","CVE-2026-31545","CVE-2026-31546","CVE-2026-31547","CVE-2026-31548","CVE-2026-31549","CVE-2026-31550","CVE-2026-31551","CVE-2026-31552","CVE-2026-31553","CVE-2026-31554","CVE-2026-31555","CVE-2026-31556","CVE-2026-31557","CVE-2026-31558","CVE-2026-31559","CVE-2026-31560","CVE-2026-31561","CVE-2026-31562","CVE-2026-31563","CVE-2026-31564","CVE-2026-31565","CVE-2026-31566","CVE-2026-31567","CVE-2026-31568","CVE-2026-31569","CVE-2026-31570","CVE-2026-31571","CVE-2026-31572","CVE-2026-31573","CVE-2026-31574","CVE-2026-31575","CVE-2026-31576","CVE-2026-31577","CVE-2026-31578","CVE-2026-31579","CVE-2026-31580","CVE-2026-31581","CVE-2026-31582","CVE-2026-31583","CVE-2026-31584","CVE-2026-31585","CVE-2026-31586","CVE-2026-31587","CVE-2026-31588","CVE-2026-31589","CVE-2026-31590","CVE-2026-31591","CVE-2026-31592","CVE-2026-31593","CVE-2026-31594"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1279","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1765"},{"num":1660,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1292","title":"[UPDATE] [medium] Prometheus: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-44903","CVE-2026-42151","CVE-2026-42154"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1292","csirts_url":"https://www.csirts.com/advisory/update-medium-prometheus-multiple-1660"},{"num":1283,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1268","title":"[UPDATE] [medium] Red Hat Enterprise Linux (go-jose): Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-34986"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1268","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-go-1283"},{"num":811,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1252","title":"[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-31434","CVE-2026-31435","CVE-2026-31436","CVE-2026-31437","CVE-2026-31438","CVE-2026-31439","CVE-2026-31440","CVE-2026-31441","CVE-2026-31442","CVE-2026-31443","CVE-2026-31444","CVE-2026-31445","CVE-2026-31446","CVE-2026-31447","CVE-2026-31448","CVE-2026-31449","CVE-2026-31450","CVE-2026-31451","CVE-2026-31452","CVE-2026-31453","CVE-2026-31454","CVE-2026-31455","CVE-2026-31456","CVE-2026-31457","CVE-2026-31458","CVE-2026-31459","CVE-2026-31460","CVE-2026-31461","CVE-2026-31462","CVE-2026-31463","CVE-2026-31464","CVE-2026-31465","CVE-2026-31466","CVE-2026-31467","CVE-2026-31468","CVE-2026-31469","CVE-2026-31470","CVE-2026-31471","CVE-2026-31472","CVE-2026-31473","CVE-2026-31474","CVE-2026-31475","CVE-2026-31476","CVE-2026-31477","CVE-2026-31478","CVE-2026-31479","CVE-2026-31480","CVE-2026-31481","CVE-2026-31482","CVE-2026-31483","CVE-2026-31484","CVE-2026-31485","CVE-2026-31486","CVE-2026-31487","CVE-2026-31488","CVE-2026-31489","CVE-2026-31490","CVE-2026-31491","CVE-2026-31492","CVE-2026-31493"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1252","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-811"},{"num":1448,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1201","title":"[UPDATE] [medium] Oracle Java SE: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20652","CVE-2026-22003","CVE-2026-22007","CVE-2026-22008","CVE-2026-22013","CVE-2026-22016","CVE-2026-22018","CVE-2026-22021","CVE-2026-23865","CVE-2026-34268","CVE-2026-34282"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1201","csirts_url":"https://www.csirts.com/advisory/update-medium-oracle-java-se-multiple-1448"},{"num":812,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1180","title":"[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-31429","CVE-2026-31430"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1180","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-812"},{"num":928,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1136","title":"[UPDATE] [high] Red Hat OpenShift Container Platform (gRPC-Go): Vulnerability allows bypassing security measures","severity":"high","cvss":null,"cves":["CVE-2026-33186"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1136","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-openshift-container-928"},{"num":182479,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1145","title":"[UPDATE] [high] Flowise: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-56275","CVE-2026-56269","CVE-2026-56270","CVE-2026-56278","CVE-2026-56273","CVE-2026-41137","CVE-2026-41138","CVE-2026-41264","CVE-2026-41265","CVE-2026-41266","CVE-2026-41267","CVE-2026-41268","CVE-2026-41269","CVE-2026-41270","CVE-2026-41271","CVE-2026-41272","CVE-2026-41273","CVE-2026-41274","CVE-2026-41275","CVE-2026-41276","CVE-2026-41277","CVE-2026-41278","CVE-2026-41279","CVE-2026-43995"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1145","csirts_url":"https://www.csirts.com/advisory/update-high-flowise-multiple-182479"},{"num":515,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1126","title":"[UPDATE] [low] ImageMagick: Multiple vulnerabilities allow Denial of Service","severity":"low","cvss":null,"cves":["CVE-2026-56370","CVE-2026-56361","CVE-2026-56365"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1126","csirts_url":"https://www.csirts.com/advisory/update-low-imagemagick-multiple-515"},{"num":1329,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1088","title":"[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-31414","CVE-2026-31415","CVE-2026-31416","CVE-2026-31417","CVE-2026-31418","CVE-2026-31419","CVE-2026-31420","CVE-2026-31421","CVE-2026-31422","CVE-2026-31423","CVE-2026-31424","CVE-2026-31425","CVE-2026-31426","CVE-2026-31427","CVE-2026-31428"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1088","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1329"},{"num":182483,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2243","title":"[NEW] [medium] etcd: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-59818"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:56:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2243","csirts_url":"https://www.csirts.com/advisory/new-medium-etcd-vulnerability-allows-182483"},{"num":1340,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1700","title":"[UPDATE] [high] Linux Kernel: Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71311","CVE-2025-71312","CVE-2026-45881","CVE-2026-45885","CVE-2026-45886","CVE-2026-45887","CVE-2026-45888","CVE-2026-45889","CVE-2026-45890","CVE-2026-45913","CVE-2026-45914","CVE-2026-45915","CVE-2026-45916","CVE-2026-45917","CVE-2026-45918","CVE-2026-45919","CVE-2026-45920","CVE-2026-45921","CVE-2026-45922","CVE-2026-45923","CVE-2026-45924","CVE-2026-45925","CVE-2026-45926","CVE-2026-45927","CVE-2026-45928","CVE-2026-45929","CVE-2026-45930","CVE-2026-45931","CVE-2026-45932","CVE-2026-45933","CVE-2026-45934","CVE-2026-45935","CVE-2026-45936","CVE-2026-45937","CVE-2026-45938","CVE-2026-45939","CVE-2026-45940","CVE-2026-45941","CVE-2026-45942","CVE-2026-45943","CVE-2026-45944","CVE-2026-45945","CVE-2026-45946","CVE-2026-45947","CVE-2026-45948","CVE-2026-45949","CVE-2026-45950","CVE-2026-45951","CVE-2026-45952","CVE-2026-45953","CVE-2026-45954","CVE-2026-45955","CVE-2026-45956","CVE-2026-45957","CVE-2026-45958","CVE-2026-45959","CVE-2026-45960","CVE-2026-45961","CVE-2026-45962","CVE-2026-45963"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1700","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1340"},{"num":1467,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0462","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71225","CVE-2025-71226","CVE-2025-71227","CVE-2025-71228","CVE-2025-71229","CVE-2025-71230","CVE-2025-71231","CVE-2025-71232","CVE-2025-71233","CVE-2025-71234","CVE-2025-71235","CVE-2025-71236","CVE-2025-71237","CVE-2026-23211","CVE-2026-23212","CVE-2026-23213","CVE-2026-23214","CVE-2026-23215","CVE-2026-23216","CVE-2026-23217","CVE-2026-23218","CVE-2026-23219","CVE-2026-23220","CVE-2026-23221","CVE-2026-23222","CVE-2026-23223","CVE-2026-23224","CVE-2026-23225","CVE-2026-23226","CVE-2026-23227","CVE-2026-23228","CVE-2026-23229","CVE-2026-23230"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0462","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1467"},{"num":182486,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1692","title":"[UPDATE] [medium] Snipe-IT: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-48492","CVE-2026-48493","CVE-2026-48507"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1692","csirts_url":"https://www.csirts.com/advisory/update-medium-snipe-it-multiple-182486"},{"num":1470,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0421","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71200","CVE-2025-71201","CVE-2025-71202","CVE-2025-71203","CVE-2025-71204","CVE-2025-71220","CVE-2025-71221","CVE-2025-71222","CVE-2025-71223","CVE-2025-71224","CVE-2026-23111","CVE-2026-23112","CVE-2026-23113","CVE-2026-23114","CVE-2026-23115","CVE-2026-23116","CVE-2026-23117","CVE-2026-23118","CVE-2026-23119","CVE-2026-23120","CVE-2026-23121","CVE-2026-23123","CVE-2026-23124","CVE-2026-23125","CVE-2026-23126","CVE-2026-23127","CVE-2026-23128","CVE-2026-23129","CVE-2026-23130","CVE-2026-23131","CVE-2026-23132","CVE-2026-23133","CVE-2026-23134","CVE-2026-23135","CVE-2026-23136","CVE-2026-23137","CVE-2026-23138","CVE-2026-23139","CVE-2026-23140","CVE-2026-23141","CVE-2026-23142","CVE-2026-23143","CVE-2026-23144","CVE-2026-23145","CVE-2026-23146","CVE-2026-23147","CVE-2026-23148","CVE-2026-23149","CVE-2026-23150","CVE-2026-23151","CVE-2026-23152","CVE-2026-23153","CVE-2026-23154","CVE-2026-23155","CVE-2026-23156","CVE-2026-23157","CVE-2026-23158","CVE-2026-23159","CVE-2026-23160","CVE-2026-23161"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0421","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1470"},{"num":1341,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1691","title":"[UPDATE] [high] Linux Kernel: Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-45837","CVE-2026-45838","CVE-2026-45839","CVE-2026-45840","CVE-2026-45841","CVE-2026-45842","CVE-2026-45843","CVE-2026-45844","CVE-2026-45845","CVE-2026-45846"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1691","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1341"},{"num":182489,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1683","title":"[UPDATE] [high] IBM WebSphere Application Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-8620","CVE-2026-8633"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1683","csirts_url":"https://www.csirts.com/advisory/update-high-ibm-websphere-application-182489"},{"num":1471,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0324","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71192","CVE-2025-71193","CVE-2025-71194","CVE-2025-71195","CVE-2025-71196","CVE-2025-71197","CVE-2025-71198","CVE-2025-71199","CVE-2026-23040","CVE-2026-23041","CVE-2026-23042","CVE-2026-23043","CVE-2026-23044","CVE-2026-23045","CVE-2026-23046","CVE-2026-23047","CVE-2026-23048","CVE-2026-23049","CVE-2026-23050","CVE-2026-23051","CVE-2026-23052","CVE-2026-23053","CVE-2026-23054","CVE-2026-23055","CVE-2026-23056","CVE-2026-23057","CVE-2026-23058","CVE-2026-23059","CVE-2026-23060","CVE-2026-23061","CVE-2026-23062","CVE-2026-23063","CVE-2026-23064","CVE-2026-23065","CVE-2026-23066","CVE-2026-23067","CVE-2026-23068","CVE-2026-23069","CVE-2026-23070","CVE-2026-23071","CVE-2026-23072","CVE-2026-23073","CVE-2026-23074","CVE-2026-23075","CVE-2026-23076","CVE-2026-23077","CVE-2026-23078","CVE-2026-23079","CVE-2026-23080","CVE-2026-23081","CVE-2026-23082","CVE-2026-23083","CVE-2026-23084","CVE-2026-23085","CVE-2026-23086","CVE-2026-23087","CVE-2026-23088","CVE-2026-23089","CVE-2026-23090","CVE-2026-23091"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0324","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1471"},{"num":1344,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1656","title":"[UPDATE] [medium] Linux Kernel: Vulnerability Allows Unspecified Attack","severity":"high","cvss":null,"cves":["CVE-2026-43495","CVE-2026-43496","CVE-2026-43497","CVE-2026-43498","CVE-2026-43499","CVE-2026-43501","CVE-2026-43502"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1656","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-vulnerability-1344"},{"num":147849,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1599","title":"[UPDATE] [high] Unbound: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-33278","CVE-2026-32792","CVE-2026-40622","CVE-2026-41292","CVE-2026-42534","CVE-2026-42923","CVE-2026-42944","CVE-2026-42959","CVE-2026-42960","CVE-2026-44390","CVE-2026-44608"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1599","csirts_url":"https://www.csirts.com/advisory/update-high-unbound-multiple-147849"},{"num":1306,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1653","title":"[UPDATE] [medium] Golang Go-Module (Net, Image, Crypto): Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-25680","CVE-2026-25681","CVE-2026-27136","CVE-2026-39821","CVE-2026-42502","CVE-2026-42506","CVE-2026-33809","CVE-2026-42500","CVE-2026-39827","CVE-2026-39828","CVE-2026-39829","CVE-2026-39830","CVE-2026-39831","CVE-2026-39832","CVE-2026-39833","CVE-2026-39834","CVE-2026-39835","CVE-2026-42508","CVE-2026-46595","CVE-2026-46597","CVE-2026-46598"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1653","csirts_url":"https://www.csirts.com/advisory/update-medium-golang-go-module-net-image-1306"},{"num":267,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2350","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-40005","CVE-2025-40006","CVE-2025-40007","CVE-2025-40008","CVE-2025-40009","CVE-2025-40010","CVE-2025-40011","CVE-2025-40012","CVE-2025-40013","CVE-2025-40015","CVE-2025-40016","CVE-2025-40017"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2350","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-267"},{"num":1348,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1587","title":"[UPDATE] [low] Linux Kernel: Multiple Vulnerabilities Allow Denial of Service","severity":"low","cvss":null,"cves":["CVE-2026-43491","CVE-2026-43492","CVE-2026-43493"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1587","csirts_url":"https://www.csirts.com/advisory/update-low-linux-kernel-multiple-1348"},{"num":182496,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1325","title":"[UPDATE] [low] libxml2: Vulnerability allows Denial of Service","severity":"low","cvss":null,"cves":["CVE-2025-6170"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:46:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1325","csirts_url":"https://www.csirts.com/advisory/update-low-libxml2-vulnerability-allows-182496"},{"num":1970,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1183","title":"[UPDATE] [high] Red Hat Hardened Images RPMs (jq and pyOpenSSL): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-27448","CVE-2026-27459","CVE-2026-39979","CVE-2026-40164"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1183","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-hardened-images-rpms-1970"},{"num":1580,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1895","title":"[UPDATE] [medium] Apache CXF: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-49875","CVE-2026-50623","CVE-2026-50627","CVE-2026-50628","CVE-2026-50629","CVE-2026-50630","CVE-2026-50631","CVE-2026-50632","CVE-2026-50633","CVE-2026-50634","CVE-2026-50645"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:13+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1895","csirts_url":"https://www.csirts.com/advisory/update-medium-apache-cxf-multiple-1580"},{"num":81956,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1900","title":"[UPDATE] [medium] MIT Kerberos: Vulnerability allows unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-11850"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:13+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1900","csirts_url":"https://www.csirts.com/advisory/update-medium-mit-kerberos-vulnerability-81956"},{"num":182501,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1875","title":"[UPDATE] [high] n8n: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-54303","CVE-2026-56777","CVE-2026-56778","CVE-2026-56776","CVE-2026-56775","CVE-2026-54301","CVE-2026-54302","CVE-2026-54304","CVE-2026-54305","CVE-2026-54306","CVE-2026-54307","CVE-2026-54308","CVE-2026-54309","CVE-2026-54310","CVE-2026-54311","CVE-2026-54312","CVE-2026-54313","CVE-2026-54314"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:12+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1875","csirts_url":"https://www.csirts.com/advisory/update-high-n8n-multiple-vulnerabilities-182501"},{"num":1731,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1156","title":"[UPDATE] [medium] Rsync: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-41035"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:12+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1156","csirts_url":"https://www.csirts.com/advisory/update-medium-rsync-vulnerability-allows-1731"},{"num":1451,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1037","title":"[UPDATE] [low] Linux Kernel: Vulnerability allows denial of service","severity":"low","cvss":null,"cves":["CVE-2026-31411"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1037","csirts_url":"https://www.csirts.com/advisory/update-low-linux-kernel-vulnerability-1451"},{"num":1375,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1870","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities enable denial of service","severity":"high","cvss":null,"cves":["CVE-2026-46316","CVE-2026-46317","CVE-2026-46318","CVE-2026-46319","CVE-2026-46320","CVE-2026-46321","CVE-2026-46322","CVE-2026-46323","CVE-2026-46324","CVE-2026-46325","CVE-2026-46326","CVE-2026-46327","CVE-2026-46328","CVE-2026-46329","CVE-2026-46330","CVE-2026-46332","CVE-2026-52904","CVE-2026-52905","CVE-2026-52906","CVE-2026-52907"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1870","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1375"},{"num":1699,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0979","title":"[UPDATE] [medium] OpenSSH: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-35385","CVE-2026-35386","CVE-2026-35387","CVE-2026-35388","CVE-2026-35414"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0979","csirts_url":"https://www.csirts.com/advisory/update-medium-openssh-multiple-1699"},{"num":1339,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1852","title":"[UPDATE] [high] OpenSSL: Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-34180","CVE-2026-34181","CVE-2026-34182","CVE-2026-34183","CVE-2026-35188","CVE-2026-42764","CVE-2026-42765","CVE-2026-42766","CVE-2026-42767","CVE-2026-42768","CVE-2026-42769","CVE-2026-42770","CVE-2026-42771","CVE-2026-45445","CVE-2026-45446","CVE-2026-45447","CVE-2026-7383","CVE-2026-9076"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:42:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1852","csirts_url":"https://www.csirts.com/advisory/update-high-openssl-multiple-1339"},{"num":952,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0971","title":"[UPDATE] [medium] sudo: Vulnerability allows privilege escalation","severity":"medium","cvss":null,"cves":["CVE-2026-35535"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0971","csirts_url":"https://www.csirts.com/advisory/update-medium-sudo-vulnerability-allows-952"},{"num":1422,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1827","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-71315","CVE-2026-46274","CVE-2026-46275","CVE-2026-46276","CVE-2026-46277","CVE-2026-46278","CVE-2026-46279","CVE-2026-46280","CVE-2026-46281","CVE-2026-46282","CVE-2026-46283","CVE-2026-46284","CVE-2026-46285","CVE-2026-46286","CVE-2026-46287","CVE-2026-46288","CVE-2026-46289","CVE-2026-46290","CVE-2026-46291","CVE-2026-46292","CVE-2026-46293","CVE-2026-46294","CVE-2026-46295","CVE-2026-46296","CVE-2026-46297","CVE-2026-46298","CVE-2026-46299","CVE-2026-46301","CVE-2026-46302","CVE-2026-46303","CVE-2026-46304","CVE-2026-46305","CVE-2026-46306","CVE-2026-46307","CVE-2026-46308","CVE-2026-46309","CVE-2026-46310","CVE-2026-46311","CVE-2026-46312","CVE-2026-46313","CVE-2026-46314","CVE-2026-46315"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1827","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1422"},{"num":81960,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1824","title":"[UPDATE] [high] Apache HTTP Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-49975","CVE-2026-29167","CVE-2026-29170","CVE-2026-34355","CVE-2026-34356","CVE-2026-42535","CVE-2026-42536","CVE-2026-43951","CVE-2026-44119","CVE-2026-44185","CVE-2026-44186","CVE-2026-44631","CVE-2026-48913"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1824","csirts_url":"https://www.csirts.com/advisory/update-high-apache-http-server-multiple-81960"},{"num":1311,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0947","title":"[UPDATE] [medium] CUPS: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-27447","CVE-2026-34978","CVE-2026-34979","CVE-2026-34980"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0947","csirts_url":"https://www.csirts.com/advisory/update-medium-cups-multiple-1311"},{"num":182511,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1820","title":"[UPDATE] [medium] Red Hat Enterprise Linux (libyang): Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-44673"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1820","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-182511"},{"num":1376,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1802","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71313","CVE-2025-71314","CVE-2026-46244","CVE-2026-46245","CVE-2026-46246","CVE-2026-46247","CVE-2026-46248","CVE-2026-46249","CVE-2026-46250","CVE-2026-46251","CVE-2026-46252","CVE-2026-46253","CVE-2026-46254","CVE-2026-46255","CVE-2026-46256","CVE-2026-46257","CVE-2026-46258","CVE-2026-46259","CVE-2026-46260","CVE-2026-46261","CVE-2026-46262","CVE-2026-46263","CVE-2026-46264","CVE-2026-46265","CVE-2026-46266","CVE-2026-46267","CVE-2026-46268","CVE-2026-46269","CVE-2026-46270","CVE-2026-46271","CVE-2026-46272","CVE-2026-46273"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1802","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1376"},{"num":1452,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0790","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-71268","CVE-2025-71269","CVE-2025-71270","CVE-2026-23249","CVE-2026-23250","CVE-2026-23251","CVE-2026-23252","CVE-2026-23253","CVE-2026-23254","CVE-2026-23255","CVE-2026-23256","CVE-2026-23257","CVE-2026-23258","CVE-2026-23259","CVE-2026-23260","CVE-2026-23261","CVE-2026-23262","CVE-2026-23263","CVE-2026-23264","CVE-2026-23265","CVE-2026-23266","CVE-2026-23267","CVE-2026-23268","CVE-2026-23269","CVE-2026-23270"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0790","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1452"},{"num":262,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0774","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71265","CVE-2025-71266","CVE-2025-71267","CVE-2026-23242","CVE-2026-23243","CVE-2026-23244","CVE-2026-23245","CVE-2026-23246","CVE-2026-23247","CVE-2026-23248"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0774","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-262"},{"num":1423,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1791","title":"[UPDATE] [high] HTTP/2 implementations: Vulnerability allows denial of service","severity":"high","cvss":null,"cves":["CVE-2026-49975"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1791","csirts_url":"https://www.csirts.com/advisory/update-high-http-2-implementations-1423"},{"num":1460,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0754","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2025-71239","CVE-2026-23241"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0754","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1460"},{"num":147839,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1776","title":"[UPDATE] [high] Golang Go: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-27145","CVE-2026-42504","CVE-2026-42507"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1776","csirts_url":"https://www.csirts.com/advisory/update-high-golang-go-multiple-147839"},{"num":1461,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0614","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71238","CVE-2026-23231","CVE-2026-23232","CVE-2026-23233","CVE-2026-23234","CVE-2026-23235","CVE-2026-23236","CVE-2026-23237","CVE-2026-23238"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0614","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1461"},{"num":119832,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1774","title":"[UPDATE] [medium] X.Org X11 and Xwayland: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-50256","CVE-2026-50257","CVE-2026-50258","CVE-2026-50259","CVE-2026-50260","CVE-2026-50261","CVE-2026-50262","CVE-2026-50263","CVE-2026-50264"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1774","csirts_url":"https://www.csirts.com/advisory/update-medium-x-org-x11-and-xwayland-119832"},{"num":119860,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1312","title":"[UPDATE] [high] GnuTLS: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-33845","CVE-2026-33846","CVE-2026-3832","CVE-2026-3833","CVE-2026-42009","CVE-2026-42010","CVE-2026-42011","CVE-2026-42012","CVE-2026-42013","CVE-2026-42014","CVE-2026-42015","CVE-2026-5260","CVE-2026-5419"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1312","csirts_url":"https://www.csirts.com/advisory/update-high-gnutls-multiple-119860"},{"num":187643,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8519-1","title":"USN-8519-1: Go Cryptography vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2025-47913","CVE-2025-22869"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:41:10+00:00","link":"https://ubuntu.com/security/notices/USN-8519-1","csirts_url":"https://www.csirts.com/advisory/usn-8519-1-go-cryptography-vulnerabilities-187643"},{"num":119824,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1929","title":"[UPDATE] [medium] LibreOffice: Multiple vulnerabilities allow unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-6039","CVE-2026-6040","CVE-2026-6045","CVE-2026-6047","CVE-2026-8356","CVE-2026-8357","CVE-2026-8358"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1929","csirts_url":"https://www.csirts.com/advisory/update-medium-libreoffice-multiple-119824"},{"num":877,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1924","title":"[UPDATE] [high] Aqua Security Trivy: Vulnerability allows file manipulation","severity":"high","cvss":null,"cves":["CVE-2026-55092"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1924","csirts_url":"https://www.csirts.com/advisory/update-high-aqua-security-trivy-877"},{"num":1411,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1938","title":"[UPDATE] [high] Linux Kernel: Vulnerability allows privilege escalation","severity":"high","cvss":null,"cves":["CVE-2026-46331"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1938","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-vulnerability-1411"},{"num":1444,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1294","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-31686","CVE-2026-31687","CVE-2026-31688","CVE-2026-31689","CVE-2026-31690","CVE-2026-31691"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1294","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1444"},{"num":1350,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1530","title":"[UPDATE] [high] Linux Kernel (Fragnesia): Vulnerability Allows Gaining Administrator Rights","severity":"high","cvss":null,"cves":["CVE-2026-46300"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1530","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-fragnesia-1350"},{"num":489,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1923","title":"[UPDATE] [medium] Red Hat Ansible Automation Platform: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-44188","CVE-2026-44431","CVE-2026-44432","CVE-2026-48526"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1923","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-ansible-automation-489"},{"num":1668,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1267","title":"[UPDATE] [medium] Red Hat Hardened Images RPMs: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-69277","CVE-2026-2100","CVE-2026-41989","CVE-2026-4878"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1267","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-hardened-images-1668"},{"num":853,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1919","title":"[UPDATE] [medium] GStreamer: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-52717","CVE-2026-52718","CVE-2026-52719","CVE-2026-52720","CVE-2026-52721","CVE-2026-52722","CVE-2026-53702","CVE-2026-53703","CVE-2026-53704","CVE-2026-53705"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1919","csirts_url":"https://www.csirts.com/advisory/update-medium-gstreamer-multiple-853"},{"num":1374,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1430","title":"[UPDATE] [high] Linux Kernel (Dirty Frag): Multiple vulnerabilities allow gaining administrator rights","severity":"high","cvss":null,"cves":["CVE-2026-31431","CVE-2026-43284","CVE-2026-43500"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T08:36:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1430","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-dirty-frag-1374"},{"num":182530,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1918","title":"[UPDATE] [high] Snipe-IT: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-55482","CVE-2026-55542","CVE-2026-55483","CVE-2026-55519"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:36:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1918","csirts_url":"https://www.csirts.com/advisory/update-high-snipe-it-multiple-182530"},{"num":1777,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2082","title":"[UPDATE] [medium] Aqua Security Trivy: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-54448"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2082","csirts_url":"https://www.csirts.com/advisory/update-medium-aqua-security-trivy-1777"},{"num":1778,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2077","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-52944","CVE-2026-52945","CVE-2026-52946","CVE-2026-52947","CVE-2026-52948","CVE-2026-52949","CVE-2026-52950","CVE-2026-52951","CVE-2026-52952","CVE-2026-52953","CVE-2026-52954","CVE-2026-52955","CVE-2026-52956","CVE-2026-52957","CVE-2026-52958","CVE-2026-52959","CVE-2026-52960","CVE-2026-52961","CVE-2026-52962","CVE-2026-52963","CVE-2026-52964","CVE-2026-52965","CVE-2026-52966","CVE-2026-52967","CVE-2026-52968","CVE-2026-52969","CVE-2026-52970","CVE-2026-52971","CVE-2026-52972","CVE-2026-52973","CVE-2026-52974","CVE-2026-52975","CVE-2026-52976","CVE-2026-52977","CVE-2026-52978","CVE-2026-52979","CVE-2026-52980","CVE-2026-52981","CVE-2026-52982","CVE-2026-52983","CVE-2026-52984","CVE-2026-52985","CVE-2026-52986","CVE-2026-52987","CVE-2026-52988","CVE-2026-52989","CVE-2026-52990","CVE-2026-52991","CVE-2026-52992","CVE-2026-52993","CVE-2026-52994","CVE-2026-52995","CVE-2026-52996","CVE-2026-52997","CVE-2026-52998","CVE-2026-52999","CVE-2026-53000","CVE-2026-53001","CVE-2026-53002","CVE-2026-53003"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2077","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1778"},{"num":182533,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2067","title":"[UPDATE] [high] n8n: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-59253","CVE-2026-59257"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2067","csirts_url":"https://www.csirts.com/advisory/update-high-n8n-multiple-vulnerabilities-182533"},{"num":182534,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2062","title":"[UPDATE] [medium] Podman: Vulnerability allows information disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-57231"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:49+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2062","csirts_url":"https://www.csirts.com/advisory/update-medium-podman-vulnerability-allows-182534"},{"num":958,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2056","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-52914","CVE-2026-52915","CVE-2026-52916","CVE-2026-52917","CVE-2026-52918","CVE-2026-52919","CVE-2026-52920","CVE-2026-52921","CVE-2026-52926","CVE-2026-52927","CVE-2026-52928","CVE-2026-52929","CVE-2026-52930","CVE-2026-52931","CVE-2026-52932","CVE-2026-52933","CVE-2026-52934","CVE-2026-52935","CVE-2026-52936","CVE-2026-52937","CVE-2026-52938","CVE-2026-52939","CVE-2026-52940","CVE-2026-52941","CVE-2026-52942","CVE-2026-52912","CVE-2026-52913","CVE-2026-52922","CVE-2026-52923","CVE-2026-52924","CVE-2026-52925"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2056","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-958"},{"num":81942,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2031","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-52908","CVE-2026-52909","CVE-2026-52910","CVE-2026-52911"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2031","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81942"},{"num":182537,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2019","title":"[UPDATE] [high] Microsoft Dynamics 365: Vulnerability allows Cross-Site Scripting","severity":"high","cvss":null,"cves":["CVE-2026-47646"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2019","csirts_url":"https://www.csirts.com/advisory/update-high-microsoft-dynamics-365-182537"},{"num":182538,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2012","title":"[UPDATE] [high] HAProxy: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-55203","CVE-2026-55204"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2012","csirts_url":"https://www.csirts.com/advisory/update-high-haproxy-multiple-182538"},{"num":965,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2009","title":"[UPDATE] [high] Google Cloud Platform (GKE containerd): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-47262","CVE-2026-50195","CVE-2026-53488","CVE-2026-53489","CVE-2026-53492"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2009","csirts_url":"https://www.csirts.com/advisory/update-high-google-cloud-platform-gke-965"},{"num":966,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2004","title":"[UPDATE] [high] Node.js: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-21636","CVE-2026-48615","CVE-2026-48617","CVE-2026-48618","CVE-2026-48619","CVE-2026-48928","CVE-2026-48930","CVE-2026-48931","CVE-2026-48933","CVE-2026-48934","CVE-2026-48935","CVE-2026-48936","CVE-2026-48937"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2004","csirts_url":"https://www.csirts.com/advisory/update-high-node-js-multiple-966"},{"num":81946,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1995","title":"[UPDATE] [high] NGINX and NGINX Plus: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-11311","CVE-2026-32682","CVE-2026-42055","CVE-2026-42530","CVE-2026-48142","CVE-2026-50107"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1995","csirts_url":"https://www.csirts.com/advisory/update-high-nginx-and-nginx-plus-multiple-81946"},{"num":481,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1955","title":"[UPDATE] [high] Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira and Jira Service Management: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2019-11272","CVE-2021-3803","CVE-2022-1471","CVE-2022-22965","CVE-2022-22978","CVE-2022-31692","CVE-2024-22257","CVE-2025-22228","CVE-2026-22732","CVE-2026-24734","CVE-2026-26996","CVE-2026-27903","CVE-2026-27904","CVE-2026-29129","CVE-2026-33870","CVE-2026-33871","CVE-2026-34077","CVE-2026-34486","CVE-2026-34487","CVE-2026-40175","CVE-2026-41044","CVE-2026-41284","CVE-2026-41293","CVE-2026-42033","CVE-2026-42035","CVE-2026-42038","CVE-2026-42043","CVE-2026-42198","CVE-2026-42211","CVE-2026-42264","CVE-2026-42342","CVE-2026-42498","CVE-2026-42579","CVE-2026-42581","CVE-2026-42583","CVE-2026-42584","CVE-2026-42585","CVE-2026-42587","CVE-2026-43512","CVE-2026-43513","CVE-2026-43515","CVE-2026-44486","CVE-2026-44487","CVE-2026-44488","CVE-2026-44492","CVE-2026-44495","CVE-2026-44496","CVE-2026-45149","CVE-2026-45736"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T08:31:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1955","csirts_url":"https://www.csirts.com/advisory/update-high-atlassian-bamboo-bitbucket-481"},{"num":1320,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1957","title":"[UPDATE] [high] Red Hat Enterprise Linux (openCryptoki, hplip, 389-ds-base): Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-40253","CVE-2026-8631","CVE-2026-8632","CVE-2026-9064"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:31:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1957","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-1320"},{"num":152099,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2241","title":"[NEW] [high] Foxit PDF Editor and PDF Reader: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-13126","CVE-2026-13127","CVE-2026-13128","CVE-2026-13129","CVE-2026-57237","CVE-2026-57238","CVE-2026-57239","CVE-2026-57240","CVE-2026-57241","CVE-2026-57242","CVE-2026-57243","CVE-2026-57244","CVE-2026-57245","CVE-2026-57246","CVE-2026-57247","CVE-2026-57248","CVE-2026-57249","CVE-2026-57250","CVE-2026-57251","CVE-2026-57252","CVE-2026-57253","CVE-2026-57254","CVE-2026-57255","CVE-2026-57256","CVE-2026-57257","CVE-2026-57258","CVE-2026-57259","CVE-2026-57260"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:27:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2241","csirts_url":"https://www.csirts.com/advisory/new-high-foxit-pdf-editor-and-pdf-reader-152099"},{"num":152111,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2240","title":"[NEW] [high] X.Org X11 and Xwayland: Multiple vulnerabilities allow code execution and DoS","severity":"high","cvss":null,"cves":["CVE-2026-55999","CVE-2026-56000"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:27:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2240","csirts_url":"https://www.csirts.com/advisory/new-high-x-org-x11-and-xwayland-multiple-152111"},{"num":152112,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2239","title":"[NEW] [medium] Golang Go: Multiple vulnerabilities allow information disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-39822","CVE-2026-42505"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:27:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2239","csirts_url":"https://www.csirts.com/advisory/new-medium-golang-go-multiple-152112"},{"num":152117,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2235","title":"[NEW] [medium] Composer: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-59946","CVE-2026-59947","CVE-2026-59948"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:27:08+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2235","csirts_url":"https://www.csirts.com/advisory/new-medium-composer-multiple-152117"},{"num":147835,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2229","title":"[NEW] [low] GStreamer (webrtcbin): Vulnerability allows bypassing security measures","severity":"low","cvss":null,"cves":["CVE-2026-14935"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:27:07+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2229","csirts_url":"https://www.csirts.com/advisory/new-low-gstreamer-webrtcbin-vulnerability-147835"},{"num":124562,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2225","title":"[NEW] [high] Red Hat Enterprise Linux (389-ds-base): Multiple vulnerabilities allow code execution and DoS","severity":"high","cvss":null,"cves":["CVE-2026-11610","CVE-2026-11774"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:27:07+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2225","csirts_url":"https://www.csirts.com/advisory/new-high-red-hat-enterprise-linux-389-ds-124562"},{"num":124576,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2218","title":"[NEW] [high] Red Hat Enterprise Linux (perl-HTTP-Daemon): Vulnerability allows execution of arbitrary program code with service privileges","severity":"high","cvss":null,"cves":["CVE-2026-8450"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2218","csirts_url":"https://www.csirts.com/advisory/new-high-red-hat-enterprise-linux-perl-124576"},{"num":124565,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2222","title":"[NEW] [high] Red Hat Enterprise Linux (python-pip): Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-8643"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2222","csirts_url":"https://www.csirts.com/advisory/new-high-red-hat-enterprise-linux-python-124565"},{"num":1296,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2189","title":"[NEW] [high] Dell PowerProtect Data Domain: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-24903","CVE-2022-28948","CVE-2025-0840","CVE-2025-10148","CVE-2025-10158","CVE-2025-10966","CVE-2025-11083","CVE-2025-11412","CVE-2025-11413","CVE-2025-11414","CVE-2025-11468","CVE-2025-1149","CVE-2025-11563","CVE-2025-1176","CVE-2025-1178","CVE-2025-1179","CVE-2025-1181","CVE-2025-1182","CVE-2025-12084","CVE-2025-12781","CVE-2025-1372","CVE-2025-13836","CVE-2025-13837","CVE-2025-14017","CVE-2025-14524","CVE-2025-14819","CVE-2025-15079","CVE-2025-15224","CVE-2025-15281","CVE-2025-15282","CVE-2025-15366","CVE-2025-15367","CVE-2025-24855","CVE-2025-27723","CVE-2025-3198","CVE-2025-35036","CVE-2025-46642","CVE-2025-47273","CVE-2025-48988","CVE-2025-48989","CVE-2025-49124","CVE-2025-49125","CVE-2025-49795","CVE-2025-49796","CVE-2025-50181","CVE-2025-52434","CVE-2025-5244","CVE-2025-5245","CVE-2025-52520","CVE-2025-53506","CVE-2025-53864","CVE-2025-55668","CVE-2025-55752","CVE-2025-55753","CVE-2025-55754","CVE-2025-58098","CVE-2025-58187","CVE-2025-58188","CVE-2025-59375","CVE-2025-59775"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2189","csirts_url":"https://www.csirts.com/advisory/new-high-dell-powerprotect-data-domain-1296"},{"num":86354,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2208","title":"[NEW] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-53359","CVE-2026-53360","CVE-2026-53361","CVE-2026-53362"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T08:26:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2208","csirts_url":"https://www.csirts.com/advisory/new-medium-linux-kernel-multiple-86354"},{"num":1528,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2173","title":"[UPDATE] [medium] ClamAV: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20213","CVE-2026-20214","CVE-2026-20215","CVE-2026-20216","CVE-2026-20217","CVE-2026-20243","CVE-2026-20244"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2173","csirts_url":"https://www.csirts.com/advisory/update-medium-clamav-multiple-1528"},{"num":1377,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2175","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-53326","CVE-2026-53327","CVE-2026-53328","CVE-2026-53329","CVE-2026-53330","CVE-2026-53331","CVE-2026-53332","CVE-2026-53333","CVE-2026-53334","CVE-2026-53335","CVE-2026-53336","CVE-2026-53337","CVE-2026-53338","CVE-2026-53339","CVE-2026-53340","CVE-2026-53341","CVE-2026-53342","CVE-2026-53343","CVE-2026-53344","CVE-2026-53345","CVE-2026-53346","CVE-2026-53347","CVE-2026-53348","CVE-2026-53349","CVE-2026-53350","CVE-2026-53351","CVE-2026-53352","CVE-2026-53353","CVE-2026-53354","CVE-2026-53355","CVE-2026-53356","CVE-2025-10263"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2175","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1377"},{"num":2229,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2142","title":"[UPDATE] [medium] Red Hat OpenShift Container Platform (protobufjs, fast-uri): Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-44494","CVE-2026-6322"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2142","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-openshift-container-2229"},{"num":1760,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2158","title":"[NEW] [medium] Linux Kernel: Vulnerability allows gaining administrator rights","severity":"medium","cvss":null,"cves":["CVE-2026-52943"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2158","csirts_url":"https://www.csirts.com/advisory/new-medium-linux-kernel-vulnerability-1760"},{"num":182559,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2133","title":"[UPDATE] [high] OpenClaw: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-59261"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2133","csirts_url":"https://www.csirts.com/advisory/update-high-openclaw-multiple-182559"},{"num":1402,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2143","title":"[UPDATE] [high] Google Chrome: Multiple vulnerabilities allow unspecified attack","severity":"high","cvss":null,"cves":["CVE-2026-13774","CVE-2026-13775","CVE-2026-13776","CVE-2026-13777","CVE-2026-13778","CVE-2026-13779","CVE-2026-13780","CVE-2026-13781","CVE-2026-13782","CVE-2026-13783","CVE-2026-13784","CVE-2026-13785","CVE-2026-13786","CVE-2026-13787","CVE-2026-13788","CVE-2026-13789","CVE-2026-13790","CVE-2026-13791","CVE-2026-13792","CVE-2026-13793","CVE-2026-13794","CVE-2026-13795","CVE-2026-13796","CVE-2026-13797","CVE-2026-13798","CVE-2026-13799","CVE-2026-13800","CVE-2026-13801","CVE-2026-13802","CVE-2026-13803","CVE-2026-13804","CVE-2026-13805","CVE-2026-13806","CVE-2026-13807","CVE-2026-13808","CVE-2026-13809","CVE-2026-13810","CVE-2026-13811","CVE-2026-13812","CVE-2026-13813","CVE-2026-13814","CVE-2026-13815","CVE-2026-13816","CVE-2026-13817","CVE-2026-13818","CVE-2026-13819","CVE-2026-13820","CVE-2026-13821","CVE-2026-13822","CVE-2026-13823","CVE-2026-13824","CVE-2026-13825","CVE-2026-13826","CVE-2026-13827","CVE-2026-13828","CVE-2026-13829","CVE-2026-13830","CVE-2026-13831","CVE-2026-13832","CVE-2026-13833"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2143","csirts_url":"https://www.csirts.com/advisory/update-high-google-chrome-multiple-1402"},{"num":81851,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2119","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-53278","CVE-2026-53279","CVE-2026-53280","CVE-2026-53281","CVE-2026-53282","CVE-2026-53283","CVE-2026-53284","CVE-2026-53285","CVE-2026-53286","CVE-2026-53287","CVE-2026-53288","CVE-2026-53289","CVE-2026-53290","CVE-2026-53291","CVE-2026-53292","CVE-2026-53293","CVE-2026-53294","CVE-2026-53295","CVE-2026-53296","CVE-2026-53297","CVE-2026-53298","CVE-2026-53299","CVE-2026-53300","CVE-2026-53301","CVE-2026-53302","CVE-2026-53303","CVE-2026-53304","CVE-2026-53305","CVE-2026-53306","CVE-2026-53307","CVE-2026-53308","CVE-2026-53309","CVE-2026-53310","CVE-2026-53311","CVE-2026-53312","CVE-2026-53313","CVE-2026-53314","CVE-2026-53315","CVE-2026-53316","CVE-2026-53317","CVE-2026-53318","CVE-2026-53319","CVE-2026-53320","CVE-2026-53321","CVE-2026-53322","CVE-2026-53323","CVE-2026-53324","CVE-2026-53325"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2119","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81851"},{"num":182560,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2123","title":"[UPDATE] [medium] Apache Tomcat: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-50229","CVE-2026-53404","CVE-2026-53434","CVE-2026-55276","CVE-2026-55955","CVE-2026-55956","CVE-2026-55957"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T08:26:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2123","csirts_url":"https://www.csirts.com/advisory/update-medium-apache-tomcat-multiple-182560"},{"num":182563,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2090","title":"[UPDATE] [medium] OpenCTI: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-35210"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2090","csirts_url":"https://www.csirts.com/advisory/update-medium-opencti-vulnerability-182563"},{"num":182562,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2093","title":"[UPDATE] [high] Keycloak: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-11800","CVE-2026-9083","CVE-2026-9086","CVE-2026-9099","CVE-2026-9705","CVE-2026-9799","CVE-2026-9800"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2093","csirts_url":"https://www.csirts.com/advisory/update-high-keycloak-multiple-182562"},{"num":182564,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2096","title":"[UPDATE] [high] Fluentd: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-44024","CVE-2026-44025","CVE-2026-44160","CVE-2026-44161"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:26:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2096","csirts_url":"https://www.csirts.com/advisory/update-high-fluentd-multiple-182564"},{"num":81864,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2200","title":"[NEW] [high] Microsoft Edge: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-45488","CVE-2026-45489","CVE-2026-55945","CVE-2026-56645","CVE-2026-56646","CVE-2026-57974","CVE-2026-57975","CVE-2026-57977","CVE-2026-57981","CVE-2026-57983","CVE-2026-57984","CVE-2026-57985","CVE-2026-57986","CVE-2026-57987","CVE-2026-57988","CVE-2026-57991","CVE-2026-57992","CVE-2026-57993","CVE-2026-58276","CVE-2026-58278","CVE-2026-58282","CVE-2026-58283","CVE-2026-58284","CVE-2026-58285","CVE-2026-58286","CVE-2026-58287","CVE-2026-58288","CVE-2026-58289","CVE-2026-58290","CVE-2026-58291","CVE-2026-58292","CVE-2026-58293","CVE-2026-58294","CVE-2026-58295","CVE-2026-58296","CVE-2026-58297","CVE-2026-58298","CVE-2026-58299","CVE-2026-58300","CVE-2026-58522","CVE-2026-58524","CVE-2026-58597"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:21:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2200","csirts_url":"https://www.csirts.com/advisory/new-high-microsoft-edge-multiple-81864"},{"num":183197,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8492-4","title":"USN-8492-4: Linux kernel (Raspberry Pi) vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2025-40005","CVE-2025-71229","CVE-2025-71231","CVE-2025-71232","CVE-2025-71233","CVE-2025-71235","CVE-2025-71236","CVE-2025-71237","CVE-2025-71238","CVE-2025-71239","CVE-2025-71265","CVE-2025-71266","CVE-2025-71267","CVE-2025-71272","CVE-2025-71273","CVE-2025-71274","CVE-2025-71286","CVE-2025-71291","CVE-2025-71292","CVE-2025-71294","CVE-2025-71295","CVE-2025-71297","CVE-2025-71304","CVE-2025-71305","CVE-2026-23100","CVE-2026-23169","CVE-2026-23220","CVE-2026-23221","CVE-2026-23222","CVE-2026-23228","CVE-2026-23229","CVE-2026-23230","CVE-2026-23233","CVE-2026-23234","CVE-2026-23235","CVE-2026-23236","CVE-2026-23237","CVE-2026-23238","CVE-2026-23241","CVE-2026-23242","CVE-2026-23243","CVE-2026-23249","CVE-2026-23266","CVE-2026-23267","CVE-2026-23272","CVE-2026-23278","CVE-2026-23392","CVE-2026-23428","CVE-2026-23450","CVE-2026-23455","CVE-2026-31402","CVE-2026-31411","CVE-2026-31418","CVE-2026-31436","CVE-2026-31448","CVE-2026-31478","CVE-2026-31607","CVE-2026-31637","CVE-2026-31649","CVE-2026-31657","CVE-2026-31659","CVE-2026-31668","CVE-2026-31669","CVE-2026-31682","CVE-2026-31685","CVE-2026-31687","CVE-2026-31693","CVE-2026-43011","CVE-2026-43037","CVE-2026-43038","CVE-2026-43071","CVE-2026-43114","CVE-2026-43117","CVE-2026-43123","CVE-2026-43124","CVE-2026-43128","CVE-2026-43130","CVE-2026-43132","CVE-2026-43133","CVE-2026-43134","CVE-2026-43135","CVE-2026-43136","CVE-2026-43137","CVE-2026-43139","CVE-2026-43140","CVE-2026-43141","CVE-2026-43143","CVE-2026-43145","CVE-2026-43147","CVE-2026-43148","CVE-2026-43149","CVE-2026-43150","CVE-2026-43152","CVE-2026-43153","CVE-2026-43156","CVE-2026-43157","CVE-2026-43158","CVE-2026-43159","CVE-2026-43163","CVE-2026-43167","CVE-2026-43168","CVE-2026-43169","CVE-2026-43170","CVE-2026-43171","CVE-2026-43173","CVE-2026-43175","CVE-2026-43180","CVE-2026-43182","CVE-2026-43183","CVE-2026-43184","CVE-2026-43186","CVE-2026-43187","CVE-2026-43189","CVE-2026-43190","CVE-2026-43194","CVE-2026-43196","CVE-2026-43199","CVE-2026-43200","CVE-2026-43201","CVE-2026-43202","CVE-2026-43203","CVE-2026-43205","CVE-2026-43206","CVE-2026-43207","CVE-2026-43209","CVE-2026-43211","CVE-2026-43212","CVE-2026-43214","CVE-2026-43215","CVE-2026-43218","CVE-2026-43221","CVE-2026-43222","CVE-2026-43223","CVE-2026-43225","CVE-2026-43226","CVE-2026-43227","CVE-2026-43230","CVE-2026-43231","CVE-2026-43232","CVE-2026-43233","CVE-2026-43236","CVE-2026-43238","CVE-2026-43239","CVE-2026-43241","CVE-2026-43242","CVE-2026-43244","CVE-2026-43246","CVE-2026-43248","CVE-2026-43249","CVE-2026-43250","CVE-2026-43251","CVE-2026-43253","CVE-2026-43255","CVE-2026-43256","CVE-2026-43257","CVE-2026-43258","CVE-2026-43261","CVE-2026-43262","CVE-2026-43264","CVE-2026-43266","CVE-2026-43268","CVE-2026-43269","CVE-2026-43270","CVE-2026-43271","CVE-2026-43273","CVE-2026-43275","CVE-2026-43277","CVE-2026-43278","CVE-2026-43279","CVE-2026-43283","CVE-2026-43287","CVE-2026-43288","CVE-2026-43289","CVE-2026-43291","CVE-2026-43295","CVE-2026-43296","CVE-2026-43297","CVE-2026-43300","CVE-2026-43302","CVE-2026-43304","CVE-2026-43312","CVE-2026-43313","CVE-2026-43314","CVE-2026-43315","CVE-2026-43316","CVE-2026-43317","CVE-2026-43318","CVE-2026-43319","CVE-2026-43320","CVE-2026-43341","CVE-2026-43378","CVE-2026-43383","CVE-2026-43384","CVE-2026-43406","CVE-2026-43407","CVE-2026-43414","CVE-2026-43493","CVE-2026-43501","CVE-2026-45847","CVE-2026-45848","CVE-2026-45849","CVE-2026-45851","CVE-2026-45852","CVE-2026-45856","CVE-2026-45857","CVE-2026-45859","CVE-2026-45860","CVE-2026-45861","CVE-2026-45862","CVE-2026-45864","CVE-2026-45865","CVE-2026-45866","CVE-2026-45867","CVE-2026-45868","CVE-2026-45869","CVE-2026-45870","CVE-2026-45871","CVE-2026-45872","CVE-2026-45873","CVE-2026-45875","CVE-2026-45877","CVE-2026-45878","CVE-2026-45879","CVE-2026-45880","CVE-2026-45881","CVE-2026-45882","CVE-2026-45883","CVE-2026-45884","CVE-2026-45885","CVE-2026-45886","CVE-2026-45890","CVE-2026-45891","CVE-2026-45893","CVE-2026-45895","CVE-2026-45902","CVE-2026-45904","CVE-2026-45905","CVE-2026-45910","CVE-2026-45912","CVE-2026-45913","CVE-2026-45914","CVE-2026-45915","CVE-2026-45916","CVE-2026-45917","CVE-2026-45919","CVE-2026-45921","CVE-2026-45923","CVE-2026-45928","CVE-2026-45935","CVE-2026-45936","CVE-2026-45938","CVE-2026-45941","CVE-2026-45946","CVE-2026-45947","CVE-2026-45948","CVE-2026-45954","CVE-2026-45957","CVE-2026-45960","CVE-2026-45962","CVE-2026-45964","CVE-2026-45965","CVE-2026-45968","CVE-2026-45969","CVE-2026-45970","CVE-2026-45972","CVE-2026-45973","CVE-2026-45974","CVE-2026-45976","CVE-2026-45978","CVE-2026-45981","CVE-2026-45982","CVE-2026-45983","CVE-2026-45984","CVE-2026-45988","CVE-2026-46043","CVE-2026-46115","CVE-2026-46119","CVE-2026-46135","CVE-2026-46185","CVE-2026-46195","CVE-2026-46243","CVE-2026-46244","CVE-2026-46246","CVE-2026-46247","CVE-2026-46249","CVE-2026-46250","CVE-2026-46251","CVE-2026-46253","CVE-2026-46254","CVE-2026-46255","CVE-2026-46259","CVE-2026-46260","CVE-2026-46261","CVE-2026-46265","CVE-2026-46266","CVE-2026-46267","CVE-2026-46270","CVE-2026-46289","CVE-2026-46328"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T08:10:03+00:00","link":"https://ubuntu.com/security/notices/USN-8492-4","csirts_url":"https://www.csirts.com/advisory/usn-8492-4-linux-kernel-raspberry-pi-183197"},{"num":183198,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8490-2","title":"USN-8490-2: Linux kernel (Raspberry Pi) vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-22984","CVE-2026-23272","CVE-2026-23278","CVE-2026-23392","CVE-2026-23427","CVE-2026-23428","CVE-2026-23450","CVE-2026-23455","CVE-2026-31402","CVE-2026-31418","CVE-2026-31436","CVE-2026-31448","CVE-2026-31478","CVE-2026-31607","CVE-2026-31635","CVE-2026-31637","CVE-2026-31649","CVE-2026-31657","CVE-2026-31659","CVE-2026-31668","CVE-2026-31669","CVE-2026-31682","CVE-2026-31685","CVE-2026-31718","CVE-2026-43011","CVE-2026-43037","CVE-2026-43038","CVE-2026-43071","CVE-2026-43083","CVE-2026-43114","CVE-2026-43117","CVE-2026-43125","CVE-2026-43186","CVE-2026-43197","CVE-2026-43304","CVE-2026-43341","CVE-2026-43376","CVE-2026-43378","CVE-2026-43383","CVE-2026-43384","CVE-2026-43402","CVE-2026-43406","CVE-2026-43407","CVE-2026-43414","CVE-2026-43493","CVE-2026-43501","CVE-2026-45898","CVE-2026-45988","CVE-2026-46039","CVE-2026-46043","CVE-2026-46115","CVE-2026-46119","CVE-2026-46135","CVE-2026-46185","CVE-2026-46195","CVE-2026-46243","CVE-2026-46244","CVE-2026-46266","CVE-2026-46289","CVE-2026-46316","CVE-2026-46325"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T07:55:55+00:00","link":"https://ubuntu.com/security/notices/USN-8490-2","csirts_url":"https://www.csirts.com/advisory/usn-8490-2-linux-kernel-raspberry-pi-183198"},{"num":182566,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1891","title":"[UPDATE] [medium] Joomla: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-27185","CVE-2024-27184","CVE-2024-27186","CVE-2024-27187","CVE-2024-40743"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T07:11:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1891","csirts_url":"https://www.csirts.com/advisory/update-medium-joomla-multiple-182566"},{"num":182567,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1688","title":"[UPDATE] [medium] Joomla: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-25900","CVE-2026-25901","CVE-2026-30894","CVE-2026-30895","CVE-2026-35220","CVE-2026-35221","CVE-2026-35222","CVE-2026-35223","CVE-2026-40383","CVE-2026-40384","CVE-2026-48896","CVE-2026-48897","CVE-2026-48898","CVE-2026-48899","CVE-2026-48900","CVE-2026-48901","CVE-2026-48902","CVE-2026-48903","CVE-2026-48904","CVE-2026-48905"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T07:06:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1688","csirts_url":"https://www.csirts.com/advisory/update-medium-joomla-multiple-182567"},{"num":182568,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2132","title":"[UPDATE] [high] NATS Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-58207","CVE-2026-58208","CVE-2026-58209","CVE-2026-58210","CVE-2026-58211","CVE-2026-58213","CVE-2026-58214","CVE-2026-58250","CVE-2026-58251","CVE-2026-58252","CVE-2026-58253","CVE-2026-58254"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T06:56:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2132","csirts_url":"https://www.csirts.com/advisory/update-high-nats-server-multiple-182568"},{"num":19637,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN48718197/","title":"Reflected cross-site scripting vulnerability in multiple laser printers and MFPs which implement Ricoh Web Image Monitor","severity":"unknown","cvss":null,"cves":["CVE-2026-56809"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T06:00:00+00:00","link":"https://jvn.jp/en/jp/JVN48718197/","csirts_url":"https://www.csirts.com/advisory/reflected-cross-site-scripting-19637"},{"num":182569,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1829","title":"[UPDATE] [critical] Wazuh Manager: Vulnerability allows privilege escalation","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T05:46:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1829","csirts_url":"https://www.csirts.com/advisory/update-critical-wazuh-manager-182569"},{"num":178443,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities_20260709","title":"Juniper Junos OS Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2020-7450","CVE-2026-21901","CVE-2026-33794","CVE-2026-33799","CVE-2026-33800","CVE-2026-33801","CVE-2026-33802","CVE-2026-33803","CVE-2026-57019","CVE-2026-57020","CVE-2026-57021","CVE-2026-57022","CVE-2026-57023","CVE-2026-57024","CVE-2026-57025","CVE-2026-57026","CVE-2026-57027","CVE-2026-57028","CVE-2026-57029","CVE-2026-57030","CVE-2026-57031","CVE-2026-57032","CVE-2026-57054"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/juniper-junos-os-multiple-vulnerabilities_20260709","csirts_url":"https://www.csirts.com/advisory/juniper-junos-os-multiple-vulnerabilities-178443"},{"num":178442,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260709","title":"Google Chrome Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-15107","CVE-2026-15108","CVE-2026-15109","CVE-2026-15110","CVE-2026-15111","CVE-2026-15112","CVE-2026-15113","CVE-2026-15114","CVE-2026-15115","CVE-2026-15116","CVE-2026-15117","CVE-2026-15118","CVE-2026-15119","CVE-2026-15120","CVE-2026-15121","CVE-2026-15122","CVE-2026-15123","CVE-2026-15124","CVE-2026-15125","CVE-2026-15126","CVE-2026-15127","CVE-2026-15128","CVE-2026-15129","CVE-2026-15130","CVE-2026-15131","CVE-2026-15132","CVE-2026-15133"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260709","csirts_url":"https://www.csirts.com/advisory/google-chrome-multiple-vulnerabilities-178442"},{"num":178444,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/palo-alto-products-multiple-vulnerabilities_20260709","title":"Palo Alto Products Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-0279","CVE-2026-0280","CVE-2026-0281","CVE-2026-0282","CVE-2026-0283","CVE-2026-0284","CVE-2026-0285","CVE-2026-0286","CVE-2026-0287","CVE-2026-0288"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/palo-alto-products-multiple-vulnerabilities_20260709","csirts_url":"https://www.csirts.com/advisory/palo-alto-products-multiple-178444"},{"num":187129,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0848/","title":"Multiple vulnerabilities in Google Chrome (July 09, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-15118","CVE-2026-15125","CVE-2026-15130","CVE-2026-15120","CVE-2026-15112","CVE-2026-15115","CVE-2026-15121","CVE-2026-15124","CVE-2026-15109","CVE-2026-15110","CVE-2026-15128","CVE-2026-15117","CVE-2026-15129","CVE-2026-15116","CVE-2026-15131","CVE-2026-15108","CVE-2026-15123","CVE-2026-15122","CVE-2026-15133","CVE-2026-15113","CVE-2026-15114","CVE-2026-15127","CVE-2026-15107","CVE-2026-15126","CVE-2026-15119","CVE-2026-15111","CVE-2026-15132"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0848/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-google-chrome-187129"},{"num":187136,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0855/","title":"Multiple vulnerabilities in Microsoft Azure Linux (July 09, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-53138","CVE-2026-53163","CVE-2026-53361","CVE-2026-53362","CVE-2026-53157","CVE-2026-52909","CVE-2026-53325","CVE-2026-53151","CVE-2026-52928"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0855/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-187136"},{"num":187133,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0852/","title":"Multiple vulnerabilities in Juniper Networks products (July 09, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-57022","CVE-2026-57028","CVE-2020-7450","CVE-2026-33801","CVE-2026-57029","CVE-2026-57023","CVE-2026-57026","CVE-2026-57019","CVE-2026-21901","CVE-2026-33799","CVE-2026-57025","CVE-2026-57031","CVE-2026-57021","CVE-2026-57030","CVE-2026-57054","CVE-2026-57024","CVE-2026-33802","CVE-2026-57020","CVE-2026-33803","CVE-2026-33800","CVE-2026-57027","CVE-2026-33794","CVE-2026-57032"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0852/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-juniper-187133"},{"num":187131,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0850/","title":"Multiple vulnerabilities in GitLab (July 09, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-6352","CVE-2026-7492","CVE-2026-13151","CVE-2025-12506","CVE-2026-6896","CVE-2026-8472","CVE-2026-13320","CVE-2026-11827"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0850/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-gitlab-july-187131"},{"num":187135,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0854/","title":"Vulnerability in Microsoft Edge (July 09, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-58525"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0854/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-microsoft-edge-july-09-187135"},{"num":187134,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0853/","title":"Multiple vulnerabilities in Palo Alto Networks products (July 09, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-10927","CVE-2026-10991","CVE-2026-11637","CVE-2026-11239","CVE-2026-11182","CVE-2026-10986","CVE-2026-10955","CVE-2026-11144","CVE-2026-0281","CVE-2026-11041","CVE-2026-10902","CVE-2026-11047","CVE-2026-10892","CVE-2026-11153","CVE-2026-11221","CVE-2026-0283","CVE-2026-10981","CVE-2026-10958","CVE-2026-11693","CVE-2026-10967","CVE-2026-11229","CVE-2026-11057","CVE-2026-11139","CVE-2026-11204","CVE-2026-11175","CVE-2026-11023","CVE-2026-11250","CVE-2026-10968","CVE-2026-10896","CVE-2026-11071","CVE-2026-11238","CVE-2026-11274","CVE-2026-11200","CVE-2026-10915","CVE-2026-11257","CVE-2026-11011","CVE-2026-11049","CVE-2026-12031","CVE-2026-10923","CVE-2026-11070","CVE-2026-11101","CVE-2026-10946","CVE-2026-11016","CVE-2026-11236","CVE-2026-11108","CVE-2026-10912","CVE-2026-11098","CVE-2026-11086","CVE-2026-11122","CVE-2026-11267","CVE-2026-11279","CVE-2026-11668","CVE-2026-12019","CVE-2026-10911","CVE-2026-10944","CVE-2026-10922","CVE-2026-11189","CVE-2026-11044","CVE-2026-10995","CVE-2026-11186"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0853/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-palo-alto-187134"},{"num":187132,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0851/","title":"Multiple vulnerabilities in Traefik (July 09, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0851/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-traefik-july-187132"},{"num":187130,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0849/","title":"Multiple vulnerabilities in Wireshark (July 09, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-15163","CVE-2026-15167","CVE-2026-15171","CVE-2026-15169","CVE-2026-15168","CVE-2026-15173","CVE-2026-15174","CVE-2026-15170","CVE-2026-15165","CVE-2026-15164","CVE-2026-15172","CVE-2026-15166"],"exploited":false,"has_exploit":false,"published_at":"2026-07-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0849/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-wireshark-187130"},{"num":161253,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0279","title":"CVE-2026-0279 PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities (Severity: LOW)","severity":"low","cvss":null,"cves":["CVE-2026-0279"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T20:30:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0279","csirts_url":"https://www.csirts.com/advisory/cve-2026-0279-161253"},{"num":169589,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/progress-security-advisory-av26-678","title":"Progress security advisory (AV26-678)","severity":"critical","cvss":null,"cves":["CVE-2026-10699","CVE-2026-10698","CVE-2026-11903"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T20:01:04+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/progress-security-advisory-av26-678","csirts_url":"https://www.csirts.com/advisory/progress-security-advisory-av26-678-169589"},{"num":165344,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/gitlab-security-advisory-av26-677","title":"GitLab security advisory (AV26-677)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T19:04:15+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/gitlab-security-advisory-av26-677","csirts_url":"https://www.csirts.com/advisory/gitlab-security-advisory-av26-677-165344"},{"num":165345,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-676","title":"Drupal security advisory (AV26-676)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T19:00:23+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-676","csirts_url":"https://www.csirts.com/advisory/drupal-security-advisory-av26-676-165345"},{"num":165346,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/juniper-networks-security-advisory-av26-675","title":"Juniper Networks security advisory (AV26-675)","severity":"unknown","cvss":null,"cves":["CVE-2020-7450","CVE-2026-33799"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T17:57:34+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/juniper-networks-security-advisory-av26-675","csirts_url":"https://www.csirts.com/advisory/juniper-networks-security-advisory-av26-165346"},{"num":165347,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/palo-alto-networks-security-advisory-av26-674","title":"Palo Alto Networks security advisory (AV26-674)","severity":"unknown","cvss":null,"cves":["CVE-2026-0288"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T17:34:16+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/palo-alto-networks-security-advisory-av26-674","csirts_url":"https://www.csirts.com/advisory/palo-alto-networks-security-advisory-av26-165347"},{"num":174395,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8518-1","title":"USN-8518-1: mailcap vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2026-10037"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T17:15:41+00:00","link":"https://ubuntu.com/security/notices/USN-8518-1","csirts_url":"https://www.csirts.com/advisory/usn-8518-1-mailcap-vulnerability-174395"},{"num":161250,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0286","title":"CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0286"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0286","csirts_url":"https://www.csirts.com/advisory/cve-2026-0286-161250"},{"num":161255,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0288","title":"CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent (Severity: HIGH)","severity":"high","cvss":null,"cves":["CVE-2026-0288"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0288","csirts_url":"https://www.csirts.com/advisory/cve-2026-0288-161255"},{"num":161258,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0283","title":"CVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN) (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0283"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0283","csirts_url":"https://www.csirts.com/advisory/cve-2026-0283-161258"},{"num":161248,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0284","title":"CVE-2026-0284 PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN) (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0284"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0284","csirts_url":"https://www.csirts.com/advisory/cve-2026-0284-161248"},{"num":161256,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0282","title":"CVE-2026-0282 PAN-OS: File Deletion Vulnerability in Management Web Interface (Severity: LOW)","severity":"low","cvss":null,"cves":["CVE-2026-0282"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0282","csirts_url":"https://www.csirts.com/advisory/cve-2026-0282-161256"},{"num":161252,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0278","title":"CVE-2026-0278 Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0278"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0278","csirts_url":"https://www.csirts.com/advisory/cve-2026-0278-161252"},{"num":161249,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0280","title":"CVE-2026-0280 PAN-OS: IPv6 Firewall Policy Bypass (Severity: LOW)","severity":"low","cvss":null,"cves":["CVE-2026-0280"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0280","csirts_url":"https://www.csirts.com/advisory/cve-2026-0280-161249"},{"num":161257,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0276","title":"CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability (Severity: LOW)","severity":"low","cvss":null,"cves":["CVE-2026-0276"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0276","csirts_url":"https://www.csirts.com/advisory/cve-2026-0276-161257"},{"num":161254,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0285","title":"CVE-2026-0285 PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0285"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0285","csirts_url":"https://www.csirts.com/advisory/cve-2026-0285-161254"},{"num":161146,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-notice-ILh3ZrP5","title":"Cisco Advance Notification for Publication of July 15, 2026, Security Advisories","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-notice-ILh3ZrP5?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Advance%20Notification%20for%20Publication%20of%20July%2015,%202026,%20Security%20Advisories%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-advance-notification-for-161146"},{"num":161259,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/PAN-SA-2026-0010","title":"PAN-SA-2026-0010 Chromium and Prisma Browser: Monthly Vulnerability Update (July 2026) (Severity: HIGH)","severity":"high","cvss":null,"cves":["CVE-2026-10881","CVE-2026-10882","CVE-2026-10883","CVE-2026-10884","CVE-2026-10885","CVE-2026-10886","CVE-2026-10887","CVE-2026-10888","CVE-2026-10889","CVE-2026-10890","CVE-2026-10891","CVE-2026-10892","CVE-2026-10893","CVE-2026-10894","CVE-2026-10895","CVE-2026-10896","CVE-2026-10897","CVE-2026-10898","CVE-2026-10899","CVE-2026-10900","CVE-2026-10901","CVE-2026-10902","CVE-2026-10903","CVE-2026-10904","CVE-2026-10905","CVE-2026-10906","CVE-2026-10907","CVE-2026-10908","CVE-2026-10909","CVE-2026-10910","CVE-2026-10911","CVE-2026-10912","CVE-2026-10913","CVE-2026-10914","CVE-2026-10915","CVE-2026-10916","CVE-2026-10917","CVE-2026-10918","CVE-2026-10919","CVE-2026-10920","CVE-2026-10921","CVE-2026-10922","CVE-2026-10923","CVE-2026-10924","CVE-2026-10925","CVE-2026-10926","CVE-2026-10927","CVE-2026-10928","CVE-2026-10929","CVE-2026-10930","CVE-2026-10931","CVE-2026-10932","CVE-2026-10933","CVE-2026-10934","CVE-2026-10935","CVE-2026-10936","CVE-2026-10937","CVE-2026-10938","CVE-2026-10939","CVE-2026-10940"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/PAN-SA-2026-0010","csirts_url":"https://www.csirts.com/advisory/pan-sa-2026-0010-chromium-and-prisma-161259"},{"num":161246,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0287","title":"CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0287"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0287","csirts_url":"https://www.csirts.com/advisory/cve-2026-0287-161246"},{"num":161251,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0281","title":"CVE-2026-0281 PAN-OS: Information Disclosure Vulnerability in Management Web Interface (Severity: LOW)","severity":"low","cvss":null,"cves":["CVE-2026-0281"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0281","csirts_url":"https://www.csirts.com/advisory/cve-2026-0281-161251"},{"num":161247,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0277","title":"CVE-2026-0277 Prisma Access Agent: Improper Certificate Validation on iOS (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0277"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0277","csirts_url":"https://www.csirts.com/advisory/cve-2026-0277-161247"},{"num":161051,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/tanium-security-advisory-av26-673","title":"Tanium security advisory (AV26-673)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T15:50:04+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/tanium-security-advisory-av26-673","csirts_url":"https://www.csirts.com/advisory/tanium-security-advisory-av26-673-161051"},{"num":161052,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/n8n-security-advisory-av26-672","title":"n8n security advisory (AV26-672)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T15:22:10+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/n8n-security-advisory-av26-672","csirts_url":"https://www.csirts.com/advisory/n8n-security-advisory-av26-672-161052"},{"num":161053,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/cyber-n8n-security-advisory-av26-672","title":"Ubiquiti security advisory (AV26-671)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T15:16:36+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/cyber-n8n-security-advisory-av26-672","csirts_url":"https://www.csirts.com/advisory/ubiquiti-security-advisory-av26-671-161053"},{"num":170027,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8517-1","title":"USN-8517-1: ClamAV vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-20213","CVE-2026-20214","CVE-2026-20217","CVE-2026-20215","CVE-2026-20216","CVE-2026-20243","CVE-2026-20244"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T14:07:06+00:00","link":"https://ubuntu.com/security/notices/USN-8517-1","csirts_url":"https://www.csirts.com/advisory/usn-8517-1-clamav-vulnerabilities-170027"},{"num":170028,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8516-1","title":"USN-8516-1: Apache HTTP Server vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-29167","CVE-2026-29170","CVE-2026-34355","CVE-2026-34356","CVE-2026-42535","CVE-2026-42536","CVE-2026-43951","CVE-2026-44119","CVE-2026-44185","CVE-2026-44186","CVE-2026-44631","CVE-2026-48913"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T13:49:49+00:00","link":"https://ubuntu.com/security/notices/USN-8516-1","csirts_url":"https://www.csirts.com/advisory/usn-8516-1-apache-http-server-170028"},{"num":156746,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/langflow-security-advisory-av26-670","title":"Langflow security advisory (AV26-670)","severity":"unknown","cvss":null,"cves":["CVE-2026-55255"],"exploited":true,"has_exploit":true,"published_at":"2026-07-08T13:05:23+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/langflow-security-advisory-av26-670","csirts_url":"https://www.csirts.com/advisory/langflow-security-advisory-av26-670-156746"},{"num":156391,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2242","title":"[NEW] [high] IBM Operational Decision Manager: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-10532","CVE-2026-45292","CVE-2026-47065","CVE-2026-9828"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T11:51:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2242","csirts_url":"https://www.csirts.com/advisory/new-high-ibm-operational-decision-manager-156391"},{"num":1789,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1544","title":"[UPDATE] [high] PostgreSQL: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-6472","CVE-2026-6473","CVE-2026-6474","CVE-2026-6475","CVE-2026-6476","CVE-2026-6477","CVE-2026-6478","CVE-2026-6479","CVE-2026-6575","CVE-2026-6637","CVE-2026-6638"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T10:31:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1544","csirts_url":"https://www.csirts.com/advisory/update-high-postgresql-multiple-1789"},{"num":885,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1771","title":"[UPDATE] [medium] Linux Kernel: Vulnerability allows privilege escalation","severity":"medium","cvss":null,"cves":["CVE-2026-46243"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T10:26:57+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1771","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-vulnerability-885"},{"num":152115,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2237","title":"[NEW] [high] ESRI ArcGIS: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-13019","CVE-2026-13020"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T09:11:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2237","csirts_url":"https://www.csirts.com/advisory/new-high-esri-arcgis-multiple-152115"},{"num":152114,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2238","title":"[NEW] [high] Joomla: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-48949","CVE-2026-48950","CVE-2026-48951","CVE-2026-48952","CVE-2026-48953","CVE-2026-48954","CVE-2026-48947","CVE-2026-48948","CVE-2026-48955","CVE-2026-48956","CVE-2026-48957","CVE-2026-48958"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T09:11:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2238","csirts_url":"https://www.csirts.com/advisory/new-high-joomla-multiple-vulnerabilities-152114"},{"num":152116,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2236","title":"[NEW] [medium] wget: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-58469","CVE-2026-58470","CVE-2026-58471","CVE-2026-58472"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T09:06:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2236","csirts_url":"https://www.csirts.com/advisory/new-medium-wget-multiple-vulnerabilities-152116"},{"num":152118,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2234","title":"[NEW] [low] FreeType: Vulnerability allows information disclosure","severity":"low","cvss":null,"cves":["CVE-2026-50811"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T09:06:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2234","csirts_url":"https://www.csirts.com/advisory/new-low-freetype-vulnerability-allows-152118"},{"num":152119,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2233","title":"[NEW] [medium] IBM WebSphere Application Server Liberty: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-9563"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T09:06:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2233","csirts_url":"https://www.csirts.com/advisory/new-medium-ibm-websphere-application-152119"},{"num":152120,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2232","title":"[NEW] [medium] IBM WebSphere Application Server: Vulnerability allows execution of actions","severity":"medium","cvss":null,"cves":["CVE-2026-8408"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T09:06:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2232","csirts_url":"https://www.csirts.com/advisory/new-medium-ibm-websphere-application-152120"},{"num":152121,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2231","title":"[NEW] [medium] Django: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-48588","CVE-2026-53877","CVE-2026-53878"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T08:41:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2231","csirts_url":"https://www.csirts.com/advisory/new-medium-django-multiple-vulnerabilities-152121"},{"num":147833,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2230","title":"[NEW] [high] ILIAS: Multiple vulnerabilities","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T08:31:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2230","csirts_url":"https://www.csirts.com/advisory/new-high-ilias-multiple-vulnerabilities-147833"},{"num":147834,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1445","title":"[UPDATE] [high] dpkg: Vulnerability allows information disclosure","severity":"high","cvss":null,"cves":["CVE-2025-6297"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T08:31:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1445","csirts_url":"https://www.csirts.com/advisory/update-high-dpkg-vulnerability-allows-147834"},{"num":147836,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2228","title":"[NEW] [medium] Red Hat Enterprise Linux (freeipmi): Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-50031"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T08:21:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2228","csirts_url":"https://www.csirts.com/advisory/new-medium-red-hat-enterprise-linux-147836"},{"num":147837,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2227","title":"[NEW] [medium] Red Hat JBoss Enterprise Application Platform (io.undertow.jastow): Vulnerability allows cross-site scripting","severity":"medium","cvss":null,"cves":["CVE-2025-12799"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T08:21:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2227","csirts_url":"https://www.csirts.com/advisory/new-medium-red-hat-jboss-enterprise-147837"},{"num":1673,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1760","title":"[UPDATE] [medium] ImageMagick: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-56377","CVE-2026-48724","CVE-2026-48733","CVE-2026-48734","CVE-2026-48994","CVE-2026-49218","CVE-2026-49219"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:32:21+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1760","csirts_url":"https://www.csirts.com/advisory/update-medium-imagemagick-multiple-1673"},{"num":147842,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1769","title":"[UPDATE] [medium] OpenSC: Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2026-10275"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:32:21+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1769","csirts_url":"https://www.csirts.com/advisory/update-medium-opensc-vulnerability-allows-147842"},{"num":453,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1715","title":"[UPDATE] [high] Fleet: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-44935","CVE-2026-44936","CVE-2026-44937","CVE-2026-44938"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:32:20+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1715","csirts_url":"https://www.csirts.com/advisory/update-high-fleet-multiple-vulnerabilities-453"},{"num":454,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1686","title":"[UPDATE] [high] Samba: Multiple vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-1933","CVE-2026-2340","CVE-2026-3012","CVE-2026-3238","CVE-2026-4408","CVE-2026-4480"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:32:19+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1686","csirts_url":"https://www.csirts.com/advisory/update-high-samba-multiple-vulnerabilities-454"},{"num":503,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1664","title":"[UPDATE] [medium] jq: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-47770"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:32:18+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1664","csirts_url":"https://www.csirts.com/advisory/update-medium-jq-multiple-vulnerabilities-503"},{"num":1305,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1567","title":"[UPDATE] [high] ImageMagick: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-46522","CVE-2026-56369","CVE-2026-56363","CVE-2026-42326","CVE-2026-45031","CVE-2026-45358","CVE-2026-45359","CVE-2026-45624","CVE-2026-45664","CVE-2026-46520","CVE-2026-46521","CVE-2026-46523","CVE-2026-46557","CVE-2026-46559"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:32:15+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1567","csirts_url":"https://www.csirts.com/advisory/update-high-imagemagick-multiple-1305"},{"num":1793,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1513","title":"[UPDATE] [high] Kiali for Red Hat OpenShift Service Mesh (Axios, Go, Follow-redirects): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-42033","CVE-2026-42035","CVE-2026-42039","CVE-2026-42041","CVE-2026-42043","CVE-2026-42044","CVE-2026-32280","CVE-2026-40895"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:32:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1513","csirts_url":"https://www.csirts.com/advisory/update-high-kiali-for-red-hat-openshift-1793"},{"num":969,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1371","title":"[UPDATE] [medium] jq: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-43896"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:31:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1371","csirts_url":"https://www.csirts.com/advisory/update-medium-jq-vulnerability-allows-969"},{"num":1446,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-31431","CVE-2026-31432","CVE-2026-31433","CVE-2026-43284","CVE-2026-43500"],"exploited":false,"has_exploit":true,"published_at":"2026-07-08T07:31:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1446"},{"num":147870,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2039","title":"[UPDATE] [medium] OpenSSH: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-55653","CVE-2026-55654","CVE-2026-55655"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:17:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2039","csirts_url":"https://www.csirts.com/advisory/update-medium-openssh-multiple-147870"},{"num":147871,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2037","title":"[UPDATE] [medium] libxml2: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-6653"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:17:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2037","csirts_url":"https://www.csirts.com/advisory/update-medium-libxml2-vulnerability-147871"},{"num":147874,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2008","title":"[UPDATE] [medium] expat: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-56131","CVE-2026-56132"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:17:16+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2008","csirts_url":"https://www.csirts.com/advisory/update-medium-expat-multiple-147874"},{"num":1737,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0950","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-23401","CVE-2026-23402","CVE-2026-23403","CVE-2026-23404","CVE-2026-23405","CVE-2026-23406","CVE-2026-23407","CVE-2026-23408","CVE-2026-23409","CVE-2026-23410","CVE-2026-23411"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:17:15+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0950","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1737"},{"num":81978,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0737","title":"[UPDATE] [medium] Gitea: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20909","CVE-2026-22547","CVE-2026-24690","CVE-2026-25712","CVE-2026-25718","CVE-2026-25779","CVE-2026-25782","CVE-2026-26232","CVE-2026-26247","CVE-2026-26292","CVE-2026-26307","CVE-2026-27657","CVE-2026-27660","CVE-2026-27779","CVE-2026-28705"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:17:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0737","csirts_url":"https://www.csirts.com/advisory/update-medium-gitea-multiple-81978"},{"num":147879,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0565","title":"[UPDATE] [medium] FreeType: Vulnerability allows unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-23865"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:17:13+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0565","csirts_url":"https://www.csirts.com/advisory/update-medium-freetype-vulnerability-147879"},{"num":147881,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1908","title":"[UPDATE] [medium] QEMU: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-48914"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:17:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1908","csirts_url":"https://www.csirts.com/advisory/update-medium-qemu-vulnerability-allows-147881"},{"num":147886,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0191","title":"[UPDATE] [low] ImageMagick: Vulnerability allows Denial of Service","severity":"low","cvss":null,"cves":["CVE-2026-53466","CVE-2026-56364"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:16:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0191","csirts_url":"https://www.csirts.com/advisory/update-low-imagemagick-vulnerability-147886"},{"num":147893,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1159","title":"[UPDATE] [medium] libxml2: Vulnerability allows information disclosure","severity":"medium","cvss":null,"cves":["CVE-2024-34459"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:16:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1159","csirts_url":"https://www.csirts.com/advisory/update-medium-libxml2-vulnerability-147893"},{"num":147894,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0485","title":"[UPDATE] [medium] MIT Kerberos: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2024-26458","CVE-2024-26461","CVE-2024-26462"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:16:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0485","csirts_url":"https://www.csirts.com/advisory/update-medium-mit-kerberos-multiple-147894"},{"num":147896,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0351","title":"[UPDATE] [critical] Apache log4j: Vulnerability allows code execution","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:16:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0351","csirts_url":"https://www.csirts.com/advisory/update-critical-apache-log4j-147896"},{"num":147898,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2226","title":"[UPDATE] [medium] Red Hat Enterprise Linux: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:16:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2226","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-147898"},{"num":124564,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2223","title":"[NEW] [medium] Apache Airflow: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-48828","CVE-2026-48891","CVE-2026-49487","CVE-2026-33264","CVE-2026-48892","CVE-2026-49296"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:11:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2223","csirts_url":"https://www.csirts.com/advisory/new-medium-apache-airflow-multiple-124564"},{"num":124575,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2219","title":"[NEW] [medium] GIMP: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-59089","CVE-2026-58382","CVE-2026-58388","CVE-2026-58387","CVE-2026-58386","CVE-2026-58385","CVE-2026-58384","CVE-2026-58383","CVE-2026-58380"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:11:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2219","csirts_url":"https://www.csirts.com/advisory/new-medium-gimp-multiple-vulnerabilities-124575"},{"num":119784,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2215","title":"[NEW] [high] BeyondTrust Privileged Remote Access and Remote Support: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-40140","CVE-2026-40141","CVE-2026-40138","CVE-2026-40139"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:11:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2215","csirts_url":"https://www.csirts.com/advisory/new-high-beyondtrust-privileged-remote-119784"},{"num":1892,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2141","title":"[UPDATE] [medium] Red Hat Enterprise Linux (rrdcached): Vulnerability allows code execution and DoS","severity":"medium","cvss":null,"cves":["CVE-2026-43958"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:11:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2141","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1892"},{"num":81873,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0995","title":"[UPDATE] [medium] OpenSSL: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-28386","CVE-2026-28387","CVE-2026-28388","CVE-2026-28389","CVE-2026-28390","CVE-2026-31789","CVE-2026-31790"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T07:11:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0995","csirts_url":"https://www.csirts.com/advisory/update-medium-openssl-multiple-81873"},{"num":147914,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2030","title":"[UPDATE] [high] Langflow: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-12822","CVE-2026-55255","CVE-2026-55423","CVE-2026-55446","CVE-2026-55447"],"exploited":false,"has_exploit":true,"published_at":"2026-07-08T06:41:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2030","csirts_url":"https://www.csirts.com/advisory/update-high-langflow-multiple-147914"},{"num":147915,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2086","title":"[UPDATE] [medium] Tenable Security Nessus: Multiple vulnerabilities allow SQL injection","severity":"medium","cvss":null,"cves":["CVE-2026-57587","CVE-2026-57588"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T06:41:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2086","csirts_url":"https://www.csirts.com/advisory/update-medium-tenable-security-nessus-147915"},{"num":124566,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2221","title":"[NEW] [medium] OpenSSH: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T05:56:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2221","csirts_url":"https://www.csirts.com/advisory/new-medium-openssh-multiple-124566"},{"num":147917,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1966","title":"[UPDATE] [medium] QNAP NAS: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-59382","CVE-2025-62858","CVE-2025-66273","CVE-2025-66279","CVE-2025-66280","CVE-2025-66281","CVE-2025-68405","CVE-2026-22893","CVE-2026-22899","CVE-2026-24720","CVE-2026-24724","CVE-2026-26239","CVE-2026-26240","CVE-2026-26241"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T05:41:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1966","csirts_url":"https://www.csirts.com/advisory/update-medium-qnap-nas-multiple-147917"},{"num":143929,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN62347140/","title":"Multiple vulnerabilities in the installer for Pupsman","severity":"unknown","cvss":null,"cves":["CVE-2026-56437","CVE-2026-57895"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN62347140/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-the-installer-143929"},{"num":143949,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/beyondtrust-products-multiple-vulnerabilities_20260708","title":"BeyondTrust Products Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-40138","CVE-2026-40139","CVE-2026-40140","CVE-2026-40141"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/beyondtrust-products-multiple-vulnerabilities_20260708","csirts_url":"https://www.csirts.com/advisory/beyondtrust-products-multiple-143949"},{"num":156679,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0846/","title":"Multiple vulnerabilities in HPE Aruba Networking products (July 08, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-40912","CVE-2026-44877","CVE-2026-39806","CVE-2026-39803"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0846/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-hpe-aruba-156679"},{"num":170037,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00295.html","title":"DSA-6384-1 chromium - security update","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00295.html","csirts_url":"https://www.csirts.com/advisory/dsa-6384-1-chromium-security-update-170037"},{"num":178814,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00296.html","title":"DSA-6385-1 pgextwlist - security update","severity":"unknown","cvss":null,"cves":["CVE-2023-39417"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00296.html","csirts_url":"https://www.csirts.com/advisory/dsa-6385-1-pgextwlist-security-update-178814"},{"num":165564,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","title":"GitLab Patch Release: 19.1.2, 19.0.4, 18.11.7","severity":"critical","cvss":null,"cves":["CVE-2026-6896","CVE-2026-13320","CVE-2026-11827","CVE-2026-8472","CVE-2026-7492","CVE-2025-12506","CVE-2026-13151","CVE-2026-6352"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-19-1-2-19-0-4-18-11-7-165564"},{"num":156680,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0847/","title":"Multiple vulnerabilities in Joomla! (July 08, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-48957","CVE-2026-48950","CVE-2026-48953","CVE-2026-48948","CVE-2026-48949","CVE-2026-48956","CVE-2026-48958","CVE-2026-48951","CVE-2026-48954","CVE-2026-48955","CVE-2026-48947","CVE-2026-48952"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0847/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-joomla-july-156680"},{"num":156678,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0845/","title":"Multiple vulnerabilities in Foxit products (July 08, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-57248","CVE-2026-57247","CVE-2026-57250","CVE-2026-57249","CVE-2026-57258","CVE-2026-57252","CVE-2026-13127","CVE-2026-57243","CVE-2026-57260","CVE-2026-57241","CVE-2026-57246","CVE-2026-57254","CVE-2026-57240","CVE-2026-57256","CVE-2026-57239","CVE-2026-57244","CVE-2026-13126","CVE-2026-13129","CVE-2026-57251","CVE-2026-57257","CVE-2026-57245","CVE-2026-57259","CVE-2026-57242","CVE-2026-57255","CVE-2026-57238","CVE-2026-13128","CVE-2026-57253","CVE-2026-57237"],"exploited":false,"has_exploit":false,"published_at":"2026-07-08T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0845/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-foxit-156678"},{"num":170108,"source_id":"aws","external_id":"1a720ff5e3d8d49c6ed341d954af78287387c967","title":"CVE-2026-14904 - Improper Link Resolution in Auth.GetUserPrivateKey in AWS Research and Engineering Studio","severity":"unknown","cvss":null,"cves":["CVE-2026-14904"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T21:39:56+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-053-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-14904-170108"},{"num":19583,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-647","title":"Adobe security advisory (AV26-647) – Update 2","severity":"critical","cvss":null,"cves":["CVE-2026-48282"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T19:49:45+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-647","csirts_url":"https://www.csirts.com/advisory/adobe-security-advisory-av26-647-update-2-19583"},{"num":134402,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-669","title":"Google Chrome security advisory (AV26-669)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T19:47:13+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-669","csirts_url":"https://www.csirts.com/advisory/google-chrome-security-advisory-av26-669-134402"},{"num":134403,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-668","title":"HPE security advisory (AV26-668)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T19:35:43+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-668","csirts_url":"https://www.csirts.com/advisory/hpe-security-advisory-av26-668-134403"},{"num":129673,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/zimbra-security-advisory-av26-667","title":"Zimbra security advisory (AV26-667)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T15:44:00+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/zimbra-security-advisory-av26-667","csirts_url":"https://www.csirts.com/advisory/zimbra-security-advisory-av26-667-129673"},{"num":129674,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/django-security-advisory-av26-666","title":"Django security advisory (AV26-666)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T15:40:38+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/django-security-advisory-av26-666","csirts_url":"https://www.csirts.com/advisory/django-security-advisory-av26-666-129674"},{"num":129675,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/samsung-mobile-security-advisory-av26-665","title":"Samsung mobile security advisory (AV26-665)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T15:37:11+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/samsung-mobile-security-advisory-av26-665","csirts_url":"https://www.csirts.com/advisory/samsung-mobile-security-advisory-av26-665-129675"},{"num":129676,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-664","title":"[Control systems] ABB security advisory (AV26-664)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T15:32:18+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-664","csirts_url":"https://www.csirts.com/advisory/control-systems-abb-security-advisory-129676"},{"num":129677,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-663","title":"Broadcom VMware security advisory (AV26-663)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T15:31:37+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-663","csirts_url":"https://www.csirts.com/advisory/broadcom-vmware-security-advisory-av26-663-129677"},{"num":129678,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/android-security-advisory-july-2026-monthly-rollup-av26-662","title":"Android security advisory – July 2026 monthly rollup (AV26-662)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T15:30:22+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/android-security-advisory-july-2026-monthly-rollup-av26-662","csirts_url":"https://www.csirts.com/advisory/android-security-advisory-july-2026-129678"},{"num":133986,"source_id":"cisa","external_id":"/node/25116","title":"CISA Adds Three Known Exploited Vulnerabilities to Catalog","severity":"high","cvss":null,"cves":["CVE-2026-48908","CVE-2026-55255","CVE-2026-56290"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/alerts/2026/07/07/cisa-adds-three-known-exploited-vulnerabilities-catalog","csirts_url":"https://www.csirts.com/advisory/cisa-adds-three-known-exploited-133986"},{"num":129258,"source_id":"cisa","external_id":"/node/25117","title":"Hydro-Québec Le Circuit Electrique charging station backend","severity":"critical","cvss":null,"cves":["CVE-2026-20744","CVE-2026-42952","CVE-2026-44383"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-01","csirts_url":"https://www.csirts.com/advisory/hydro-quebec-le-circuit-electrique-129258"},{"num":138736,"source_id":"cisa","external_id":"/node/25133","title":"CISA Adds One Known Exploited Vulnerability to Catalog","severity":"high","cvss":null,"cves":["CVE-2026-48282"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/alerts/2026/07/07/cisa-adds-one-known-exploited-vulnerability-catalog","csirts_url":"https://www.csirts.com/advisory/cisa-adds-one-known-exploited-138736"},{"num":129264,"source_id":"cisa","external_id":"/node/25121","title":"Siemens SINEC OS","severity":"critical","cvss":null,"cves":["CVE-2025-1352","CVE-2025-1376","CVE-2025-6052","CVE-2025-6141","CVE-2025-6170","CVE-2025-7039","CVE-2025-8732","CVE-2025-9086","CVE-2025-9230","CVE-2025-9231","CVE-2025-9232","CVE-2025-10966","CVE-2025-13465","CVE-2025-13601","CVE-2025-39913","CVE-2025-40214","CVE-2025-40248","CVE-2025-40250","CVE-2025-40251","CVE-2025-40252","CVE-2025-40254","CVE-2025-40257","CVE-2025-40258","CVE-2025-40261","CVE-2025-40262","CVE-2025-40263","CVE-2025-40264","CVE-2025-40271","CVE-2025-40278","CVE-2025-40280","CVE-2025-40281","CVE-2025-40345","CVE-2025-46394","CVE-2025-49794","CVE-2025-49795","CVE-2025-49796","CVE-2025-60876","CVE-2025-66035","CVE-2025-66382","CVE-2025-66412","CVE-2025-69720","CVE-2025-71185","CVE-2025-71186","CVE-2025-71188","CVE-2025-71189","CVE-2025-71190","CVE-2025-71191","CVE-2026-1484","CVE-2026-1489","CVE-2026-3784","CVE-2026-22610","CVE-2026-22976","CVE-2026-22977","CVE-2026-23025","CVE-2026-23026","CVE-2026-23030","CVE-2026-23031","CVE-2026-23032","CVE-2026-23033","CVE-2026-23037","CVE-2026-23038","CVE-2026-23111","CVE-2026-23112","CVE-2026-23220","CVE-2026-23222","CVE-2026-23228","CVE-2026-23229","CVE-2026-23230","CVE-2026-23231","CVE-2026-23236","CVE-2026-23238","CVE-2026-24515","CVE-2026-25210","CVE-2026-26157","CVE-2026-26158","CVE-2026-35535","CVE-2026-41918"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-05","csirts_url":"https://www.csirts.com/advisory/siemens-sinec-os-129264"},{"num":129263,"source_id":"cisa","external_id":"/node/25118","title":"Hitachi Energy PROMOD V","severity":"critical","cvss":null,"cves":["CVE-2026-10763"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-02","csirts_url":"https://www.csirts.com/advisory/hitachi-energy-promod-v-129263"},{"num":129259,"source_id":"cisa","external_id":"/node/25120","title":"Siemens Mendix Studio Pro","severity":"critical","cvss":null,"cves":["CVE-2026-48192"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-04","csirts_url":"https://www.csirts.com/advisory/siemens-mendix-studio-pro-129259"},{"num":124542,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/cyber-shield-the-path-to-an-agentic-ai-future-for-cyber-defence","title":"Cyber Shield: The path to an agentic AI future for cyber defence","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/cyber-shield-the-path-to-an-agentic-ai-future-for-cyber-defence","csirts_url":"https://www.csirts.com/advisory/cyber-shield-the-path-to-an-agentic-ai-124542"},{"num":129261,"source_id":"cisa","external_id":"/node/25119","title":"Hitachi Energy e-mesh EMS","severity":"critical","cvss":null,"cves":["CVE-2026-42945"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-03","csirts_url":"https://www.csirts.com/advisory/hitachi-energy-e-mesh-ems-129261"},{"num":129260,"source_id":"cisa","external_id":"/node/25123","title":"Digi International PortServer TS, Digi One SP IA","severity":"critical","cvss":null,"cves":["CVE-2026-12352","CVE-2026-12948"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-07","csirts_url":"https://www.csirts.com/advisory/digi-international-portserver-ts-digi-one-129260"},{"num":129262,"source_id":"cisa","external_id":"/node/25122","title":"Labcenter Proteus 9","severity":"critical","cvss":null,"cves":["CVE-2026-42953","CVE-2026-49033","CVE-2026-42958"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-06","csirts_url":"https://www.csirts.com/advisory/labcenter-proteus-9-129262"},{"num":124563,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2224","title":"[NEW] [medium] xwiki: Vulnerability allows information disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-34151"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T11:26:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2224","csirts_url":"https://www.csirts.com/advisory/new-medium-xwiki-vulnerability-allows-124563"},{"num":124567,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2117","title":"[UPDATE] [high] HCL BigFix Compliance (Ruby): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-42245","CVE-2026-42246","CVE-2026-42256","CVE-2026-42257","CVE-2026-42258","CVE-2026-41493"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T11:21:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2117","csirts_url":"https://www.csirts.com/advisory/update-high-hcl-bigfix-compliance-ruby-124567"},{"num":1273,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2192","title":"[NEW] [high] Coolify: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-66209","CVE-2025-66213","CVE-2026-32718","CVE-2026-34034","CVE-2026-34037","CVE-2026-34044","CVE-2026-34047","CVE-2026-34048","CVE-2026-34050","CVE-2026-34057","CVE-2026-34149","CVE-2026-34152","CVE-2026-34158","CVE-2026-34167","CVE-2026-34170","CVE-2026-34171","CVE-2026-34198","CVE-2026-34599","CVE-2026-41899","CVE-2026-42143","CVE-2026-42145","CVE-2026-42147","CVE-2026-42148","CVE-2026-42153","CVE-2026-42172","CVE-2026-42200","CVE-2026-42204"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T11:17:15+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2192","csirts_url":"https://www.csirts.com/advisory/new-high-coolify-multiple-vulnerabilities-1273"},{"num":81850,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1756","title":"[UPDATE] [medium] Linux Kernel: Vulnerability allows privilege escalation and denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-46242"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T11:17:07+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1756","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-vulnerability-81850"},{"num":124574,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2220","title":"[NEW] [high] DriveLock On-Premise and Cloud: Multiple vulnerabilities","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T11:16:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2220","csirts_url":"https://www.csirts.com/advisory/new-high-drivelock-on-premise-and-cloud-124574"},{"num":124577,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2217","title":"[NEW] [high] Devolutions Server: Vulnerability allows bypassing security measures","severity":"high","cvss":null,"cves":["CVE-2026-14536"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T11:01:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2217","csirts_url":"https://www.csirts.com/advisory/new-high-devolutions-server-vulnerability-124577"},{"num":170029,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8515-1","title":"USN-8515-1: Addressable vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2026-35611"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T10:46:24+00:00","link":"https://ubuntu.com/security/notices/USN-8515-1","csirts_url":"https://www.csirts.com/advisory/usn-8515-1-addressable-vulnerability-170029"},{"num":1743,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1653","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-38353","CVE-2025-38354","CVE-2025-38355","CVE-2025-38356","CVE-2025-38357","CVE-2025-38358","CVE-2025-38359","CVE-2025-38360","CVE-2025-38361","CVE-2025-38362","CVE-2025-38363","CVE-2025-38364","CVE-2025-38365","CVE-2025-38366","CVE-2025-38367","CVE-2025-38368","CVE-2025-38369","CVE-2025-38370","CVE-2025-38371","CVE-2025-38372","CVE-2025-38373","CVE-2025-38374","CVE-2025-38375","CVE-2025-38376","CVE-2025-38377","CVE-2025-38378","CVE-2025-38379","CVE-2025-38380","CVE-2025-38381","CVE-2025-38382","CVE-2025-38383","CVE-2025-38384","CVE-2025-38385","CVE-2025-38386","CVE-2025-38387","CVE-2025-38388","CVE-2025-38389","CVE-2025-38390","CVE-2025-38391","CVE-2025-38392","CVE-2025-38393","CVE-2025-38394","CVE-2025-38395","CVE-2025-38396","CVE-2025-38397","CVE-2025-38398","CVE-2025-38399","CVE-2025-38400","CVE-2025-38401","CVE-2025-38402","CVE-2025-38403","CVE-2025-38404","CVE-2025-38405","CVE-2025-38406","CVE-2025-38407","CVE-2025-38408","CVE-2025-38409","CVE-2025-38410","CVE-2025-38411","CVE-2025-38412"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1653","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1743"},{"num":119764,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1466","title":"[UPDATE] [medium] Red Hat Enterprise Linux (socat): Vulnerability allows file manipulation","severity":"medium","cvss":null,"cves":["CVE-2024-54661"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1466","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-119764"},{"num":119765,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1417","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-38084","CVE-2025-38085","CVE-2025-38086","CVE-2025-38087","CVE-2025-38088","CVE-2025-38089","CVE-2025-38090"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1417","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-119765"},{"num":1746,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1350","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-38038","CVE-2025-38053","CVE-2025-38054","CVE-2025-38055","CVE-2025-38056","CVE-2025-38062","CVE-2025-38063","CVE-2025-38064","CVE-2025-38065","CVE-2025-38066","CVE-2025-38067","CVE-2025-38068","CVE-2025-38069","CVE-2025-38070","CVE-2025-38071","CVE-2025-38072","CVE-2025-38073","CVE-2025-38074","CVE-2025-38075","CVE-2025-38076","CVE-2025-38077","CVE-2025-38078","CVE-2025-38079","CVE-2025-38080","CVE-2025-38081","CVE-2022-49934","CVE-2022-49935","CVE-2022-49936","CVE-2022-49937","CVE-2022-49938","CVE-2022-49939","CVE-2022-49940","CVE-2022-49941","CVE-2022-49942","CVE-2022-49943","CVE-2022-49944","CVE-2022-49945","CVE-2022-49946","CVE-2022-49947","CVE-2022-49948","CVE-2022-49949","CVE-2022-49950","CVE-2022-49951","CVE-2022-49952","CVE-2022-49953","CVE-2022-49954","CVE-2022-49955","CVE-2022-49956","CVE-2022-49957","CVE-2022-49958","CVE-2022-49959","CVE-2022-49960","CVE-2022-49961","CVE-2022-49962","CVE-2022-49963","CVE-2022-49964","CVE-2022-49965","CVE-2022-49966","CVE-2022-49967","CVE-2022-49968"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1350","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1746"},{"num":1510,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0844","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2023-53034","CVE-2024-58093","CVE-2024-58094","CVE-2024-58095","CVE-2024-58096","CVE-2024-58097","CVE-2025-22024","CVE-2025-22025","CVE-2025-22026","CVE-2025-22027","CVE-2025-22028","CVE-2025-22029","CVE-2025-22030","CVE-2025-22031","CVE-2025-22032","CVE-2025-22033","CVE-2025-22034","CVE-2025-22035","CVE-2025-22036","CVE-2025-22037","CVE-2025-22038","CVE-2025-22039","CVE-2025-22040","CVE-2025-22041","CVE-2025-22042","CVE-2025-22043","CVE-2025-22044","CVE-2025-22045","CVE-2025-22046","CVE-2025-22047","CVE-2025-22048","CVE-2025-22049","CVE-2025-22050","CVE-2025-22051","CVE-2025-22052","CVE-2025-22053","CVE-2025-22054","CVE-2025-22055","CVE-2025-22056","CVE-2025-22057","CVE-2025-22058","CVE-2025-22059","CVE-2025-22060","CVE-2025-22061","CVE-2025-22062","CVE-2025-22063","CVE-2025-22064","CVE-2025-22065","CVE-2025-22066","CVE-2025-22067","CVE-2025-22068","CVE-2025-22069","CVE-2025-22070","CVE-2025-22071","CVE-2025-22072","CVE-2025-22073","CVE-2025-22074","CVE-2025-22075","CVE-2025-22076","CVE-2025-22077"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0844","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1510"},{"num":119768,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0649","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2021-4454","CVE-2022-49738","CVE-2022-49739","CVE-2022-49740","CVE-2022-49741","CVE-2022-49742","CVE-2022-49743","CVE-2022-49744","CVE-2022-49745","CVE-2022-49746","CVE-2022-49747","CVE-2022-49748","CVE-2022-49749","CVE-2022-49750","CVE-2022-49751","CVE-2022-49752","CVE-2022-49753","CVE-2022-49754","CVE-2022-49755","CVE-2022-49756","CVE-2022-49757","CVE-2022-49758","CVE-2022-49759","CVE-2022-49760","CVE-2022-49761","CVE-2023-52928","CVE-2023-52929","CVE-2023-52930","CVE-2023-52931","CVE-2023-52932","CVE-2023-52933","CVE-2023-52934","CVE-2023-52935","CVE-2023-52936","CVE-2023-52937","CVE-2023-52938","CVE-2023-52939","CVE-2023-52940","CVE-2023-52941","CVE-2023-52942","CVE-2023-52973","CVE-2023-52974","CVE-2023-52975","CVE-2023-52976","CVE-2023-52977","CVE-2023-52978","CVE-2023-52979","CVE-2023-52980","CVE-2023-52981","CVE-2023-52982","CVE-2023-52983","CVE-2023-52984","CVE-2023-52985","CVE-2023-52986","CVE-2023-52987","CVE-2023-52988","CVE-2023-52989","CVE-2023-52990","CVE-2023-52991","CVE-2023-52992"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0649","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-119768"},{"num":81914,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0453","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-49732","CVE-2024-49570","CVE-2024-52557","CVE-2024-52559","CVE-2024-52560","CVE-2024-54456","CVE-2024-54458","CVE-2024-57834","CVE-2024-57852","CVE-2024-57953","CVE-2024-57973","CVE-2024-57974","CVE-2024-57975","CVE-2024-57976","CVE-2024-57977","CVE-2024-57978","CVE-2024-57979","CVE-2024-57980","CVE-2024-57981","CVE-2024-57982","CVE-2024-57983","CVE-2024-57984","CVE-2024-57985","CVE-2024-57986","CVE-2024-57987","CVE-2024-57988","CVE-2024-57989","CVE-2024-57990","CVE-2024-57991","CVE-2024-57992","CVE-2024-57993","CVE-2024-57994","CVE-2024-57995","CVE-2024-57996","CVE-2024-57997","CVE-2024-57998","CVE-2024-57999","CVE-2024-58000","CVE-2024-58001","CVE-2024-58002","CVE-2024-58003","CVE-2024-58004","CVE-2024-58005","CVE-2024-58006","CVE-2024-58007","CVE-2024-58008","CVE-2024-58009","CVE-2024-58010","CVE-2024-58011","CVE-2024-58012","CVE-2024-58013","CVE-2024-58014","CVE-2024-58015","CVE-2024-58016","CVE-2024-58017","CVE-2024-58018","CVE-2024-58019","CVE-2024-58020","CVE-2024-58021","CVE-2025-21705"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0453","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81914"},{"num":119771,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0131","title":"[UPDATE] [medium] GnuTLS: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-0553","CVE-2024-0567"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0131","csirts_url":"https://www.csirts.com/advisory/update-medium-gnutls-multiple-119771"},{"num":119770,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0302","title":"[UPDATE] [medium] GnuTLS: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2024-12243"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0302","csirts_url":"https://www.csirts.com/advisory/update-medium-gnutls-vulnerability-allows-119770"},{"num":119772,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0011","title":"[UPDATE] [medium] Python: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2021-3737","CVE-2021-4189"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:56:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0011","csirts_url":"https://www.csirts.com/advisory/update-medium-python-multiple-119772"},{"num":119776,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2651","title":"[UPDATE] [low] GnuTLS: Vulnerability allows unspecified attack","severity":"low","cvss":null,"cves":["CVE-2025-9820"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:51:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2651","csirts_url":"https://www.csirts.com/advisory/update-low-gnutls-vulnerability-allows-119776"},{"num":1494,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2579","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-40112","CVE-2025-40113","CVE-2025-40115","CVE-2025-40116","CVE-2025-40118","CVE-2025-40119","CVE-2025-40120","CVE-2025-40121","CVE-2025-40122","CVE-2025-40123","CVE-2025-40124","CVE-2025-40125","CVE-2025-40126","CVE-2025-40127","CVE-2025-40128","CVE-2025-40129","CVE-2025-40130","CVE-2025-40131","CVE-2025-40132","CVE-2025-40133","CVE-2025-40134","CVE-2025-40135","CVE-2025-40136","CVE-2025-40137","CVE-2025-40138","CVE-2025-40139","CVE-2025-40140","CVE-2025-40141","CVE-2025-40142","CVE-2025-40143","CVE-2025-40144","CVE-2025-40145","CVE-2025-40146","CVE-2025-40147","CVE-2025-40148","CVE-2025-40149","CVE-2025-40150","CVE-2025-40151","CVE-2025-40152","CVE-2025-40153","CVE-2025-40154","CVE-2025-40155","CVE-2025-40156","CVE-2025-40157","CVE-2025-40158","CVE-2025-40159","CVE-2025-40160","CVE-2025-40161","CVE-2025-40162","CVE-2025-40163","CVE-2025-40164","CVE-2025-40165","CVE-2025-40166","CVE-2025-40167","CVE-2025-40168","CVE-2025-40169","CVE-2025-40170","CVE-2025-40171","CVE-2025-40172","CVE-2025-40173"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:51:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2579","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1494"},{"num":81894,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2298","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-39966","CVE-2025-39967","CVE-2025-39968","CVE-2025-39969","CVE-2025-39970","CVE-2025-39971","CVE-2025-39972","CVE-2025-39973","CVE-2025-39974","CVE-2025-39975","CVE-2025-39976","CVE-2025-39977","CVE-2025-39979","CVE-2025-39980","CVE-2025-39981","CVE-2025-39982","CVE-2025-39983","CVE-2025-39984","CVE-2025-39985","CVE-2025-39986","CVE-2025-39987","CVE-2025-39988","CVE-2025-39990","CVE-2025-39991","CVE-2025-39992","CVE-2025-39993","CVE-2025-39994","CVE-2025-39995","CVE-2025-39996","CVE-2025-39997","CVE-2025-39998","CVE-2025-39999","CVE-2025-40000","CVE-2025-39978"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:51:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2298","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81894"},{"num":1740,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2099","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-39837","CVE-2025-39838","CVE-2025-39839","CVE-2025-39840","CVE-2025-39841","CVE-2025-39842","CVE-2025-39843","CVE-2025-39844","CVE-2025-39845","CVE-2025-39846","CVE-2025-39847","CVE-2025-39848","CVE-2025-39849","CVE-2025-39850","CVE-2025-39851","CVE-2025-39852","CVE-2025-39853","CVE-2025-39854","CVE-2025-39855","CVE-2025-39856","CVE-2025-39857","CVE-2025-39858","CVE-2025-39859","CVE-2025-39860","CVE-2025-39861","CVE-2025-39862","CVE-2025-39863","CVE-2025-39864","CVE-2025-39865","CVE-2025-39866"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:51:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2099","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1740"},{"num":119780,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2077","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-50339","CVE-2022-50340","CVE-2022-50341","CVE-2022-50342","CVE-2022-50343","CVE-2022-50344","CVE-2022-50345","CVE-2022-50346","CVE-2022-50347","CVE-2022-50348","CVE-2022-50349","CVE-2022-50350","CVE-2022-50351","CVE-2022-50352","CVE-2023-53304","CVE-2023-53305","CVE-2023-53306","CVE-2023-53307","CVE-2023-53308","CVE-2023-53309","CVE-2023-53310","CVE-2023-53311","CVE-2023-53312","CVE-2023-53313","CVE-2023-53314","CVE-2023-53315","CVE-2023-53316","CVE-2023-53317","CVE-2023-53318","CVE-2023-53319","CVE-2023-53320","CVE-2023-53321","CVE-2023-53322","CVE-2023-53323","CVE-2023-53324","CVE-2023-53325","CVE-2023-53326","CVE-2023-53327","CVE-2023-53328","CVE-2023-53329","CVE-2023-53330","CVE-2023-53331","CVE-2023-53332","CVE-2023-53333","CVE-2023-53334","CVE-2025-39805","CVE-2025-39806","CVE-2025-39807","CVE-2025-39808","CVE-2025-39809","CVE-2025-39810","CVE-2025-39811","CVE-2025-39812","CVE-2025-39813","CVE-2025-39814","CVE-2025-39815","CVE-2025-39816","CVE-2025-39817","CVE-2025-39818","CVE-2025-39819"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:51:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2077","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-119780"},{"num":1741,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2040","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-39736","CVE-2025-39737","CVE-2025-39738","CVE-2025-39739","CVE-2025-39740","CVE-2025-39741","CVE-2025-39742","CVE-2025-39743","CVE-2025-39744","CVE-2025-39745","CVE-2025-39746","CVE-2025-39747","CVE-2025-39748","CVE-2025-39749","CVE-2025-39750","CVE-2025-39751","CVE-2025-39752","CVE-2025-39753","CVE-2025-39754","CVE-2025-39756","CVE-2025-39757","CVE-2025-39758","CVE-2025-39759","CVE-2025-39760","CVE-2025-39761","CVE-2025-39762","CVE-2025-39763","CVE-2025-39764","CVE-2025-39765","CVE-2025-39766","CVE-2025-39767","CVE-2025-39768","CVE-2025-39769","CVE-2025-39770","CVE-2025-39771","CVE-2025-39772","CVE-2025-39773","CVE-2025-39774","CVE-2025-39775","CVE-2025-39776","CVE-2025-39777","CVE-2025-39779","CVE-2025-39780","CVE-2025-39781","CVE-2025-39782","CVE-2025-39783","CVE-2025-39784","CVE-2025-39785","CVE-2025-39786","CVE-2025-39787","CVE-2025-39788","CVE-2025-39789","CVE-2025-39790","CVE-2025-39791","CVE-2025-40300"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:51:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2040","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1741"},{"num":1495,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1869","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-38554","CVE-2025-38555","CVE-2025-38556","CVE-2025-38557","CVE-2025-38558","CVE-2025-38559","CVE-2025-38560","CVE-2025-38561","CVE-2025-38562","CVE-2025-38563","CVE-2025-38564","CVE-2025-38565","CVE-2025-38566","CVE-2025-38567","CVE-2025-38568","CVE-2025-38569","CVE-2025-38570","CVE-2025-38571","CVE-2025-38572","CVE-2025-38573","CVE-2025-38574","CVE-2025-38576","CVE-2025-38577","CVE-2025-38578","CVE-2025-38579","CVE-2025-38580","CVE-2025-38581","CVE-2025-38582","CVE-2025-38583","CVE-2025-38584","CVE-2025-38585","CVE-2025-38586","CVE-2025-38587","CVE-2025-38588","CVE-2025-38589","CVE-2025-38590","CVE-2025-38591","CVE-2025-38592","CVE-2025-38593","CVE-2025-38594","CVE-2025-38595","CVE-2025-38596","CVE-2025-38597","CVE-2025-38598","CVE-2025-38599","CVE-2025-38600","CVE-2025-38601","CVE-2025-38602","CVE-2025-38603","CVE-2025-38604","CVE-2025-38605","CVE-2025-38606","CVE-2025-38607","CVE-2025-38608","CVE-2025-38609","CVE-2025-38610","CVE-2025-38611","CVE-2025-38612","CVE-2025-38613","CVE-2025-38614"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:51:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1869","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1495"},{"num":119783,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2216","title":"[NEW] [high] Synacor Zimbra Classic Web Client: Vulnerability allows cross-site scripting","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:51:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2216","csirts_url":"https://www.csirts.com/advisory/new-high-synacor-zimbra-classic-web-119783"},{"num":119785,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2214","title":"[NEW] [medium] Mozilla Firefox for iOS: Vulnerability allows display of false information","severity":"medium","cvss":null,"cves":["CVE-2026-13356"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:41:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2214","csirts_url":"https://www.csirts.com/advisory/new-medium-mozilla-firefox-for-ios-119785"},{"num":119786,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2213","title":"[NEW] [medium] Hashicorp Terraform: Vulnerability allows information disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-14468"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:36:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2213","csirts_url":"https://www.csirts.com/advisory/new-medium-hashicorp-terraform-119786"},{"num":119789,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0722","title":"[UPDATE] [low] CPython: Vulnerability allows file manipulation","severity":"low","cvss":null,"cves":["CVE-2025-13462"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0722","csirts_url":"https://www.csirts.com/advisory/update-low-cpython-vulnerability-allows-119789"},{"num":119788,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0741","title":"[UPDATE] [medium] CPython: Multiple vulnerabilities allow file manipulation and DoS","severity":"medium","cvss":null,"cves":["CVE-2026-3644","CVE-2026-4224"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0741","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-multiple-119788"},{"num":119790,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0680","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-23239","CVE-2026-23240"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:38+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0680","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-119790"},{"num":119791,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0649","title":"[UPDATE] [low] Linux Kernel: Vulnerability allows Denial of Service","severity":"low","cvss":null,"cves":["CVE-2024-14027"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:37+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0649","csirts_url":"https://www.csirts.com/advisory/update-low-linux-kernel-vulnerability-119791"},{"num":119793,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0607","title":"[UPDATE] [medium] CPython: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-2297"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:36+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0607","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-vulnerability-119793"},{"num":119797,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0359","title":"[UPDATE] [medium] GnuTLS: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-14831","CVE-2026-1584"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:34+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0359","csirts_url":"https://www.csirts.com/advisory/update-medium-gnutls-multiple-119797"},{"num":1739,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0209","title":"[UPDATE] [medium] Cpython: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-11468","CVE-2025-15366","CVE-2025-15367","CVE-2025-15282","CVE-2026-0672","CVE-2026-1299","CVE-2026-0865"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:12+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0209","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-multiple-1739"},{"num":1487,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0215","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71145","CVE-2025-71146","CVE-2025-71147","CVE-2025-71148","CVE-2025-71149","CVE-2025-71150","CVE-2025-71151","CVE-2025-71152","CVE-2025-71153","CVE-2025-71154","CVE-2025-71155","CVE-2025-71156","CVE-2025-71157","CVE-2025-71158","CVE-2025-71159","CVE-2025-71160","CVE-2025-71161","CVE-2025-71162","CVE-2025-71163","CVE-2026-22978","CVE-2026-22979","CVE-2026-22980","CVE-2026-22981","CVE-2026-22982","CVE-2026-22983","CVE-2026-22984","CVE-2026-22985","CVE-2026-22986","CVE-2026-22987","CVE-2026-22988","CVE-2026-22989","CVE-2026-22990","CVE-2026-22991","CVE-2026-22992","CVE-2026-22993","CVE-2026-22994","CVE-2026-22995","CVE-2026-22996","CVE-2026-22997","CVE-2026-22998","CVE-2026-22999","CVE-2026-23000","CVE-2026-23001","CVE-2026-23002","CVE-2026-23003","CVE-2026-23004","CVE-2026-23005","CVE-2026-23006","CVE-2026-23007","CVE-2026-23008","CVE-2026-23009","CVE-2026-23010","CVE-2026-23011","CVE-2026-23012","CVE-2026-23013"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:12+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0215","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1487"},{"num":1759,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0119","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71102","CVE-2025-71103","CVE-2025-71104","CVE-2025-71105","CVE-2025-71106","CVE-2025-71107","CVE-2025-71108","CVE-2025-71109","CVE-2025-71110","CVE-2025-71111","CVE-2025-71112","CVE-2025-71113","CVE-2025-71114","CVE-2025-71115","CVE-2025-71116","CVE-2025-71117","CVE-2025-71118","CVE-2025-71119","CVE-2025-71120","CVE-2025-71121","CVE-2025-71122","CVE-2025-71123","CVE-2025-71124","CVE-2025-71125","CVE-2025-71126","CVE-2025-71127","CVE-2025-71128","CVE-2025-71129","CVE-2025-71130","CVE-2025-71131","CVE-2025-71132","CVE-2025-71133","CVE-2025-71134","CVE-2025-71135","CVE-2025-71136","CVE-2025-71137","CVE-2025-71138","CVE-2025-71139","CVE-2025-71140","CVE-2025-71141","CVE-2025-71142","CVE-2025-71143","CVE-2025-71144"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0119","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1759"},{"num":905,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2920","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-50697","CVE-2022-50698","CVE-2022-50699","CVE-2022-50700","CVE-2022-50701","CVE-2022-50702","CVE-2022-50703","CVE-2022-50704","CVE-2022-50705","CVE-2022-50706","CVE-2022-50707","CVE-2022-50708","CVE-2022-50709","CVE-2022-50710","CVE-2022-50711","CVE-2023-53867","CVE-2023-53986","CVE-2023-53987","CVE-2023-53988","CVE-2023-53989","CVE-2023-53990","CVE-2023-53991","CVE-2023-53992","CVE-2023-53993","CVE-2023-53994","CVE-2023-53995","CVE-2023-53996","CVE-2023-53997","CVE-2023-53998","CVE-2023-53999","CVE-2023-54000","CVE-2023-54001","CVE-2023-54002","CVE-2023-54003","CVE-2023-54004","CVE-2023-54005","CVE-2023-54006","CVE-2023-54007","CVE-2023-54008","CVE-2023-54009","CVE-2023-54010","CVE-2023-54011","CVE-2023-54012","CVE-2023-54013","CVE-2023-54014","CVE-2023-54015","CVE-2023-54016","CVE-2023-54017","CVE-2023-54018","CVE-2023-54019","CVE-2023-54020","CVE-2023-54021","CVE-2023-54022","CVE-2023-54023","CVE-2023-54024","CVE-2023-54025","CVE-2023-54026","CVE-2023-54027","CVE-2023-54028","CVE-2023-54029"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2920","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-905"},{"num":899,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2929","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-50712","CVE-2022-50713","CVE-2022-50714","CVE-2022-50715","CVE-2022-50716","CVE-2022-50717","CVE-2022-50718","CVE-2022-50719","CVE-2022-50720","CVE-2022-50721","CVE-2022-50722","CVE-2022-50723","CVE-2022-50724","CVE-2022-50725","CVE-2022-50726","CVE-2022-50727","CVE-2022-50728","CVE-2022-50729","CVE-2022-50730","CVE-2022-50731","CVE-2022-50732","CVE-2022-50733","CVE-2022-50734","CVE-2022-50735","CVE-2022-50736","CVE-2022-50737","CVE-2022-50738","CVE-2022-50739","CVE-2022-50740","CVE-2022-50741","CVE-2022-50742","CVE-2022-50743","CVE-2022-50744","CVE-2022-50745","CVE-2022-50746","CVE-2022-50747","CVE-2022-50748","CVE-2022-50749","CVE-2022-50750","CVE-2022-50751","CVE-2022-50752","CVE-2022-50753","CVE-2022-50754","CVE-2022-50755","CVE-2022-50756","CVE-2022-50757","CVE-2022-50758","CVE-2022-50759","CVE-2022-50760","CVE-2022-50761","CVE-2022-50762","CVE-2022-50763","CVE-2022-50764","CVE-2022-50765","CVE-2022-50766","CVE-2022-50767","CVE-2022-50768","CVE-2022-50769","CVE-2022-50770","CVE-2022-50771"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2929","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-899"},{"num":119805,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2914","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-68326","CVE-2025-68327","CVE-2025-68328","CVE-2025-68329","CVE-2025-68330","CVE-2025-68331","CVE-2025-68332","CVE-2025-68333","CVE-2025-68334","CVE-2025-68335","CVE-2025-68336","CVE-2025-68337"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:08+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2914","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-119805"},{"num":1535,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2182","title":"[NEW] [high] Coolify: Vulnerability allows code execution and disclosure","severity":"high","cvss":null,"cves":["CVE-2026-34038"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T08:29:06+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2182","csirts_url":"https://www.csirts.com/advisory/new-high-coolify-vulnerability-allows-1535"},{"num":1565,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2176","title":"[NEW] [medium] vllm: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-54234","CVE-2026-55514","CVE-2026-55574","CVE-2026-55646"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:05+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2176","csirts_url":"https://www.csirts.com/advisory/new-medium-vllm-multiple-vulnerabilities-1565"},{"num":1403,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2125","title":"[UPDATE] [medium] Red Hat Enterprise Linux (cifs-utils): Vulnerability allows executing arbitrary code with administrator rights","severity":"medium","cvss":null,"cves":["CVE-2026-12505"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:03+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2125","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1403"},{"num":1551,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2137","title":"[UPDATE] [medium] Red Hat Enterprise Linux (giflib): Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-26740"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:29:03+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2137","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1551"},{"num":119814,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2126","title":"[UPDATE] [medium] gzip: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-41991","CVE-2026-41992"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2126","csirts_url":"https://www.csirts.com/advisory/update-medium-gzip-multiple-119814"},{"num":1383,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2102","title":"[UPDATE] [high] Linux Kernel: Vulnerability allows gaining administrator rights","severity":"high","cvss":null,"cves":["CVE-2026-43503"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2102","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-vulnerability-1383"},{"num":119816,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2085","title":"[UPDATE] [high] WSO2 API Manager: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-13173","CVE-2025-13394","CVE-2025-5717","CVE-2026-0637","CVE-2026-1728","CVE-2026-2053","CVE-2026-2445","CVE-2026-2613","CVE-2026-3415","CVE-2026-3418","CVE-2026-4052","CVE-2026-4249","CVE-2026-5430"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2085","csirts_url":"https://www.csirts.com/advisory/update-high-wso2-api-manager-multiple-119816"},{"num":1698,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2036","title":"[UPDATE] [medium] dnsmasq: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-12725"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2036","csirts_url":"https://www.csirts.com/advisory/update-medium-dnsmasq-vulnerability-1698"},{"num":119820,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1974","title":"[UPDATE] [high] vllm: Vulnerability allows bypassing security measures","severity":"high","cvss":null,"cves":["CVE-2026-48746"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1974","csirts_url":"https://www.csirts.com/advisory/update-high-vllm-vulnerability-allows-119820"},{"num":119821,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1971","title":"[UPDATE] [medium] CPython: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-12003","CVE-2026-3276"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1971","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-multiple-119821"},{"num":119825,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1911","title":"[UPDATE] [medium] vllm: Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2026-41523"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:37+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1911","csirts_url":"https://www.csirts.com/advisory/update-medium-vllm-vulnerability-allows-119825"},{"num":119826,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1897","title":"[UPDATE] [medium] vllm: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-54233","CVE-2026-54235","CVE-2026-53923","CVE-2026-54236","CVE-2026-5497"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:36+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1897","csirts_url":"https://www.csirts.com/advisory/update-medium-vllm-multiple-119826"},{"num":119828,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1830","title":"[UPDATE] [medium] CPython: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-9669"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:35+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1830","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-vulnerability-119828"},{"num":119831,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1796","title":"[UPDATE] [medium] CPython: Vulnerability allows file manipulation","severity":"medium","cvss":null,"cves":["CVE-2026-7774"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1796","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-vulnerability-119831"},{"num":450,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1744","title":"[UPDATE] [high] MariaDB: Multiple vulnerabilities allow unspecified attack","severity":"high","cvss":null,"cves":["CVE-2026-48163","CVE-2026-48165","CVE-2026-49261"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1744","csirts_url":"https://www.csirts.com/advisory/update-high-mariadb-multiple-450"},{"num":119837,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1710","title":"[UPDATE] [high] ESRI ArcGIS: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-9181","CVE-2026-9182"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1710","csirts_url":"https://www.csirts.com/advisory/update-high-esri-arcgis-multiple-119837"},{"num":81974,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1626","title":"[UPDATE] [medium] Internet Systems Consortium BIND: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-3039","CVE-2026-3592","CVE-2026-3593","CVE-2026-5946","CVE-2026-5947","CVE-2026-5950"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:07+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1626","csirts_url":"https://www.csirts.com/advisory/update-medium-internet-systems-consortium-81974"},{"num":119842,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1610","title":"[UPDATE] [high] Red Hat Enterprise Linux (JWCrypto and python-markdown): Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-69534","CVE-2026-39373"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:28:07+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1610","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-119842"},{"num":119843,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1608","title":"[UPDATE] [high] Atlassian products (Bamboo, Bitbucket, Confluence, Crucible, Fisheye, and Jira): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2019-13990","CVE-2022-1471","CVE-2022-23521","CVE-2022-41903","CVE-2023-22518","CVE-2023-22522","CVE-2023-22523","CVE-2023-22524","CVE-2023-22527","CVE-2023-24998","CVE-2023-46604","CVE-2024-45801","CVE-2025-52999","CVE-2025-67030","CVE-2026-22029","CVE-2026-22732","CVE-2026-24734","CVE-2026-24880","CVE-2026-25639","CVE-2026-26960","CVE-2026-27727","CVE-2026-27830","CVE-2026-29062","CVE-2026-29129","CVE-2026-29145","CVE-2026-29146","CVE-2026-29786","CVE-2026-31802","CVE-2026-33750","CVE-2026-34483","CVE-2026-34487","CVE-2026-39304","CVE-2026-42198","CVE-2026-5598"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T08:28:06+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1608","csirts_url":"https://www.csirts.com/advisory/update-high-atlassian-products-bamboo-119843"},{"num":1349,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1571","title":"[UPDATE] [medium] Linux Kernel: Vulnerability Allows Bypassing Security Measures","severity":"medium","cvss":null,"cves":["CVE-2026-46333"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1571","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-vulnerability-1349"},{"num":119847,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1520","title":"[UPDATE] [medium] CPython: Vulnerability allows data manipulation","severity":"medium","cvss":null,"cves":["CVE-2026-8328"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1520","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-vulnerability-119847"},{"num":1366,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1531","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-43476","CVE-2026-43477","CVE-2026-43478","CVE-2026-43479","CVE-2026-43480","CVE-2026-43481","CVE-2026-43482","CVE-2026-43483","CVE-2026-43484","CVE-2026-43485","CVE-2026-43486","CVE-2026-43487","CVE-2026-43488","CVE-2026-43489"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1531","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1366"},{"num":1761,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1482","title":"[UPDATE] [high] AMD Processor: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2021-26380","CVE-2021-46747","CVE-2022-23826","CVE-2023-20539","CVE-2023-31316","CVE-2024-14012","CVE-2024-36315","CVE-2024-36343","CVE-2024-36345","CVE-2025-0028","CVE-2025-0040","CVE-2025-0045","CVE-2025-29935","CVE-2025-29936","CVE-2025-29937","CVE-2025-29938","CVE-2025-29944","CVE-2025-48512","CVE-2025-48513","CVE-2025-48516","CVE-2025-48519","CVE-2025-48520","CVE-2025-48521","CVE-2025-52540","CVE-2026-0432","CVE-2026-0438","CVE-2025-54518","CVE-2024-21962"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1482","csirts_url":"https://www.csirts.com/advisory/update-high-amd-processor-multiple-1761"},{"num":1278,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1468","title":"[UPDATE] [high] dnsmasq: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-2291","CVE-2026-4892","CVE-2026-4893","CVE-2026-5172","CVE-2026-4891","CVE-2026-4890"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1468","csirts_url":"https://www.csirts.com/advisory/update-high-dnsmasq-multiple-1278"},{"num":1257,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1433","title":"[UPDATE] [high] PHP: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-14179","CVE-2026-6104","CVE-2026-6722","CVE-2026-6735","CVE-2026-7258","CVE-2026-7259","CVE-2026-7261","CVE-2026-7262","CVE-2026-7263","CVE-2026-7568"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1433","csirts_url":"https://www.csirts.com/advisory/update-high-php-multiple-vulnerabilities-1257"},{"num":1725,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1352","title":"[UPDATE] [low] Postfix: Vulnerability allows denial of service","severity":"low","cvss":null,"cves":["CVE-2026-43964"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:38+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1352","csirts_url":"https://www.csirts.com/advisory/update-low-postfix-vulnerability-allows-1725"},{"num":119861,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1306","title":"[UPDATE] [high] Xen and Citrix Systems XenServer: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-23558","CVE-2026-23556","CVE-2026-23559","CVE-2026-23560","CVE-2026-23561","CVE-2026-23562","CVE-2026-42486","CVE-2026-23557","CVE-2026-31786","CVE-2026-31787"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:16+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1306","csirts_url":"https://www.csirts.com/advisory/update-high-xen-and-citrix-systems-119861"},{"num":119864,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0969","title":"[UPDATE] [medium] FasterXML Jackson: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0969","csirts_url":"https://www.csirts.com/advisory/update-medium-fasterxml-jackson-119864"},{"num":953,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0940","title":"[UPDATE] [high] vim: Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-34982"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:12+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0940","csirts_url":"https://www.csirts.com/advisory/update-high-vim-vulnerability-allows-code-953"},{"num":81965,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0910","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-23399","CVE-2026-23400"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0910","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81965"},{"num":119872,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0879","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-23396","CVE-2026-23397","CVE-2026-23398"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:27:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0879","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-119872"},{"num":434,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1167","title":"[UPDATE] [medium] dnsmasq: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-6507"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1167","csirts_url":"https://www.csirts.com/advisory/update-medium-dnsmasq-vulnerability-434"},{"num":1338,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0861","title":"[UPDATE] [high] Linux Kernel: Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-23279","CVE-2026-23280","CVE-2026-23281","CVE-2026-23282","CVE-2026-23283","CVE-2026-23284","CVE-2026-23285","CVE-2026-23286","CVE-2026-23287","CVE-2026-23288","CVE-2026-23289","CVE-2026-23290","CVE-2026-23291","CVE-2026-23292","CVE-2026-23293","CVE-2026-23294","CVE-2026-23295","CVE-2026-23296","CVE-2026-23297","CVE-2026-23298","CVE-2026-23299","CVE-2026-23300","CVE-2026-23301","CVE-2026-23302","CVE-2026-23303","CVE-2026-23304","CVE-2026-23305","CVE-2026-23306","CVE-2026-23307","CVE-2026-23308","CVE-2026-23309","CVE-2026-23310","CVE-2026-23311","CVE-2026-23312","CVE-2026-23313","CVE-2026-23314","CVE-2026-23315","CVE-2026-23316","CVE-2026-23317","CVE-2026-23318","CVE-2026-23319","CVE-2026-23320","CVE-2026-23321","CVE-2026-23322","CVE-2026-23323","CVE-2026-23324","CVE-2026-23325","CVE-2026-23326","CVE-2026-23327","CVE-2026-23328","CVE-2026-23329","CVE-2026-23330","CVE-2026-23331","CVE-2026-23332","CVE-2026-23333","CVE-2026-23334","CVE-2026-23335","CVE-2026-23336","CVE-2026-23337","CVE-2026-23338"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0861","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1338"},{"num":119877,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1121","title":"[UPDATE] [medium] CPython: Vulnerability allows data manipulation","severity":"medium","cvss":null,"cves":["CVE-2026-5713"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1121","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-vulnerability-119877"},{"num":119878,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0855","title":"[UPDATE] [medium] Xen: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-31788"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0855","csirts_url":"https://www.csirts.com/advisory/update-medium-xen-vulnerability-allows-119878"},{"num":81957,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1087","title":"[UPDATE] [medium] CPython: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-6100","CVE-2026-4786"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1087","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-multiple-81957"},{"num":892,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0824","title":"[UPDATE] [medium] Python: Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2026-4519"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0824","csirts_url":"https://www.csirts.com/advisory/update-medium-python-vulnerability-allows-892"},{"num":119882,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1063","title":"[UPDATE] [medium] Linux Kernel: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-31413"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1063","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-vulnerability-119882"},{"num":1581,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1064","title":"[UPDATE] [medium] CPython: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-1502","CVE-2026-3446"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1064","csirts_url":"https://www.csirts.com/advisory/update-medium-cpython-multiple-1581"},{"num":863,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0809","title":"[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-23271","CVE-2026-23272","CVE-2026-23273","CVE-2026-23274","CVE-2026-23275","CVE-2026-23276","CVE-2026-23277","CVE-2026-23278"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0809","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-863"},{"num":119887,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0987","title":"[UPDATE] [medium] vllm: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-34753","CVE-2026-34755","CVE-2026-34756","CVE-2026-34760"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T08:26:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0987","csirts_url":"https://www.csirts.com/advisory/update-medium-vllm-multiple-119887"},{"num":1715,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2155","title":"[UPDATE] [critical] Adobe ColdFusion: Multiple Vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-48276","CVE-2026-48277","CVE-2026-48281","CVE-2026-48282","CVE-2026-48283","CVE-2026-48285","CVE-2026-48307","CVE-2026-48313","CVE-2026-48314","CVE-2026-48315","CVE-2026-48316"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T07:51:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2155","csirts_url":"https://www.csirts.com/advisory/update-critical-adobe-coldfusion-multiple-1715"},{"num":81868,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2196","title":"[NEW] [medium] Apache Airflow: Vulnerability allows file manipulation","severity":"medium","cvss":null,"cves":["CVE-2026-49297"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T07:46:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2196","csirts_url":"https://www.csirts.com/advisory/new-medium-apache-airflow-vulnerability-81868"},{"num":81816,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2207","title":"[NEW] [medium] Roundcube: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-54432","CVE-2026-54433"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T07:46:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2207","csirts_url":"https://www.csirts.com/advisory/new-medium-roundcube-multiple-81816"},{"num":81861,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2203","title":"[NEW] [high] Apache Camel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-40047","CVE-2026-40859","CVE-2026-43865","CVE-2026-43866","CVE-2026-46453","CVE-2026-46454","CVE-2026-46455","CVE-2026-46456","CVE-2026-46457","CVE-2026-46584","CVE-2026-46585","CVE-2026-46590","CVE-2026-46591","CVE-2026-46592","CVE-2026-46726","CVE-2026-48203","CVE-2026-48204","CVE-2026-48205","CVE-2026-48206","CVE-2026-49086","CVE-2026-49097","CVE-2026-49098","CVE-2026-49099","CVE-2026-49365","CVE-2026-53913","CVE-2026-55993","CVE-2026-55994","CVE-2026-56139","CVE-2026-56140"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T07:46:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2203","csirts_url":"https://www.csirts.com/advisory/new-high-apache-camel-multiple-81861"},{"num":81867,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2197","title":"[NEW] [high] OpenVPN: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-11771","CVE-2026-12932","CVE-2026-12996","CVE-2026-13117","CVE-2026-13122","CVE-2026-13698"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T07:46:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2197","csirts_url":"https://www.csirts.com/advisory/new-high-openvpn-multiple-vulnerabilities-81867"},{"num":81865,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2199","title":"[NEW] [medium] PostgreSQL JDBC Driver: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-54291"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T07:46:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2199","csirts_url":"https://www.csirts.com/advisory/new-medium-postgresql-jdbc-driver-81865"},{"num":120093,"source_id":"ncsc-nl","external_id":"NCSC-2026-0221 [1.00]","title":"NCSC-2026-0221 [1.00] [M/H] Vulnerabilities fixed in UniFi products from Ubiquiti Networks","severity":"unknown","cvss":null,"cves":["CVE-2026-50746","CVE-2026-50747","CVE-2026-50748","CVE-2026-54400","CVE-2026-54401","CVE-2026-54402","CVE-2026-54403","CVE-2026-54404","CVE-2026-54405","CVE-2026-54406","CVE-2026-54407","CVE-2026-54408","CVE-2026-54409","CVE-2026-55110","CVE-2026-55111","CVE-2026-55112","CVE-2026-55113","CVE-2026-55114","CVE-2026-55115","CVE-2026-55116","CVE-2026-55117","CVE-2026-55118","CVE-2026-55119","CVE-2026-56841","CVE-2026-56842"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T07:04:45+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0221","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0221-1-00-m-h-vulnerabilities-120093"},{"num":120174,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN90566559/","title":"Apache Jena Fuseki vulnerable to path traversal","severity":"unknown","cvss":null,"cves":["CVE-2025-49656"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T06:20:00+00:00","link":"https://jvn.jp/en/jp/JVN90566559/","csirts_url":"https://www.csirts.com/advisory/apache-jena-fuseki-vulnerable-to-path-120174"},{"num":120175,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN87285119/","title":"SEIKO EPSON printers and scanners Web Config vulnerable to cross-site request forgery","severity":"unknown","cvss":null,"cves":["CVE-2026-58315"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T05:00:00+00:00","link":"https://jvn.jp/en/jp/JVN87285119/","csirts_url":"https://www.csirts.com/advisory/seiko-epson-printers-and-scanners-web-120175"},{"num":124850,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0843/","title":"Multiple vulnerabilities in PHP (July 7, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-14355","CVE-2026-12184"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0843/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-php-july-7-124850"},{"num":124848,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0841/","title":"Multiple vulnerabilities in Microsoft Azure Linux (July 7, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-13595","CVE-2025-15661","CVE-2026-14258","CVE-2026-3196","CVE-2026-11623","CVE-2026-41579","CVE-2026-11625","CVE-2026-58058","CVE-2026-55199"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0841/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-124848"},{"num":124846,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0839/","title":"Vulnerability in Mozilla Firefox for iOS (July 7, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-13356"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0839/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-mozilla-firefox-for-ios-124846"},{"num":130110,"source_id":"cisa-kev","external_id":"CVE-2026-48908","title":"CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-48908"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48908","csirts_url":"https://www.csirts.com/advisory/cve-2026-48908-130110"},{"num":134841,"source_id":"cisa-kev","external_id":"CVE-2026-48282","title":"CVE-2026-48282: Adobe ColdFusion Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-48282"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48282","csirts_url":"https://www.csirts.com/advisory/cve-2026-48282-134841"},{"num":124851,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0844/","title":"Vulnerability in Synacor Zimbra Collaboration (July 7, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0844/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-synacor-zimbra-124851"},{"num":130111,"source_id":"cisa-kev","external_id":"CVE-2026-55255","title":"CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-55255"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-55255","csirts_url":"https://www.csirts.com/advisory/cve-2026-55255-130111"},{"num":170038,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00294.html","title":"DSA-6383-1 imagemagick - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-53466","CVE-2026-53467","CVE-2026-55577","CVE-2026-55594","CVE-2026-55597","CVE-2026-55628","CVE-2026-56361","CVE-2026-56363","CVE-2026-56364","CVE-2026-56365","CVE-2026-56367","CVE-2026-56368","CVE-2026-56370","CVE-2026-56371","CVE-2026-56376","CVE-2026-56377","CVE-2026-56378"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00294.html","csirts_url":"https://www.csirts.com/advisory/dsa-6383-1-imagemagick-security-update-170038"},{"num":130112,"source_id":"cisa-kev","external_id":"CVE-2026-56290","title":"CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-56290"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-56290","csirts_url":"https://www.csirts.com/advisory/cve-2026-56290-130112"},{"num":170039,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00293.html","title":"DSA-6382-1 postfix - security update","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00293.html","csirts_url":"https://www.csirts.com/advisory/dsa-6382-1-postfix-security-update-170039"},{"num":124849,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0842/","title":"Multiple vulnerabilities in Postfix (July 7, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0842/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-postfix-july-124849"},{"num":124847,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0840/","title":"Multiple vulnerabilities in Microsoft Edge (July 7, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-13848","CVE-2026-14098","CVE-2026-57988","CVE-2026-14104","CVE-2026-13934","CVE-2026-14080","CVE-2026-13806","CVE-2026-14100","CVE-2026-13933","CVE-2026-58291","CVE-2026-14002","CVE-2026-13774","CVE-2026-13893","CVE-2026-13834","CVE-2026-14143","CVE-2026-14077","CVE-2026-14083","CVE-2026-13888","CVE-2026-13838","CVE-2026-56645","CVE-2026-57991","CVE-2026-14134","CVE-2026-14055","CVE-2026-14131","CVE-2026-57992","CVE-2026-13930","CVE-2026-13840","CVE-2026-57975","CVE-2026-14093","CVE-2026-14072","CVE-2026-13906","CVE-2026-14061","CVE-2026-14106","CVE-2026-13839","CVE-2026-13830","CVE-2026-14000","CVE-2026-58276","CVE-2026-14156","CVE-2026-14147","CVE-2026-14063","CVE-2026-14152","CVE-2026-14030","CVE-2026-14141","CVE-2026-13853","CVE-2026-58295","CVE-2026-58290","CVE-2026-13970","CVE-2026-13857","CVE-2026-14010","CVE-2026-13962","CVE-2026-13977","CVE-2026-14070","CVE-2026-13804","CVE-2026-13984","CVE-2026-14040","CVE-2026-13873","CVE-2026-13858","CVE-2026-13950","CVE-2026-14107","CVE-2026-57986"],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0840/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-124847"},{"num":124845,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0838/","title":"Multiple vulnerabilities in SPIP (July 7, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-07T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0838/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-spip-july-7-124845"},{"num":170117,"source_id":"aws","external_id":"28e9a8abacb1b7906538e9662e6798872a2591c8","title":"CVE-2026-14471 - Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-registry","severity":"unknown","cvss":null,"cves":["CVE-2026-14471"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T20:50:20+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-052-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-14471-170117"},{"num":2102,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv","title":"Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-20181","CVE-2026-20190"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T19:20:30+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Remote%20Code%20Execution%20and%20Information%20Disclosure%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-identity-services-engine-remote-2102"},{"num":105819,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/qualcomm-security-advisory-july-2026-monthly-rollup-av26-661","title":"Qualcomm security advisory – July 2026 monthly rollup (AV26-661)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T18:46:42+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/qualcomm-security-advisory-july-2026-monthly-rollup-av26-661","csirts_url":"https://www.csirts.com/advisory/qualcomm-security-advisory-july-2026-105819"},{"num":96276,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/beyondtrust-security-advisory-av26-660","title":"BeyondTrust security advisory (AV26-660)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T17:50:31+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/beyondtrust-security-advisory-av26-660","csirts_url":"https://www.csirts.com/advisory/beyondtrust-security-advisory-av26-660-96276"},{"num":86703,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-659","title":"Microsoft Edge security advisory (AV26-659)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T15:14:40+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-659","csirts_url":"https://www.csirts.com/advisory/microsoft-edge-security-advisory-av26-659-86703"},{"num":170030,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8514-1","title":"USN-8514-1: OpenSSH vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2026-35385"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T14:32:58+00:00","link":"https://ubuntu.com/security/notices/USN-8514-1","csirts_url":"https://www.csirts.com/advisory/usn-8514-1-openssh-vulnerability-170030"},{"num":86704,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/openssh-security-advisory-av26-658","title":"OpenSSH security advisory (AV26-658)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:51:57+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/openssh-security-advisory-av26-658","csirts_url":"https://www.csirts.com/advisory/openssh-security-advisory-av26-658-86704"},{"num":86705,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/roundcube-security-advisory-av26-657","title":"Roundcube security advisory (AV26-657)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:45:28+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/roundcube-security-advisory-av26-657","csirts_url":"https://www.csirts.com/advisory/roundcube-security-advisory-av26-657-86705"},{"num":86706,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-656","title":"IBM security advisory (AV26-656)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:38:12+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-656","csirts_url":"https://www.csirts.com/advisory/ibm-security-advisory-av26-656-86706"},{"num":170031,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8502-1","title":"USN-8502-1: GnuTLS vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2024-0553","CVE-2024-12243","CVE-2025-9820","CVE-2025-14831","CVE-2026-3833","CVE-2026-5260","CVE-2026-33845","CVE-2026-33846","CVE-2026-42009","CVE-2026-42010"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:37:09+00:00","link":"https://ubuntu.com/security/notices/USN-8502-1","csirts_url":"https://www.csirts.com/advisory/usn-8502-1-gnutls-vulnerabilities-170031"},{"num":86707,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-655","title":"[Control systems] CISA ICS security advisories (AV26–655)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:26:59+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-655","csirts_url":"https://www.csirts.com/advisory/control-systems-cisa-ics-security-86707"},{"num":170032,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8513-1","title":"USN-8513-1: PHP vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-6722","CVE-2026-7261","CVE-2025-14179"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:22:54+00:00","link":"https://ubuntu.com/security/notices/USN-8513-1","csirts_url":"https://www.csirts.com/advisory/usn-8513-1-php-vulnerabilities-170032"},{"num":86708,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/dell-security-advisory-av26-654","title":"Dell security advisory (AV26-654)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:16:37+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/dell-security-advisory-av26-654","csirts_url":"https://www.csirts.com/advisory/dell-security-advisory-av26-654-86708"},{"num":86709,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av26-653","title":"Ubuntu security advisory (AV26-653)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:10:41+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av26-653","csirts_url":"https://www.csirts.com/advisory/ubuntu-security-advisory-av26-653-86709"},{"num":86710,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/red-hat-security-advisory-av26-652","title":"Red Hat security advisory (AV26-652)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T13:05:14+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/red-hat-security-advisory-av26-652","csirts_url":"https://www.csirts.com/advisory/red-hat-security-advisory-av26-652-86710"},{"num":170033,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8512-1","title":"USN-8512-1: Gzip vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-41991","CVE-2026-41992"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T12:52:06+00:00","link":"https://ubuntu.com/security/notices/USN-8512-1","csirts_url":"https://www.csirts.com/advisory/usn-8512-1-gzip-vulnerabilities-170033"},{"num":170034,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8511-1","title":"USN-8511-1: socat vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-56123","CVE-2024-54661"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T12:37:17+00:00","link":"https://ubuntu.com/security/notices/USN-8511-1","csirts_url":"https://www.csirts.com/advisory/usn-8511-1-socat-vulnerabilities-170034"},{"num":917,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-file-read-wLH2vf8X","title":"Cisco Catalyst Center Arbitrary File Read Vulnerability","severity":"high","cvss":null,"cves":["CVE-2026-20191"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T12:00:33+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-file-read-wLH2vf8X?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20Center%20Arbitrary%20File%20Read%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-catalyst-center-arbitrary-file-read-917"},{"num":170035,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8510-1","title":"USN-8510-1: tar vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2025-45582"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:57:49+00:00","link":"https://ubuntu.com/security/notices/USN-8510-1","csirts_url":"https://www.csirts.com/advisory/usn-8510-1-tar-vulnerability-170035"},{"num":170036,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8509-1","title":"USN-8509-1: Python vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2025-13462","CVE-2025-69534","CVE-2026-1299","CVE-2026-1502","CVE-2026-2297","CVE-2026-3276","CVE-2026-3644","CVE-2026-4224","CVE-2026-4519","CVE-2026-4786","CVE-2026-5713","CVE-2026-6019","CVE-2026-6100","CVE-2026-7774","CVE-2021-4189","CVE-2026-8328","CVE-2026-9669"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:48:55+00:00","link":"https://ubuntu.com/security/notices/USN-8509-1","csirts_url":"https://www.csirts.com/advisory/usn-8509-1-python-vulnerabilities-170036"},{"num":86348,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0661","title":"[UPDATE] [high] Microsoft Windows and Windows Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-26128","CVE-2026-24291","CVE-2026-23656","CVE-2026-23667","CVE-2026-23668","CVE-2026-23669","CVE-2026-23671","CVE-2026-23672","CVE-2026-23673","CVE-2026-23674","CVE-2026-24282","CVE-2026-24283","CVE-2026-24285","CVE-2026-24287","CVE-2026-24288","CVE-2026-24289","CVE-2026-24290","CVE-2026-24292","CVE-2026-24293","CVE-2026-24294","CVE-2026-24295","CVE-2026-24296","CVE-2026-24297","CVE-2026-25165","CVE-2026-25166","CVE-2026-25167","CVE-2026-25168","CVE-2026-25169","CVE-2026-25170","CVE-2026-25171","CVE-2026-25172","CVE-2026-25173","CVE-2026-25174","CVE-2026-25175","CVE-2026-25176","CVE-2026-25177","CVE-2026-25178","CVE-2026-25179","CVE-2026-25180","CVE-2026-25181","CVE-2026-25185","CVE-2026-25186","CVE-2026-25187","CVE-2026-25188","CVE-2026-25189","CVE-2026-25190","CVE-2026-26111","CVE-2026-26132"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:36:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0661","csirts_url":"https://www.csirts.com/advisory/update-high-microsoft-windows-and-windows-86348"},{"num":86349,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2212","title":"[NEW] [low] WSO2 API Manager: Vulnerability allows information disclosure","severity":"low","cvss":null,"cves":["CVE-2025-13475"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:31:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2212","csirts_url":"https://www.csirts.com/advisory/new-low-wso2-api-manager-vulnerability-86349"},{"num":86350,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2211","title":"[NEW] [medium] Pega Platform: Vulnerability allows privilege escalation","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:31:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2211","csirts_url":"https://www.csirts.com/advisory/new-medium-pega-platform-vulnerability-86350"},{"num":86351,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2210","title":"[NEW] [high] Samsung Exynos: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-33962","CVE-2026-33957","CVE-2026-23792","CVE-2025-66367","CVE-2025-66366"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:31:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2210","csirts_url":"https://www.csirts.com/advisory/new-high-samsung-exynos-multiple-86351"},{"num":86353,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2209","title":"[NEW] [medium] FreeRDP: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-57156","CVE-2026-57157","CVE-2026-57158"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:31:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2209","csirts_url":"https://www.csirts.com/advisory/new-medium-freerdp-multiple-86353"},{"num":81938,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2092","title":"[UPDATE] [high] Google Chrome: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-13281","CVE-2026-13282","CVE-2026-13283"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:16:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2092","csirts_url":"https://www.csirts.com/advisory/update-high-google-chrome-multiple-81938"},{"num":81836,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1271","title":"[UPDATE] [high] Apache Camel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-27172","CVE-2026-33454","CVE-2026-40022","CVE-2026-40048","CVE-2026-40453","CVE-2026-40473","CVE-2026-40858","CVE-2026-40860"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:16:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1271","csirts_url":"https://www.csirts.com/advisory/update-high-apache-camel-multiple-81836"},{"num":86358,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0445","title":"[UPDATE] [high] Apache Camel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-23552","CVE-2026-25747"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T11:16:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0445","csirts_url":"https://www.csirts.com/advisory/update-high-apache-camel-multiple-86358"},{"num":81820,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0074","title":"[UPDATE] [high] Apache Camel (Neo4j): Vulnerability allows data manipulation","severity":"high","cvss":null,"cves":["CVE-2025-66169"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:41:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0074","csirts_url":"https://www.csirts.com/advisory/update-high-apache-camel-neo4j-81820"},{"num":81822,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1433","title":"[UPDATE] [medium] Red Hat Enterprise Linux (python-setuptools): Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2025-47273"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:41:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1433","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-81822"},{"num":81824,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0679","title":"[UPDATE] [medium] Apache Commons: Multiple vulnerabilities allow unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2024-29131","CVE-2024-29133"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:41:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0679","csirts_url":"https://www.csirts.com/advisory/update-medium-apache-commons-multiple-81824"},{"num":81823,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3147","title":"[UPDATE] [high] Red Hat products: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2021-44549","CVE-2024-40094","CVE-2024-47561","CVE-2024-7254"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:41:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3147","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-products-multiple-81823"},{"num":81826,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2618","title":"[UPDATE] [high] http/2 implementations: Vulnerability allows denial of service","severity":"high","cvss":null,"cves":["CVE-2023-44487"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T10:41:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2618","csirts_url":"https://www.csirts.com/advisory/update-high-http-2-implementations-81826"},{"num":81825,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3037","title":"[UPDATE] [medium] Apache Camel: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2023-39410","CVE-2023-5072"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:41:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3037","csirts_url":"https://www.csirts.com/advisory/update-medium-apache-camel-multiple-81825"},{"num":1574,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2166","title":"[NEW] [high] Red Hat Satellite (foreman, python-pillow, go): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-5135","CVE-2026-5136","CVE-2026-5138","CVE-2026-5142","CVE-2026-32282","CVE-2026-40192"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:31:49+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2166","csirts_url":"https://www.csirts.com/advisory/new-high-red-hat-satellite-foreman-python-1574"},{"num":81840,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2206","title":"[NEW] [medium] Puppet: Vulnerability allows information disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-8804"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:31:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2206","csirts_url":"https://www.csirts.com/advisory/new-medium-puppet-vulnerability-allows-81840"},{"num":81841,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2205","title":"[NEW] [high] n8n: Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2025-71380"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:31:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2205","csirts_url":"https://www.csirts.com/advisory/new-high-n8n-vulnerability-allows-code-81841"},{"num":81860,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2204","title":"[NEW] [medium] GIMP: Vulnerability allows code execution and denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-58379"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:06:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2204","csirts_url":"https://www.csirts.com/advisory/new-medium-gimp-vulnerability-allows-code-81860"},{"num":81862,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2202","title":"[NEW] [medium] Dell Computer: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-35159"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:06:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2202","csirts_url":"https://www.csirts.com/advisory/new-medium-dell-computer-vulnerability-81862"},{"num":81863,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2201","title":"[NEW] [low] Icinga: Vulnerability allows displaying false information","severity":"low","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T10:01:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2201","csirts_url":"https://www.csirts.com/advisory/new-low-icinga-vulnerability-allows-81863"},{"num":81866,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2198","title":"[NEW] [UNPATCHED] [medium] Keycloak: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-14613","CVE-2026-14614","CVE-2026-14615","CVE-2026-14781"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T09:51:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2198","csirts_url":"https://www.csirts.com/advisory/new-unpatched-medium-keycloak-multiple-81866"},{"num":81869,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2195","title":"[NEW] [medium] dhcpcd: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-70102"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T09:46:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2195","csirts_url":"https://www.csirts.com/advisory/new-medium-dhcpcd-vulnerability-allows-81869"},{"num":1445,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1265","title":"[UPDATE] [medium] Linux Kernel: Vulnerability allows unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-31533"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T09:41:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1265","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-vulnerability-1445"},{"num":1718,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1219","title":"[UPDATE] [medium] lxml: Vulnerability Allows Information Disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-41066"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T09:41:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1219","csirts_url":"https://www.csirts.com/advisory/update-medium-lxml-vulnerability-allows-1718"},{"num":81874,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0882","title":"[UPDATE] [medium] GIMP: Vulnerability allows denial of service and information disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-4887"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T09:41:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0882","csirts_url":"https://www.csirts.com/advisory/update-medium-gimp-vulnerability-allows-81874"},{"num":81881,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0319","title":"[UPDATE] [high] Red Hat Enterprise Linux (fontforge): Multiple vulnerabilities allow code execution","severity":"high","cvss":null,"cves":["CVE-2025-15269","CVE-2025-15275","CVE-2025-15279"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:18:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0319","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-81881"},{"num":81882,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0188","title":"[UPDATE] [medium] Internet Systems Consortium BIND: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-13878"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:18:13+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0188","csirts_url":"https://www.csirts.com/advisory/update-medium-internet-systems-consortium-81882"},{"num":81884,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2941","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2022-50829","CVE-2022-50830","CVE-2022-50831","CVE-2022-50832","CVE-2022-50833","CVE-2022-50834","CVE-2022-50835","CVE-2022-50836","CVE-2022-50837","CVE-2022-50838","CVE-2022-50839","CVE-2022-50840","CVE-2022-50841","CVE-2022-50842","CVE-2022-50843","CVE-2022-50844","CVE-2022-50845","CVE-2022-50846","CVE-2022-50847","CVE-2022-50848","CVE-2022-50849","CVE-2022-50850","CVE-2022-50851","CVE-2022-50852","CVE-2022-50853","CVE-2022-50854","CVE-2022-50855","CVE-2022-50856","CVE-2022-50857","CVE-2022-50858","CVE-2022-50859","CVE-2022-50860","CVE-2022-50861","CVE-2022-50862","CVE-2022-50863","CVE-2022-50864","CVE-2022-50865","CVE-2022-50866","CVE-2022-50867","CVE-2022-50868","CVE-2022-50869","CVE-2022-50870","CVE-2022-50871","CVE-2022-50872","CVE-2022-50873","CVE-2022-50874","CVE-2022-50875","CVE-2022-50876","CVE-2022-50877","CVE-2022-50878","CVE-2022-50879","CVE-2022-50880","CVE-2022-50881","CVE-2022-50882","CVE-2022-50883","CVE-2022-50884","CVE-2022-50885","CVE-2022-50886","CVE-2022-50887","CVE-2022-50888"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2941","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81884"},{"num":81886,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2925","title":"[UPDATE] [high] Gitea: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-68937","CVE-2025-68938","CVE-2025-68939","CVE-2025-68940","CVE-2025-68941","CVE-2025-68942","CVE-2025-68943","CVE-2025-68944","CVE-2025-68945","CVE-2025-68946"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2925","csirts_url":"https://www.csirts.com/advisory/update-high-gitea-multiple-vulnerabilities-81886"},{"num":81888,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2915","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-68338","CVE-2025-68339","CVE-2025-68340","CVE-2025-68341","CVE-2025-68342","CVE-2025-68343"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:49+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2915","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81888"},{"num":1733,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2904","title":"[UPDATE] [medium] Linux Kernel: Multiple Vulnerabilities Allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-68323","CVE-2025-68324","CVE-2025-68325"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2904","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1733"},{"num":81891,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2645","title":"[UPDATE] [medium] Golang Go: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-47914","CVE-2025-58181"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2645","csirts_url":"https://www.csirts.com/advisory/update-medium-golang-go-multiple-81891"},{"num":81893,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2497","title":"[UPDATE] [medium] libarchive: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-60753"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2497","csirts_url":"https://www.csirts.com/advisory/update-medium-libarchive-vulnerability-81893"},{"num":497,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2229","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-50509","CVE-2022-50510","CVE-2022-50511","CVE-2022-50512","CVE-2022-50513","CVE-2022-50514","CVE-2022-50515","CVE-2022-50516","CVE-2022-50517","CVE-2022-50518","CVE-2022-50519","CVE-2022-50520","CVE-2022-50521","CVE-2022-50522","CVE-2022-50523","CVE-2022-50524","CVE-2022-50525","CVE-2022-50526","CVE-2022-50527","CVE-2022-50528","CVE-2022-50529","CVE-2022-50530","CVE-2022-50531","CVE-2022-50532","CVE-2022-50533","CVE-2022-50534","CVE-2022-50535","CVE-2022-50536","CVE-2022-50537","CVE-2022-50538","CVE-2022-50539","CVE-2022-50540","CVE-2022-50541","CVE-2022-50542","CVE-2022-50543","CVE-2022-50544","CVE-2022-50545","CVE-2022-50546","CVE-2022-50547","CVE-2022-50548","CVE-2022-50549","CVE-2022-50550","CVE-2022-50551","CVE-2022-50552","CVE-2022-50553","CVE-2022-50554","CVE-2022-50555","CVE-2023-53617","CVE-2023-53618","CVE-2023-53619","CVE-2023-53620","CVE-2023-53621","CVE-2023-53622","CVE-2023-53623","CVE-2023-53624","CVE-2023-53625","CVE-2023-53626","CVE-2023-53627","CVE-2023-53628","CVE-2023-53629"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2229","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-497"},{"num":81897,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2092","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"high","cvss":null,"cves":["CVE-2022-50375","CVE-2022-50376","CVE-2022-50377","CVE-2022-50378","CVE-2022-50379","CVE-2022-50380","CVE-2022-50381","CVE-2022-50382","CVE-2022-50383","CVE-2022-50384","CVE-2022-50385","CVE-2022-50386","CVE-2022-50387","CVE-2022-50388","CVE-2022-50389","CVE-2022-50390","CVE-2022-50391","CVE-2022-50392","CVE-2022-50393","CVE-2022-50394","CVE-2022-50395","CVE-2022-50396","CVE-2022-50397","CVE-2022-50398","CVE-2022-50399","CVE-2022-50400","CVE-2022-50401","CVE-2022-50402","CVE-2022-50403","CVE-2022-50404","CVE-2022-50405","CVE-2022-50406","CVE-2022-50407","CVE-2022-50408","CVE-2022-50409","CVE-2022-50410","CVE-2022-50411","CVE-2022-50412","CVE-2022-50413","CVE-2022-50414","CVE-2022-50415","CVE-2022-50416","CVE-2022-50417","CVE-2022-50418","CVE-2022-50419","CVE-2023-53369","CVE-2023-53370","CVE-2023-53371","CVE-2023-53372","CVE-2023-53373","CVE-2023-53374","CVE-2023-53375","CVE-2023-53376","CVE-2023-53377","CVE-2023-53378","CVE-2023-53379","CVE-2023-53380","CVE-2023-53381","CVE-2023-53382","CVE-2023-53383"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2092","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81897"},{"num":81896,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2194","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-50470","CVE-2022-50471","CVE-2022-50472","CVE-2022-50473","CVE-2022-50474","CVE-2022-50475","CVE-2022-50476","CVE-2022-50477","CVE-2022-50478","CVE-2022-50479","CVE-2022-50480","CVE-2022-50481","CVE-2022-50482","CVE-2022-50483","CVE-2022-50484","CVE-2022-50485","CVE-2022-50486","CVE-2022-50487","CVE-2022-50488","CVE-2022-50489","CVE-2022-50490","CVE-2022-50491","CVE-2022-50492","CVE-2022-50493","CVE-2022-50494","CVE-2022-50495","CVE-2022-50496","CVE-2022-50497","CVE-2022-50498","CVE-2022-50499","CVE-2022-50500","CVE-2022-50501","CVE-2022-50502","CVE-2022-50503","CVE-2022-50504","CVE-2022-50505","CVE-2022-50506","CVE-2022-50507","CVE-2022-50508","CVE-2023-53533","CVE-2023-53534","CVE-2023-53535","CVE-2023-53536","CVE-2023-53537","CVE-2023-53538","CVE-2023-53539","CVE-2023-53540","CVE-2023-53541","CVE-2023-53542","CVE-2023-53543","CVE-2023-53544","CVE-2023-53545","CVE-2023-53546","CVE-2023-53547","CVE-2023-53548","CVE-2023-53549","CVE-2023-53550","CVE-2023-53551","CVE-2023-53552","CVE-2023-53553"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2194","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81896"},{"num":81898,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2053","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-50234","CVE-2022-50235","CVE-2022-50236","CVE-2022-50239","CVE-2022-50240","CVE-2022-50241","CVE-2022-50242","CVE-2022-50243","CVE-2022-50244","CVE-2022-50245","CVE-2022-50246","CVE-2022-50247","CVE-2022-50248","CVE-2022-50249","CVE-2022-50250","CVE-2022-50251","CVE-2022-50252","CVE-2022-50253","CVE-2022-50254","CVE-2022-50255","CVE-2022-50256","CVE-2022-50257","CVE-2022-50258","CVE-2022-50259","CVE-2022-50260","CVE-2022-50261","CVE-2022-50262","CVE-2022-50263","CVE-2022-50264","CVE-2022-50265","CVE-2022-50266","CVE-2022-50267","CVE-2022-50268","CVE-2022-50269","CVE-2022-50270","CVE-2022-50271","CVE-2022-50272","CVE-2022-50273","CVE-2022-50274","CVE-2022-50275","CVE-2022-50276","CVE-2022-50277","CVE-2022-50278","CVE-2022-50279","CVE-2022-50280","CVE-2022-50281","CVE-2022-50282","CVE-2022-50283","CVE-2022-50284","CVE-2022-50285","CVE-2022-50286","CVE-2022-50287","CVE-2022-50288","CVE-2022-50289","CVE-2022-50290","CVE-2022-50291","CVE-2022-50292","CVE-2022-50293","CVE-2022-50294","CVE-2022-50295"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2053","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81898"},{"num":81899,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1976","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"high","cvss":null,"cves":["CVE-2025-38679","CVE-2025-38680","CVE-2025-38681","CVE-2025-38682","CVE-2025-38683","CVE-2025-38684","CVE-2025-38685","CVE-2025-38686","CVE-2025-38687","CVE-2025-38688","CVE-2025-38689","CVE-2025-38690","CVE-2025-38691","CVE-2025-38692","CVE-2025-38693","CVE-2025-38694","CVE-2025-38695","CVE-2025-38696","CVE-2025-38697","CVE-2025-38698","CVE-2025-38699","CVE-2025-38700","CVE-2025-38701","CVE-2025-38702","CVE-2025-38703","CVE-2025-38704","CVE-2025-38705","CVE-2025-38706","CVE-2025-38707","CVE-2025-38708","CVE-2025-38709","CVE-2025-38710","CVE-2025-38711","CVE-2025-38712","CVE-2025-38713","CVE-2025-38714","CVE-2025-38715","CVE-2025-38716","CVE-2025-38717","CVE-2025-38718","CVE-2025-38719","CVE-2025-38720","CVE-2025-38721","CVE-2025-38722","CVE-2025-38723","CVE-2025-38724","CVE-2025-38725","CVE-2025-38726","CVE-2025-38727","CVE-2025-38728","CVE-2025-38729","CVE-2025-38730"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:22+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1976","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81899"},{"num":1742,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1898","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service and privilege escalation","severity":"high","cvss":null,"cves":["CVE-2024-58239","CVE-2025-38616","CVE-2025-38617","CVE-2025-38618","CVE-2025-38619","CVE-2025-38620","CVE-2025-38621","CVE-2025-38622","CVE-2025-38623","CVE-2025-38624","CVE-2025-38625","CVE-2025-38626","CVE-2025-38627","CVE-2025-38628","CVE-2025-38629","CVE-2025-38630","CVE-2025-38631","CVE-2025-38632","CVE-2025-38633","CVE-2025-38634","CVE-2025-38635","CVE-2025-38636","CVE-2025-38638","CVE-2025-38639","CVE-2025-38640","CVE-2025-38641","CVE-2025-38642","CVE-2025-38643","CVE-2025-38644","CVE-2025-38645","CVE-2025-38646","CVE-2025-38647","CVE-2025-38648","CVE-2025-38649","CVE-2025-38650","CVE-2025-38651","CVE-2025-38652","CVE-2025-38653","CVE-2025-38654","CVE-2025-38655","CVE-2025-38656","CVE-2025-38657","CVE-2025-38658","CVE-2025-38659","CVE-2025-38660","CVE-2025-38661","CVE-2025-38662","CVE-2025-38663","CVE-2025-38664","CVE-2025-38665","CVE-2025-38666","CVE-2025-38667","CVE-2025-38668","CVE-2025-38669","CVE-2025-38670","CVE-2025-38671","CVE-2025-38672","CVE-2025-38673","CVE-2025-38674","CVE-2025-38675"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:20+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1898","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1742"},{"num":1322,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1858","title":"[UPDATE] [high] Linux Kernel: Multiple Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2023-3865","CVE-2023-3866","CVE-2023-4130","CVE-2023-4515","CVE-2025-38501","CVE-2025-38502","CVE-2025-38503","CVE-2025-38504","CVE-2025-38505","CVE-2025-38506","CVE-2025-38507","CVE-2025-38508","CVE-2025-38509","CVE-2025-38510","CVE-2025-38511","CVE-2025-38512","CVE-2025-38513","CVE-2025-38514","CVE-2025-38515","CVE-2025-38516","CVE-2025-38517","CVE-2025-38518","CVE-2025-38519","CVE-2025-38520","CVE-2025-38521","CVE-2025-38522","CVE-2025-38523","CVE-2025-38524","CVE-2025-38525","CVE-2025-38526","CVE-2025-38527","CVE-2025-38528","CVE-2025-38529","CVE-2025-38530","CVE-2025-38531","CVE-2025-38532","CVE-2025-38533","CVE-2025-38534","CVE-2025-38535","CVE-2025-38536","CVE-2025-38537","CVE-2025-38538","CVE-2025-38539","CVE-2025-38540","CVE-2025-38541","CVE-2025-38542","CVE-2025-38543","CVE-2025-38544","CVE-2025-38545","CVE-2025-38546","CVE-2025-38547","CVE-2025-38548","CVE-2025-38549","CVE-2025-38550","CVE-2025-38551","CVE-2025-38552","CVE-2020-24588","CVE-2025-27558"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:19+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1858","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1322"},{"num":1745,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1452","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-38091","CVE-2025-38092","CVE-2025-38093","CVE-2025-38094","CVE-2025-38095","CVE-2025-38096","CVE-2025-38097","CVE-2025-38098","CVE-2025-38099","CVE-2025-38100","CVE-2025-38101","CVE-2025-38102","CVE-2025-38103","CVE-2025-38105","CVE-2025-38106","CVE-2025-38107","CVE-2025-38108","CVE-2025-38109","CVE-2025-38110","CVE-2025-38111","CVE-2025-38112","CVE-2025-38113","CVE-2025-38114","CVE-2025-38115","CVE-2025-38116","CVE-2025-38117","CVE-2025-38118","CVE-2025-38119","CVE-2025-38120","CVE-2025-38121","CVE-2025-38122","CVE-2025-38123","CVE-2025-38124","CVE-2025-38125","CVE-2025-38126","CVE-2025-38127","CVE-2025-38128","CVE-2025-38129","CVE-2025-38130","CVE-2025-38131","CVE-2025-38132","CVE-2025-38133","CVE-2025-38134","CVE-2025-38135","CVE-2025-38136","CVE-2025-38137","CVE-2025-38138","CVE-2025-38139","CVE-2025-38140","CVE-2025-38141","CVE-2025-38142","CVE-2025-38143","CVE-2025-38144","CVE-2025-38145","CVE-2025-38146","CVE-2025-38147","CVE-2025-38148","CVE-2025-38149","CVE-2025-38150","CVE-2025-38151"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:18+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1452","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1745"},{"num":81904,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1517","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"high","cvss":null,"cves":["CVE-2025-38238","CVE-2025-38241","CVE-2025-38242","CVE-2025-38243","CVE-2025-38244","CVE-2025-38245","CVE-2025-38246","CVE-2025-38247","CVE-2025-38248","CVE-2025-38249","CVE-2025-38250","CVE-2025-38251","CVE-2025-38252","CVE-2025-38253","CVE-2025-38254","CVE-2025-38255","CVE-2025-38256","CVE-2025-38257","CVE-2025-38258","CVE-2025-38259","CVE-2025-38260","CVE-2025-38261","CVE-2025-38262","CVE-2025-38263","CVE-2025-38264"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:18+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1517","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81904"},{"num":81906,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1405","title":"[UPDATE] [medium] FasterXML Jackson: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-52999"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:17+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1405","csirts_url":"https://www.csirts.com/advisory/update-medium-fasterxml-jackson-81906"},{"num":81909,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1262","title":"[UPDATE] [low] FasterXML Jackson: Vulnerability allows information disclosure","severity":"low","cvss":null,"cves":["CVE-2025-49128"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1262","csirts_url":"https://www.csirts.com/advisory/update-low-fasterxml-jackson-81909"},{"num":1499,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1114","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-37840","CVE-2025-37841","CVE-2025-37842","CVE-2025-37843","CVE-2025-37844","CVE-2025-37845","CVE-2025-37846","CVE-2025-37862","CVE-2025-37864","CVE-2025-37894","CVE-2025-37895","CVE-2025-37896","CVE-2025-37897","CVE-2025-37898","CVE-2025-37899","CVE-2025-37900","CVE-2025-37901","CVE-2025-37902","CVE-2025-37903","CVE-2025-37904","CVE-2025-37905","CVE-2025-37906","CVE-2025-37907","CVE-2025-37908","CVE-2025-37909","CVE-2025-37910","CVE-2025-37911","CVE-2025-37912","CVE-2025-37913","CVE-2025-37914","CVE-2025-37915","CVE-2025-37916","CVE-2025-37917","CVE-2025-37918","CVE-2025-37919","CVE-2025-37920","CVE-2025-37921","CVE-2025-37922","CVE-2025-37923","CVE-2025-37924","CVE-2025-37926","CVE-2025-37927","CVE-2025-37928","CVE-2025-37929","CVE-2025-37930","CVE-2025-37931","CVE-2025-37932","CVE-2025-37933","CVE-2025-37934","CVE-2025-37935","CVE-2025-37936","CVE-2025-37937","CVE-2025-37938","CVE-2025-37939","CVE-2025-37940","CVE-2025-37941","CVE-2025-37942","CVE-2025-37943","CVE-2025-37944","CVE-2025-37945"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1114","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1499"},{"num":81911,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0987","title":"[UPDATE] [medium] Eclipse Jetty: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-13009","CVE-2025-1948"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:13+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0987","csirts_url":"https://www.csirts.com/advisory/update-medium-eclipse-jetty-multiple-81911"},{"num":81912,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0932","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2023-53109","CVE-2023-53111","CVE-2023-53112","CVE-2023-53113","CVE-2023-53114","CVE-2023-53115","CVE-2023-53116","CVE-2023-53117","CVE-2023-53118","CVE-2023-53129","CVE-2023-53130","CVE-2023-53131","CVE-2023-53132","CVE-2023-53133","CVE-2023-53134","CVE-2023-53135","CVE-2023-53136","CVE-2023-53137","CVE-2023-53138","CVE-2023-53139","CVE-2023-53140","CVE-2023-53141","CVE-2023-53142","CVE-2023-53143","CVE-2023-53144","CVE-2025-37797","CVE-2025-37798","CVE-2025-37799","CVE-2023-53126","CVE-2025-23163","CVE-2025-37766","CVE-2025-37770"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:17:12+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0932","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81912"},{"num":81913,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0545","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"high","cvss":null,"cves":["CVE-2024-58087","CVE-2024-58088","CVE-2024-58089","CVE-2025-21844","CVE-2025-21845","CVE-2025-21846","CVE-2025-21847","CVE-2025-21848","CVE-2025-21849","CVE-2025-21850","CVE-2025-21851","CVE-2025-21852","CVE-2025-21853","CVE-2025-21854","CVE-2025-21855","CVE-2025-21856","CVE-2025-21857","CVE-2025-21858","CVE-2025-21859","CVE-2025-21860","CVE-2025-21861","CVE-2025-21862","CVE-2025-21863","CVE-2025-21864","CVE-2025-21865","CVE-2025-21866"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0545","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-81913"},{"num":81915,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3762","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2024-53180","CVE-2024-53182","CVE-2024-53183","CVE-2024-53184","CVE-2024-53185","CVE-2024-53186","CVE-2024-53187","CVE-2024-53188","CVE-2024-53189","CVE-2024-53194","CVE-2024-53195","CVE-2024-53196","CVE-2024-53197","CVE-2024-53198","CVE-2024-53199","CVE-2024-53200","CVE-2024-53201","CVE-2024-53202","CVE-2024-53203","CVE-2024-53204","CVE-2024-53205","CVE-2024-53206","CVE-2024-53207","CVE-2024-53208","CVE-2024-53209","CVE-2024-53210","CVE-2024-53211","CVE-2024-53212","CVE-2024-53213","CVE-2024-53214","CVE-2024-53215","CVE-2024-53216","CVE-2024-53217","CVE-2024-53218","CVE-2024-53219","CVE-2024-53220","CVE-2024-53221","CVE-2024-53222","CVE-2024-53223","CVE-2024-53224","CVE-2024-53225","CVE-2024-53226","CVE-2024-53227","CVE-2024-53228","CVE-2024-53229","CVE-2024-53230","CVE-2024-53231","CVE-2024-53232","CVE-2024-53233","CVE-2024-53234","CVE-2024-53235","CVE-2024-53236","CVE-2024-53237","CVE-2024-53238","CVE-2024-53239","CVE-2024-56531","CVE-2024-56532","CVE-2024-56533","CVE-2024-56534","CVE-2024-56535"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:49+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3762","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81915"},{"num":81916,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3176","title":"[UPDATE] [medium] Eclipse Jetty: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-6762","CVE-2024-6763","CVE-2024-8184","CVE-2024-9823"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3176","csirts_url":"https://www.csirts.com/advisory/update-medium-eclipse-jetty-multiple-81916"},{"num":81917,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1925","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-43896","CVE-2024-43898","CVE-2024-43899","CVE-2024-43900","CVE-2024-43901","CVE-2024-43902","CVE-2024-43903","CVE-2024-43904","CVE-2024-43905","CVE-2024-43906","CVE-2024-43907","CVE-2024-43908","CVE-2024-43909","CVE-2024-43910","CVE-2024-43911","CVE-2024-43912","CVE-2024-43913","CVE-2024-43914","CVE-2024-44931","CVE-2024-44932","CVE-2024-44933","CVE-2024-44934","CVE-2024-44935","CVE-2024-44936","CVE-2024-44937"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1925","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81917"},{"num":81918,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1259","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow Denial of Service and nonspecific attack","severity":"medium","cvss":null,"cves":["CVE-2024-36904","CVE-2023-52881","CVE-2023-52882","CVE-2024-36016","CVE-2024-36017","CVE-2024-36018","CVE-2024-36019","CVE-2024-36020","CVE-2024-36021","CVE-2024-36022","CVE-2024-36023","CVE-2024-36024","CVE-2024-36025","CVE-2024-36026","CVE-2024-36027","CVE-2024-36028","CVE-2024-36029","CVE-2024-36030","CVE-2024-36031","CVE-2024-36032","CVE-2024-36033","CVE-2024-36880","CVE-2024-36881","CVE-2024-36882","CVE-2024-36883","CVE-2024-36884","CVE-2024-36885","CVE-2024-36886","CVE-2024-36887","CVE-2024-36888","CVE-2024-36889","CVE-2024-36890","CVE-2024-36891","CVE-2024-36892","CVE-2024-36893","CVE-2024-36894","CVE-2024-36895","CVE-2024-36896","CVE-2024-36897","CVE-2024-36898","CVE-2024-36899","CVE-2024-36900","CVE-2024-36901","CVE-2024-36902","CVE-2024-36903","CVE-2024-36905","CVE-2024-36906","CVE-2024-36907","CVE-2024-36908","CVE-2024-36909","CVE-2024-36910","CVE-2024-36911","CVE-2024-36912","CVE-2024-36913","CVE-2024-36914","CVE-2024-36915","CVE-2024-36916","CVE-2024-36917","CVE-2024-36918","CVE-2024-36919"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1259","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81918"},{"num":81919,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1025","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2022-48670","CVE-2022-48671","CVE-2022-48672","CVE-2022-48673","CVE-2022-48674","CVE-2022-48675","CVE-2022-48686","CVE-2022-48687","CVE-2022-48688","CVE-2022-48689","CVE-2022-48690","CVE-2022-48691","CVE-2022-48692","CVE-2022-48693","CVE-2022-48694","CVE-2022-48695","CVE-2022-48696","CVE-2022-48697","CVE-2022-48698","CVE-2022-48699","CVE-2022-48700","CVE-2022-48701","CVE-2022-48702","CVE-2022-48703","CVE-2022-48704","CVE-2022-48705"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1025","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81919"},{"num":81920,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1008","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2022-48669","CVE-2023-52647","CVE-2023-52648","CVE-2023-52649","CVE-2023-52650","CVE-2023-52651","CVE-2023-52652","CVE-2023-52653","CVE-2024-26929","CVE-2024-26930","CVE-2024-26931","CVE-2024-26932","CVE-2024-26933","CVE-2024-26934","CVE-2024-26935","CVE-2024-26936","CVE-2024-26937","CVE-2024-26938","CVE-2024-26939","CVE-2024-26940","CVE-2024-26941","CVE-2024-26942","CVE-2024-26943","CVE-2024-26944","CVE-2024-26945","CVE-2024-26946","CVE-2024-26947","CVE-2024-26948","CVE-2024-26949","CVE-2024-26950","CVE-2024-26951","CVE-2024-26952","CVE-2024-26953","CVE-2024-26954","CVE-2024-26955","CVE-2024-26956","CVE-2024-26957","CVE-2024-26958","CVE-2024-26959","CVE-2024-26960","CVE-2024-26961","CVE-2024-26962","CVE-2024-26963","CVE-2024-26964","CVE-2024-26965","CVE-2024-26966","CVE-2024-26967","CVE-2024-26968","CVE-2024-26969","CVE-2024-26970","CVE-2024-26971","CVE-2024-26972","CVE-2024-26973","CVE-2024-26974","CVE-2024-26975","CVE-2024-26976","CVE-2024-26977","CVE-2024-26978","CVE-2024-26979","CVE-2024-26980"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1008","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81920"},{"num":81921,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0851","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2021-47209","CVE-2021-47210","CVE-2021-47211","CVE-2021-47212","CVE-2021-47213","CVE-2021-47214","CVE-2021-47215","CVE-2021-47216","CVE-2021-47217","CVE-2021-47218","CVE-2021-47219","CVE-2024-26815","CVE-2021-47181","CVE-2021-47182","CVE-2021-47183","CVE-2021-47184","CVE-2021-47185","CVE-2021-47186","CVE-2021-47187","CVE-2021-47188","CVE-2021-47189","CVE-2021-47190","CVE-2021-47191","CVE-2021-47192","CVE-2021-47193","CVE-2021-47194","CVE-2021-47195","CVE-2021-47196","CVE-2021-47197","CVE-2021-47198","CVE-2021-47199","CVE-2021-47200","CVE-2021-47201","CVE-2021-47202","CVE-2021-47203","CVE-2021-47204","CVE-2021-47205","CVE-2021-47206","CVE-2021-47207","CVE-2024-26816","CVE-2021-47208","CVE-2021-47220","CVE-2024-26817"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0851","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-81921"},{"num":81922,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2627","title":"[UPDATE] [high] Eclipse Jetty: Multiple vulnerabilities allow Denial of Service","severity":"high","cvss":null,"cves":["CVE-2023-36478","CVE-2023-44487"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T08:16:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2627","csirts_url":"https://www.csirts.com/advisory/update-high-eclipse-jetty-multiple-81922"},{"num":81924,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2099","title":"[UPDATE] [medium] Apache Ivy: Vulnerability allows information disclosure","severity":"medium","cvss":null,"cves":["CVE-2022-46751"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2099","csirts_url":"https://www.csirts.com/advisory/update-medium-apache-ivy-vulnerability-81924"},{"num":81923,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2359","title":"[UPDATE] [medium] Eclipse Jetty: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2023-36479","CVE-2023-40167","CVE-2023-41900"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2359","csirts_url":"https://www.csirts.com/advisory/update-medium-eclipse-jetty-multiple-81923"},{"num":81926,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0239","title":"[UPDATE] [high] Red Hat JBoss Enterprise Application Platform: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2015-9251","CVE-2016-10735","CVE-2017-18214","CVE-2018-14040","CVE-2018-14041","CVE-2018-14042","CVE-2019-11358","CVE-2019-8331","CVE-2020-11022","CVE-2020-11023","CVE-2022-3143","CVE-2022-40149","CVE-2022-40150","CVE-2022-40152","CVE-2022-42003","CVE-2022-42004","CVE-2022-45047","CVE-2022-45693","CVE-2022-46364"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T08:16:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0239","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-jboss-enterprise-81926"},{"num":81925,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1009","title":"[UPDATE] [medium] Eclipse Jetty: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2023-26048","CVE-2023-26049"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1009","csirts_url":"https://www.csirts.com/advisory/update-medium-eclipse-jetty-multiple-81925"},{"num":81927,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1608","title":"[UPDATE] [medium] FasterXML Jackson: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2022-42003","CVE-2022-42004"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T08:16:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1608","csirts_url":"https://www.csirts.com/advisory/update-medium-fasterxml-jackson-multiple-81927"},{"num":81929,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2149","title":"[UPDATE] [high] Gitea: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-58418","CVE-2026-58419","CVE-2026-58421","CVE-2026-58422","CVE-2026-58423","CVE-2026-58424","CVE-2026-58426"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:44:01+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2149","csirts_url":"https://www.csirts.com/advisory/update-high-gitea-multiple-vulnerabilities-81929"},{"num":967,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2135","title":"[UPDATE] [medium] MediaWiki: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-58024","CVE-2026-58025","CVE-2026-58026","CVE-2026-58027","CVE-2026-58028","CVE-2026-58029","CVE-2026-58030","CVE-2026-58032","CVE-2026-58033","CVE-2026-58036","CVE-2026-58037","CVE-2026-58038","CVE-2026-8857"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:43:38+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2135","csirts_url":"https://www.csirts.com/advisory/update-medium-mediawiki-multiple-967"},{"num":1730,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2063","title":"[UPDATE] [medium] Red Hat Enterprise Linux (perl-IO-Compress): Vulnerability allows executing arbitrary program code with service rights","severity":"medium","cvss":null,"cves":["CVE-2026-48962"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:43:13+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2063","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1730"},{"num":81943,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2027","title":"[UPDATE] [high] Gitea: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-20779","CVE-2026-20896","CVE-2026-22874","CVE-2026-24451","CVE-2026-25038","CVE-2026-27761","CVE-2026-27775","CVE-2026-28740"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T07:43:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2027","csirts_url":"https://www.csirts.com/advisory/update-high-gitea-multiple-vulnerabilities-81943"},{"num":936,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1190","title":"[UPDATE] [critical] GNU libc: Multiple vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-5358","CVE-2026-5450","CVE-2026-5928"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:43:08+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1190","csirts_url":"https://www.csirts.com/advisory/update-critical-gnu-libc-multiple-936"},{"num":81951,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1172","title":"[UPDATE] [medium] Gitea: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-22555","CVE-2026-27780","CVE-2026-28737"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:42:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1172","csirts_url":"https://www.csirts.com/advisory/update-medium-gitea-multiple-81951"},{"num":81958,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1082","title":"[UPDATE] [medium] Eclipse Jetty: Vulnerability allows data manipulation","severity":"medium","cvss":null,"cves":["CVE-2026-2332"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:42:40+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1082","csirts_url":"https://www.csirts.com/advisory/update-medium-eclipse-jetty-vulnerability-81958"},{"num":81963,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1732","title":"[UPDATE] [high] Red Hat Enterprise Linux (Flatpak): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-34078","CVE-2026-34079"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:42:15+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1732","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-81963"},{"num":81962,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0923","title":"[UPDATE] [medium] libarchive: Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2026-5121"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:42:15+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0923","csirts_url":"https://www.csirts.com/advisory/update-medium-libarchive-vulnerability-81962"},{"num":81964,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0918","title":"[UPDATE] [medium] GNU libc: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-4046"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:42:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0918","csirts_url":"https://www.csirts.com/advisory/update-medium-gnu-libc-vulnerability-81964"},{"num":1711,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0875","title":"[UPDATE] [medium] Red Hat Enterprise Linux (ncurses): Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2025-69720"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:42:12+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0875","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1711"},{"num":891,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0863","title":"[UPDATE] [medium] Internet Systems Consortium BIND: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-1519","CVE-2026-3104","CVE-2026-3119","CVE-2026-3591"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:42:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0863","csirts_url":"https://www.csirts.com/advisory/update-medium-internet-systems-consortium-891"},{"num":81968,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1684","title":"[UPDATE] [medium] Linux Kernel (Bluetooth): Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-45834","CVE-2026-45835","CVE-2026-45836"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:42:11+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1684","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-bluetooth-81968"},{"num":81971,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1637","title":"[UPDATE] [medium] Gitea: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-28744","CVE-2026-20706","CVE-2026-25714","CVE-2026-26231","CVE-2026-27771","CVE-2026-27783","CVE-2026-28699"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T07:42:08+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1637","csirts_url":"https://www.csirts.com/advisory/update-medium-gitea-multiple-81971"},{"num":1437,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1633","title":"[UPDATE] [high] Linux Kernel: Vulnerability allows privilege escalation","severity":"high","cvss":null,"cves":["CVE-2026-43494"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:41:47+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1633","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-vulnerability-1437"},{"num":81975,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0803","title":"[UPDATE] [medium] libarchive: Multiple vulnerabilities allow information disclosure and DoS","severity":"medium","cvss":null,"cves":["CVE-2026-4424","CVE-2026-4426"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:41:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0803","csirts_url":"https://www.csirts.com/advisory/update-medium-libarchive-multiple-81975"},{"num":81979,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0611","title":"[UPDATE] [low] Eclipse Jetty: Vulnerability allows bypassing of security measures","severity":"low","cvss":null,"cves":["CVE-2025-11143"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:41:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0611","csirts_url":"https://www.csirts.com/advisory/update-low-eclipse-jetty-vulnerability-81979"},{"num":1391,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2186","title":"[NEW] [medium] PHP: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-12184","CVE-2026-14355"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:21:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2186","csirts_url":"https://www.csirts.com/advisory/new-medium-php-multiple-vulnerabilities-1391"},{"num":1292,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2190","title":"[NEW] [medium] Linux Kernel: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-53357","CVE-2026-53358"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T07:21:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2190","csirts_url":"https://www.csirts.com/advisory/new-medium-linux-kernel-multiple-1292"},{"num":77753,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20260706","title":"Apple Products Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-28979","CVE-2026-39868","CVE-2026-39872","CVE-2026-43663","CVE-2026-43676","CVE-2026-43699","CVE-2026-43700","CVE-2026-43701","CVE-2026-43703","CVE-2026-43704","CVE-2026-43705","CVE-2026-43706","CVE-2026-43707","CVE-2026-43708","CVE-2026-43709","CVE-2026-43712","CVE-2026-43713","CVE-2026-43715","CVE-2026-43716","CVE-2026-43717","CVE-2026-43718","CVE-2026-43720","CVE-2026-43721","CVE-2026-43722","CVE-2026-43724","CVE-2026-43725","CVE-2026-43726","CVE-2026-43727","CVE-2026-43731","CVE-2026-43732","CVE-2026-43734","CVE-2026-43735","CVE-2026-43740","CVE-2026-43742","CVE-2026-43743","CVE-2026-43745","CVE-2026-43746"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20260706","csirts_url":"https://www.csirts.com/advisory/apple-products-multiple-vulnerabilities-77753"},{"num":77754,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706","title":"Debian Linux Kernel Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2021-47188","CVE-2021-47211","CVE-2022-48703","CVE-2022-49135","CVE-2022-49158","CVE-2022-49183","CVE-2022-49822","CVE-2022-50073","CVE-2022-50472","CVE-2022-50493","CVE-2022-50552","CVE-2023-53133","CVE-2023-53292","CVE-2023-53421","CVE-2023-53596","CVE-2023-53989","CVE-2023-54125","CVE-2023-54129","CVE-2023-54271","CVE-2023-54322","CVE-2024-27012","CVE-2024-36922","CVE-2024-43902","CVE-2024-53221","CVE-2024-56657","CVE-2025-10263","CVE-2025-21739","CVE-2025-21863","CVE-2025-22026","CVE-2025-22105","CVE-2025-22107","CVE-2025-23131","CVE-2025-37864","CVE-2025-38129","CVE-2025-38250","CVE-2025-38584","CVE-2025-38627","CVE-2025-38710","CVE-2025-39929","CVE-2025-39997","CVE-2025-40164","CVE-2025-40347","CVE-2025-68201","CVE-2025-68315","CVE-2025-68340","CVE-2025-68823","CVE-2026-23066","CVE-2026-23099","CVE-2026-23255","CVE-2026-23310","CVE-2026-23389","CVE-2026-23399","CVE-2026-23442","CVE-2026-23444","CVE-2026-23468","CVE-2026-31407","CVE-2026-31419","CVE-2026-31449","CVE-2026-31488","CVE-2026-31489"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260706","csirts_url":"https://www.csirts.com/advisory/debian-linux-kernel-multiple-77754"},{"num":77755,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20260706","title":"Microsoft Edge Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-13774","CVE-2026-13775","CVE-2026-13776","CVE-2026-13779","CVE-2026-13780","CVE-2026-13781","CVE-2026-13782","CVE-2026-13783","CVE-2026-13784","CVE-2026-13786","CVE-2026-13787","CVE-2026-13790","CVE-2026-13793","CVE-2026-13794","CVE-2026-13796","CVE-2026-13797","CVE-2026-13798","CVE-2026-13799","CVE-2026-13800","CVE-2026-13801","CVE-2026-13802","CVE-2026-13803","CVE-2026-13804","CVE-2026-13806","CVE-2026-13810","CVE-2026-13811","CVE-2026-13814","CVE-2026-13815","CVE-2026-13817","CVE-2026-13818","CVE-2026-13820","CVE-2026-13821","CVE-2026-13823","CVE-2026-13824","CVE-2026-13828","CVE-2026-13829","CVE-2026-13830","CVE-2026-13831","CVE-2026-13832","CVE-2026-13834","CVE-2026-13835","CVE-2026-13836","CVE-2026-13837","CVE-2026-13838","CVE-2026-13839","CVE-2026-13840","CVE-2026-13841","CVE-2026-13844","CVE-2026-13845","CVE-2026-13848","CVE-2026-13849","CVE-2026-13853","CVE-2026-13854","CVE-2026-13855","CVE-2026-13857","CVE-2026-13858","CVE-2026-13859","CVE-2026-13860","CVE-2026-13861","CVE-2026-13864"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20260706","csirts_url":"https://www.csirts.com/advisory/microsoft-edge-multiple-vulnerabilities-77755"},{"num":86636,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0836/","title":"Multiple vulnerabilities in OpenSSH (July 6, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0836/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-openssh-july-86636"},{"num":86635,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0835/","title":"Multiple vulnerabilities in Roundcube (July 6, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-54432","CVE-2026-54433"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0835/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-roundcube-86635"},{"num":86637,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0837/","title":"Vulnerability in PostgreSQL JDBC (July 6, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-54291"],"exploited":false,"has_exploit":false,"published_at":"2026-07-06T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0837/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-postgresql-jdbc-july-6-86637"},{"num":170040,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00292.html","title":"DSA-6381-1 linux - security update","severity":"unknown","cvss":null,"cves":["CVE-2025-23131","CVE-2026-31419","CVE-2026-31732","CVE-2026-43010","CVE-2026-43216","CVE-2026-43355","CVE-2026-46054","CVE-2026-46242","CVE-2026-46252","CVE-2026-52975","CVE-2026-53070","CVE-2026-53101","CVE-2026-53139","CVE-2026-53142","CVE-2026-53151","CVE-2026-53157","CVE-2026-53163","CVE-2026-53167","CVE-2026-53179","CVE-2026-53325","CVE-2026-53327","CVE-2026-53341","CVE-2026-53359","CVE-2026-53361","CVE-2026-53362"],"exploited":false,"has_exploit":true,"published_at":"2026-07-05T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00292.html","csirts_url":"https://www.csirts.com/advisory/dsa-6381-1-linux-security-update-170040"},{"num":170042,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00290.html","title":"DSA-6379-1 bird3 - security update","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-05T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00290.html","csirts_url":"https://www.csirts.com/advisory/dsa-6379-1-bird3-security-update-170042"},{"num":170043,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00289.html","title":"DSA-6378-1 chromium - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-13281","CVE-2026-13282","CVE-2026-13283","CVE-2026-13774","CVE-2026-13775","CVE-2026-13776","CVE-2026-13777","CVE-2026-13778","CVE-2026-13779","CVE-2026-13780","CVE-2026-13781","CVE-2026-13782","CVE-2026-13783","CVE-2026-13784","CVE-2026-13785","CVE-2026-13786","CVE-2026-13787","CVE-2026-13788","CVE-2026-13790","CVE-2026-13791","CVE-2026-13792","CVE-2026-13793","CVE-2026-13794","CVE-2026-13795","CVE-2026-13796","CVE-2026-13797","CVE-2026-13798","CVE-2026-13799","CVE-2026-13800","CVE-2026-13801","CVE-2026-13802","CVE-2026-13803","CVE-2026-13804","CVE-2026-13805","CVE-2026-13806","CVE-2026-13807","CVE-2026-13808","CVE-2026-13809","CVE-2026-13810","CVE-2026-13811","CVE-2026-13812","CVE-2026-13813","CVE-2026-13814","CVE-2026-13815","CVE-2026-13816","CVE-2026-13817","CVE-2026-13818","CVE-2026-13819","CVE-2026-13820","CVE-2026-13821","CVE-2026-13822","CVE-2026-13823","CVE-2026-13824","CVE-2026-13825","CVE-2026-13826","CVE-2026-13827","CVE-2026-13828","CVE-2026-13829","CVE-2026-13830","CVE-2026-13831"],"exploited":false,"has_exploit":false,"published_at":"2026-07-05T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00289.html","csirts_url":"https://www.csirts.com/advisory/dsa-6378-1-chromium-security-update-170043"},{"num":170041,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00291.html","title":"DSA-6380-1 mediawiki - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-58024","CVE-2026-58025","CVE-2026-58026","CVE-2026-58027","CVE-2026-58028","CVE-2026-58029","CVE-2026-58030","CVE-2026-58032","CVE-2026-58033","CVE-2026-58037"],"exploited":false,"has_exploit":false,"published_at":"2026-07-05T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00291.html","csirts_url":"https://www.csirts.com/advisory/dsa-6380-1-mediawiki-security-update-170041"},{"num":170044,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00288.html","title":"DSA-6377-1 php8.4 - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-14355"],"exploited":false,"has_exploit":false,"published_at":"2026-07-04T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00288.html","csirts_url":"https://www.csirts.com/advisory/dsa-6377-1-php8-4-security-update-170044"},{"num":19580,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/erlang-security-advisory-av26-651","title":"Erlang security advisory (AV26-651)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T18:41:41+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/erlang-security-advisory-av26-651","csirts_url":"https://www.csirts.com/advisory/erlang-security-advisory-av26-651-19580"},{"num":19581,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/github-security-advisory-av26-650","title":"GitHub security advisory (AV26-650)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T18:36:09+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/github-security-advisory-av26-650","csirts_url":"https://www.csirts.com/advisory/github-security-advisory-av26-650-19581"},{"num":19582,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/watchguard-security-advisory-av26-649","title":"WatchGuard security advisory (AV26-649)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T14:26:17+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/watchguard-security-advisory-av26-649","csirts_url":"https://www.csirts.com/advisory/watchguard-security-advisory-av26-649-19582"},{"num":1259,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2052","title":"[UPDATE] [medium] cURL: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-10536","CVE-2026-11352","CVE-2026-11564","CVE-2026-11586","CVE-2026-11856","CVE-2026-12064","CVE-2026-9080","CVE-2026-9545","CVE-2026-9546","CVE-2026-9547"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T11:10:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2052","csirts_url":"https://www.csirts.com/advisory/update-medium-curl-multiple-1259"},{"num":1266,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2194","title":"[NEW] [medium] Erlang/OTP: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-53422","CVE-2026-54886","CVE-2026-54887","CVE-2026-54891","CVE-2026-55950","CVE-2026-55952"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:55:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2194","csirts_url":"https://www.csirts.com/advisory/new-medium-erlang-otp-multiple-1266"},{"num":1267,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2193","title":"[NEW] [high] WatchGuard Firebox: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-13050","CVE-2026-13053","CVE-2026-13054","CVE-2026-13079","CVE-2026-13084","CVE-2026-13368","CVE-2026-13371","CVE-2026-13373","CVE-2026-13374","CVE-2026-13375","CVE-2026-13376","CVE-2026-13377","CVE-2026-13383","CVE-2026-13384","CVE-2026-13722","CVE-2026-13728","CVE-2026-8247"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:50:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2193","csirts_url":"https://www.csirts.com/advisory/new-high-watchguard-firebox-multiple-1267"},{"num":201,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1143","title":"[UPDATE] [medium] ffmpeg: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-40962","CVE-2026-6385"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:57+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1143","csirts_url":"https://www.csirts.com/advisory/update-medium-ffmpeg-multiple-201"},{"num":205,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0873","title":"[UPDATE] [high] docker: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-33747","CVE-2026-33748","CVE-2026-33997","CVE-2026-34040"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:56+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0873","csirts_url":"https://www.csirts.com/advisory/update-high-docker-multiple-205"},{"num":438,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1998","title":"[UPDATE] [medium] ffmpeg: Vulnerability allows code execution and potentially denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-9951"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:55+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1998","csirts_url":"https://www.csirts.com/advisory/update-medium-ffmpeg-vulnerability-allows-438"},{"num":436,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2026","title":"[UPDATE] [medium] ffmpeg: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-10256"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:55+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2026","csirts_url":"https://www.csirts.com/advisory/update-medium-ffmpeg-vulnerability-allows-436"},{"num":445,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0606","title":"[UPDATE] [medium] Red Hat Enterprise Linux (Gatekeeper): Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-22869","CVE-2025-22868"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0606","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-445"},{"num":446,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0429","title":"[UPDATE] [medium] ffmpeg: Vulnerability allows Denial of Service, potentially code execution","severity":"medium","cvss":null,"cves":["CVE-2025-1594"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0429","csirts_url":"https://www.csirts.com/advisory/update-medium-ffmpeg-vulnerability-allows-446"},{"num":447,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0401","title":"[UPDATE] [medium] ffmpeg: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-22919","CVE-2025-22920","CVE-2025-22921","CVE-2025-25468","CVE-2025-25469","CVE-2025-25471","CVE-2025-25473"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0401","csirts_url":"https://www.csirts.com/advisory/update-medium-ffmpeg-multiple-447"},{"num":788,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3572","title":"[UPDATE] [medium] ffmpeg: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2024-35366","CVE-2024-35367","CVE-2024-35369","CVE-2024-36616","CVE-2024-36617","CVE-2024-36618","CVE-2024-36619","CVE-2024-35368","CVE-2024-36615"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3572","csirts_url":"https://www.csirts.com/advisory/update-medium-ffmpeg-vulnerability-allows-788"},{"num":448,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0789","title":"[UPDATE] [medium] HTTP/2: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2023-45288","CVE-2024-2653","CVE-2024-27316","CVE-2024-2758","CVE-2024-27919","CVE-2024-28182","CVE-2024-30255","CVE-2024-31309"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0789","csirts_url":"https://www.csirts.com/advisory/update-medium-http-2-multiple-448"},{"num":793,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2191","title":"[NEW] [high] Microsoft Exchange Online: Vulnerability allows privilege escalation","severity":"high","cvss":null,"cves":["CVE-2026-54998"],"exploited":false,"has_exploit":true,"published_at":"2026-07-03T10:40:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2191","csirts_url":"https://www.csirts.com/advisory/new-high-microsoft-exchange-online-793"},{"num":449,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2139","title":"[UPDATE] [medium] TeamViewer: Vulnerability allows unspecified attack","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:40:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2139","csirts_url":"https://www.csirts.com/advisory/update-medium-teamviewer-vulnerability-449"},{"num":1696,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2065","title":"[UPDATE] [medium] cURL: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-8286","CVE-2026-8458","CVE-2026-8924","CVE-2026-8925","CVE-2026-8926","CVE-2026-8927","CVE-2026-8932","CVE-2026-9079"],"exploited":false,"has_exploit":true,"published_at":"2026-07-03T10:30:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2065","csirts_url":"https://www.csirts.com/advisory/update-medium-curl-multiple-1696"},{"num":1304,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1618","title":"[UPDATE] [high] Splunk Splunk Enterprise: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-22872","CVE-2025-47911","CVE-2025-58190","CVE-2025-61726","CVE-2025-61731","CVE-2025-61732","CVE-2025-68121","CVE-2025-68156","CVE-2026-27141","CVE-2026-20240","CVE-2026-20239"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:30:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1618","csirts_url":"https://www.csirts.com/advisory/update-high-splunk-splunk-enterprise-1304"},{"num":883,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2174","title":"[UPDATE] [medium] Cisco Catalyst Center: Vulnerability Allows Information Disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-20191"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:15:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2174","csirts_url":"https://www.csirts.com/advisory/update-medium-cisco-catalyst-center-883"},{"num":1308,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0994","title":"[UPDATE] [low] CUPS: Multiple Vulnerabilities Allow Denial of Service","severity":"low","cvss":null,"cves":["CVE-2026-39314","CVE-2026-39316"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T10:00:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0994","csirts_url":"https://www.csirts.com/advisory/update-low-cups-multiple-vulnerabilities-1308"},{"num":856,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2185","title":"[NEW] [high] Microsoft 365 Copilot: Vulnerability Allows Privilege Escalation","severity":"high","cvss":null,"cves":["CVE-2026-41106"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T09:55:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2185","csirts_url":"https://www.csirts.com/advisory/new-high-microsoft-365-copilot-856"},{"num":1319,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2184","title":"[NEW] [high] Microsoft Azure and Entra: Multiple Vulnerabilities Allow Privilege Escalation","severity":"high","cvss":null,"cves":["CVE-2026-26145","CVE-2026-45499","CVE-2026-57100"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T09:55:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2184","csirts_url":"https://www.csirts.com/advisory/new-high-microsoft-azure-and-entra-1319"},{"num":1385,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1996","title":"[UPDATE] [high] libssh2: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-55200","CVE-2026-55199"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T09:25:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1996","csirts_url":"https://www.csirts.com/advisory/update-high-libssh2-multiple-1385"},{"num":1389,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2188","title":"[NEW] [medium] IGEL OS: Vulnerability allows manipulation of files","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T09:20:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2188","csirts_url":"https://www.csirts.com/advisory/new-medium-igel-os-vulnerability-allows-1389"},{"num":255,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2187","title":"[NEW] [medium] GIMP: Vulnerability allows denial of service and potentially code execution","severity":"medium","cvss":null,"cves":["CVE-2026-58381"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T09:00:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2187","csirts_url":"https://www.csirts.com/advisory/new-medium-gimp-vulnerability-allows-255"},{"num":1959,"source_id":"ncsc-nl","external_id":"NCSC-2026-0220 [1.00]","title":"NCSC-2026-0220 [1.00] [M/H] Vulnerabilities fixed in Rancher by Rancher Labs","severity":"unknown","cvss":null,"cves":["CVE-2026-44946","CVE-2026-44947"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T08:21:34+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0220","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0220-1-00-m-h-vulnerabilities-1959"},{"num":1857,"source_id":"ncsc-nl","external_id":"NCSC-2026-0219 [1.00]","title":"NCSC-2026-0219 [1.00] [M/H] Vulnerabilities fixed in GitHub Enterprise Server","severity":"unknown","cvss":null,"cves":["CVE-2026-10585","CVE-2026-9106","CVE-2026-9132"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T08:21:21+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0219","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0219-1-00-m-h-vulnerabilities-1857"},{"num":815,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2110","title":"[UPDATE] [medium] nghttp2: Vulnerability allows data manipulation","severity":"medium","cvss":null,"cves":["CVE-2026-58055"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:33:08+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2110","csirts_url":"https://www.csirts.com/advisory/update-medium-nghttp2-vulnerability-815"},{"num":1776,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2088","title":"[UPDATE] [medium] vim: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-57454","CVE-2026-57456"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:33:07+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2088","csirts_url":"https://www.csirts.com/advisory/update-medium-vim-multiple-vulnerabilities-1776"},{"num":1404,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2006","title":"[UPDATE] [medium] vim: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-57452"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:33:05+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2006","csirts_url":"https://www.csirts.com/advisory/update-medium-vim-vulnerability-allows-1404"},{"num":1786,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2026","title":"[UPDATE] [medium] vim: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-57453","CVE-2026-57455"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:33:05+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2026","csirts_url":"https://www.csirts.com/advisory/update-medium-vim-multiple-vulnerabilities-1786"},{"num":1408,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1962","title":"[UPDATE] [medium] vim: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-55892","CVE-2026-55895"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:33:04+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1962","csirts_url":"https://www.csirts.com/advisory/update-medium-vim-multiple-vulnerabilities-1408"},{"num":1412,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1926","title":"[UPDATE] [medium] vim: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-55693"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:33:03+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1926","csirts_url":"https://www.csirts.com/advisory/update-medium-vim-vulnerability-allows-1412"},{"num":1433,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1777","title":"[UPDATE] [low] vim: Vulnerability allows file manipulation","severity":"low","cvss":null,"cves":["CVE-2026-35177"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:32:39+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1777","csirts_url":"https://www.csirts.com/advisory/update-low-vim-vulnerability-allows-file-1433"},{"num":821,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1762","title":"[UPDATE] [high] IBM WebSphere Application Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-8644","CVE-2026-9311","CVE-2026-9319","CVE-2026-9330"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:32:38+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1762","csirts_url":"https://www.csirts.com/advisory/update-high-ibm-websphere-application-821"},{"num":1436,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1641","title":"[UPDATE] [high] Evince: Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-46529"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:32:35+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1641","csirts_url":"https://www.csirts.com/advisory/update-high-evince-vulnerability-allows-1436"},{"num":1443,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1593","title":"[UPDATE] [medium] IBM WebSphere Application Server: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-4410","CVE-2026-5516"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:32:34+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1593","csirts_url":"https://www.csirts.com/advisory/update-medium-ibm-websphere-application-1443"},{"num":1477,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0280","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-71180","CVE-2025-71181","CVE-2025-71182","CVE-2025-71183","CVE-2025-71184","CVE-2025-71185","CVE-2025-71186","CVE-2025-71187","CVE-2025-71188","CVE-2025-71189","CVE-2025-71190","CVE-2025-71191","CVE-2026-23015","CVE-2026-23016","CVE-2026-23017","CVE-2026-23018","CVE-2026-23019","CVE-2026-23020","CVE-2026-23021","CVE-2026-23022","CVE-2026-23023","CVE-2026-23024","CVE-2026-23025","CVE-2026-23026","CVE-2026-23027","CVE-2026-23028","CVE-2026-23029","CVE-2026-23030","CVE-2026-23031","CVE-2026-23032","CVE-2026-23033","CVE-2026-23034","CVE-2026-23035","CVE-2026-23036","CVE-2026-23037","CVE-2026-23038","CVE-2026-23039"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:31:25+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0280","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1477"},{"num":1488,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0194","title":"[UPDATE] [medium] Linux Kernel: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-22977"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:31:23+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0194","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-vulnerability-1488"},{"num":1493,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0184","title":"[UPDATE] [medium] Linux Kernel: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-22976"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:31:03+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0184","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-vulnerability-1493"},{"num":455,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2431","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-40029","CVE-2025-40030","CVE-2025-40031","CVE-2025-40032","CVE-2025-40033","CVE-2025-40034","CVE-2025-40035","CVE-2025-40036","CVE-2025-40037","CVE-2025-40038","CVE-2025-40039","CVE-2025-40040","CVE-2025-40041","CVE-2025-40042","CVE-2025-40043","CVE-2025-40044","CVE-2025-40045","CVE-2025-40046","CVE-2025-40047","CVE-2025-40048","CVE-2025-40049","CVE-2025-40050","CVE-2025-40051","CVE-2025-40052","CVE-2025-40053","CVE-2025-40054","CVE-2025-40055","CVE-2025-40056","CVE-2025-40057","CVE-2025-40058","CVE-2025-40059","CVE-2025-40060","CVE-2025-40061","CVE-2025-40062","CVE-2025-40063","CVE-2025-40064","CVE-2025-40065","CVE-2025-40066","CVE-2025-40067","CVE-2025-40068","CVE-2025-40069","CVE-2025-40070","CVE-2025-40071","CVE-2025-40072","CVE-2025-40073","CVE-2025-40074","CVE-2025-40075","CVE-2025-40076","CVE-2025-40077","CVE-2025-40078","CVE-2025-40079","CVE-2025-40080","CVE-2025-40081","CVE-2025-40082"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:30:58+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2431","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-455"},{"num":459,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1465","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-38177","CVE-2025-38178","CVE-2025-38179","CVE-2025-38180","CVE-2025-38181","CVE-2025-38182","CVE-2025-38183","CVE-2025-38184","CVE-2025-38185","CVE-2025-38186","CVE-2025-38187","CVE-2025-38188","CVE-2025-38189","CVE-2025-38190","CVE-2025-38191","CVE-2025-38192","CVE-2025-38193","CVE-2025-38194","CVE-2025-38195","CVE-2025-38196","CVE-2025-38197","CVE-2025-38198","CVE-2025-38199","CVE-2025-38200","CVE-2025-38201","CVE-2025-38202","CVE-2025-38203","CVE-2025-38204","CVE-2025-38205","CVE-2025-38206","CVE-2025-38207","CVE-2025-38208","CVE-2025-38209","CVE-2025-38210","CVE-2025-38211","CVE-2025-38212","CVE-2025-38213","CVE-2025-38214","CVE-2025-38215","CVE-2025-38216","CVE-2025-38217","CVE-2025-38218","CVE-2025-38219","CVE-2025-38220","CVE-2025-38221","CVE-2025-38222","CVE-2025-38223","CVE-2025-38224","CVE-2025-38225","CVE-2025-38226","CVE-2025-38227","CVE-2025-38228","CVE-2025-38229","CVE-2025-38230","CVE-2025-38231","CVE-2025-38232","CVE-2025-38233","CVE-2025-38234","CVE-2025-38235"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:30:56+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1465","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-459"},{"num":1515,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3586","title":"[UPDATE] [medium] GStreamer: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2024-47537","CVE-2024-47538","CVE-2024-47539","CVE-2024-47540","CVE-2024-47541","CVE-2024-47542","CVE-2024-47543","CVE-2024-47544","CVE-2024-47545","CVE-2024-47546","CVE-2024-47596","CVE-2024-47597","CVE-2024-47598","CVE-2024-47599","CVE-2024-47600","CVE-2024-47601","CVE-2024-47602","CVE-2024-47603","CVE-2024-47606","CVE-2024-47607","CVE-2024-47613","CVE-2024-47615","CVE-2024-47774","CVE-2024-47775","CVE-2024-47776","CVE-2024-47777","CVE-2024-47778","CVE-2024-47834","CVE-2024-47835"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:30:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3586","csirts_url":"https://www.csirts.com/advisory/update-medium-gstreamer-multiple-1515"},{"num":1516,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3251","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2024-47726","CVE-2024-47729","CVE-2024-47730","CVE-2024-47731","CVE-2024-47732","CVE-2024-50003","CVE-2024-47733","CVE-2024-47734","CVE-2024-47735","CVE-2024-50004","CVE-2024-50005","CVE-2024-50006","CVE-2024-50007","CVE-2024-50008","CVE-2024-50009","CVE-2024-50010","CVE-2024-50011","CVE-2024-50012","CVE-2024-49863","CVE-2024-50013","CVE-2024-50014","CVE-2024-50015","CVE-2024-50016","CVE-2024-50017","CVE-2024-50018","CVE-2024-47749","CVE-2024-47750","CVE-2024-47751","CVE-2024-47752","CVE-2024-49864","CVE-2024-49865","CVE-2024-49866","CVE-2024-49867","CVE-2024-49868","CVE-2024-47753","CVE-2024-47754","CVE-2024-49869","CVE-2024-49870","CVE-2024-49871","CVE-2024-49872","CVE-2024-49873","CVE-2024-47755","CVE-2024-47756","CVE-2024-47757","CVE-2024-49874","CVE-2024-49876","CVE-2024-49877","CVE-2024-49885","CVE-2024-49886","CVE-2024-49887","CVE-2024-49888","CVE-2024-49889","CVE-2024-49890","CVE-2024-49891","CVE-2024-49892","CVE-2024-49893","CVE-2024-49894","CVE-2024-49858","CVE-2024-49859","CVE-2024-49860"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:30:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3251","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1516"},{"num":1517,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1188","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2023-52657","CVE-2023-52658","CVE-2023-52659","CVE-2023-52660","CVE-2023-52661","CVE-2023-52662","CVE-2023-52663","CVE-2023-52664","CVE-2023-52665","CVE-2023-52666","CVE-2023-52667","CVE-2023-52668","CVE-2023-52669","CVE-2023-52670","CVE-2023-52671","CVE-2023-52672","CVE-2023-52673","CVE-2023-52674","CVE-2023-52675","CVE-2023-52676","CVE-2023-52677","CVE-2023-52678","CVE-2023-52679","CVE-2023-52680","CVE-2023-52681","CVE-2023-52682","CVE-2023-52683","CVE-2023-52684","CVE-2023-52685","CVE-2023-52686","CVE-2023-52687","CVE-2023-52688","CVE-2023-52689","CVE-2023-52690","CVE-2023-52691","CVE-2023-52692","CVE-2023-52693","CVE-2023-52694","CVE-2023-52695","CVE-2023-52696","CVE-2023-52697","CVE-2023-52698","CVE-2023-52699","CVE-2024-27402","CVE-2024-27403","CVE-2024-27404","CVE-2024-27405","CVE-2024-27406","CVE-2024-27407","CVE-2024-27408","CVE-2024-27409","CVE-2024-27410","CVE-2024-27411","CVE-2024-27412","CVE-2024-27413","CVE-2024-27414","CVE-2024-27415","CVE-2024-27416","CVE-2024-27417","CVE-2024-27418"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:30:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1188","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1517"},{"num":1519,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2183","title":"[UPDATE] [high] Red Hat Software Collections: Multiple vulnerabilities","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T07:30:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2183","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-software-collections-1519"},{"num":721,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2178","title":"[UPDATE] [medium] Mozilla Thunderbird: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-57962","CVE-2026-57963"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T06:50:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2178","csirts_url":"https://www.csirts.com/advisory/update-medium-mozilla-thunderbird-721"},{"num":1530,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2171","title":"[UPDATE] [high] Ubiquiti UniFi: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-50746","CVE-2026-50747","CVE-2026-50748","CVE-2026-54400","CVE-2026-54401","CVE-2026-54402","CVE-2026-54403","CVE-2026-54404","CVE-2026-54405","CVE-2026-54406","CVE-2026-54407","CVE-2026-54408","CVE-2026-54409","CVE-2026-55110","CVE-2026-55111","CVE-2026-55112","CVE-2026-55113","CVE-2026-55114","CVE-2026-55115","CVE-2026-55116","CVE-2026-55117","CVE-2026-55118","CVE-2026-55119","CVE-2026-56841","CVE-2026-56842"],"exploited":false,"has_exploit":true,"published_at":"2026-07-03T06:50:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2171","csirts_url":"https://www.csirts.com/advisory/update-high-ubiquiti-unifi-multiple-1530"},{"num":19656,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/citrix-products-multiple-vulnerabilities_20260703","title":"Citrix Products Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-8451","CVE-2026-8452","CVE-2026-8655","CVE-2026-10816","CVE-2026-10817","CVE-2026-13474"],"exploited":false,"has_exploit":true,"published_at":"2026-07-03T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/citrix-products-multiple-vulnerabilities_20260703","csirts_url":"https://www.csirts.com/advisory/citrix-products-multiple-vulnerabilities-19656"},{"num":537,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0833/","title":"Multiple vulnerabilities in SUSE Linux kernel (July 3, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-43198","CVE-2026-45842","CVE-2025-68324","CVE-2026-43366","CVE-2026-43068","CVE-2026-46119","CVE-2026-43414","CVE-2026-31493","CVE-2026-43413","CVE-2026-31402","CVE-2026-45852","CVE-2026-43483","CVE-2026-31758","CVE-2026-45856","CVE-2026-43119","CVE-2026-43470","CVE-2026-46227","CVE-2026-43455","CVE-2026-31453","CVE-2026-31593","CVE-2026-23438","CVE-2026-45910","CVE-2026-31405","CVE-2026-43339","CVE-2026-43054","CVE-2026-31698","CVE-2026-31664","CVE-2026-31473","CVE-2026-31448","CVE-2026-31752","CVE-2026-23303","CVE-2026-31396","CVE-2026-31680","CVE-2026-31613","CVE-2026-46114","CVE-2026-43411","CVE-2026-43284","CVE-2026-43362","CVE-2026-43052","CVE-2026-43053","CVE-2026-31655","CVE-2026-45870","CVE-2026-43028","CVE-2026-31614","CVE-2026-46113","CVE-2026-3150","CVE-2026-45841","CVE-2026-46159","CVE-2026-31546","CVE-2026-46209","CVE-2026-31516","CVE-2026-43023","CVE-2026-43345","CVE-2026-43503","CVE-2026-46101","CVE-2026-46024","CVE-2025-68822","CVE-2026-46037","CVE-2026-46116","CVE-2026-46083"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0833/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-suse-linux-537"},{"num":536,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0831/","title":"Multiple vulnerabilities in Ubuntu Linux kernel (July 3, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-46325","CVE-2026-31623","CVE-2026-23198","CVE-2026-43135","CVE-2026-45864","CVE-2026-43078","CVE-2026-31713","CVE-2026-23202","CVE-2026-23260","CVE-2026-23167","CVE-2026-45905","CVE-2026-46119","CVE-2026-43414","CVE-2026-46010","CVE-2026-23129","CVE-2025-38201","CVE-2026-31582","CVE-2026-46045","CVE-2026-31619","CVE-2026-31618","CVE-2026-23098","CVE-2026-47329","CVE-2026-43270","CVE-2026-46328","CVE-2025-68749","CVE-2026-46081","CVE-2026-43227","CVE-2026-45884","CVE-2026-46087","CVE-2026-43315","CVE-2026-43314","CVE-2026-23126","CVE-2026-46255","CVE-2026-31578","CVE-2026-46082","CVE-2026-43251","CVE-2026-23054","CVE-2026-43211","CVE-2026-31402","CVE-2026-46042","CVE-2026-45852","CVE-2026-43317","CVE-2026-23159","CVE-2025-68725","CVE-2026-45856","CVE-2025-71265","CVE-2026-46076","CVE-2026-23450","CVE-2026-31696","CVE-2026-43168","CVE-2025-37778","CVE-2026-31704","CVE-2026-31685","CVE-2026-43073","CVE-2026-43143","CVE-2026-46013","CVE-2026-23069","CVE-2026-22992","CVE-2026-46065","CVE-2026-43241"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0831/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-ubuntu-linux-536"},{"num":535,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0830/","title":"Vulnerability in FreeBSD (July 3, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-49424"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0830/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-freebsd-july-3-2026-535"},{"num":538,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0834/","title":"Multiple vulnerabilities in IBM products (July 3, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-50645","CVE-2026-11383","CVE-2026-42041","CVE-2026-39892","CVE-2024-7531","CVE-2021-3572","CVE-2026-44432","CVE-2025-14688","CVE-2026-9171","CVE-2024-12086","CVE-2026-1577","CVE-2025-6069","CVE-2026-2391","CVE-2026-9072","CVE-2026-24737","CVE-2026-8858","CVE-2026-7246","CVE-2025-15284","CVE-2026-22029","CVE-2026-11541","CVE-2025-1371","CVE-2026-11707","CVE-2026-11546","CVE-2026-42036","CVE-2021-23337","CVE-2026-11594","CVE-2025-8291","CVE-2025-64718","CVE-2026-24043","CVE-2025-13755","CVE-2025-62718","CVE-2026-4800","CVE-2026-6051","CVE-2025-50182","CVE-2026-33671","CVE-2026-33532","CVE-2025-68470","CVE-2026-42033","CVE-2026-42035","CVE-2026-11536","CVE-2025-50181","CVE-2025-1795","CVE-2026-33750","CVE-2026-42043","CVE-2026-8646","CVE-2026-33228","CVE-2026-9320","CVE-2026-6053","CVE-2025-68161","CVE-2024-29869","CVE-2026-42040","CVE-2026-4923","CVE-2026-6052","CVE-2025-1377","CVE-2026-27903","CVE-2024-25260","CVE-2026-24133","CVE-2026-10845","CVE-2026-2327","CVE-2026-2950"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0834/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-ibm-products-538"},{"num":170045,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00287.html","title":"DSA-6376-1 openvpn - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-11771","CVE-2026-12932","CVE-2026-12996","CVE-2026-13117","CVE-2026-13122","CVE-2026-13698"],"exploited":false,"has_exploit":false,"published_at":"2026-07-03T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00287.html","csirts_url":"https://www.csirts.com/advisory/dsa-6376-1-openvpn-security-update-170045"},{"num":1879,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0832/","title":"Multiple vulnerabilities in Red Hat Linux kernel (July 3, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-43198","CVE-2026-4878","CVE-2026-45852","CVE-2026-46227","CVE-2026-43284","CVE-2026-46173","CVE-2026-31431","CVE-2026-43279","CVE-2026-46331","CVE-2026-46209","CVE-2026-46176","CVE-2026-46181","CVE-2026-46189","CVE-2026-35535","CVE-2026-46243","CVE-2026-31669","CVE-2025-10263","CVE-2026-23216","CVE-2026-46090","CVE-2026-22990","CVE-2026-39979","CVE-2026-46300","CVE-2026-35385","CVE-2026-43501","CVE-2026-45998","CVE-2026-40164","CVE-2026-45984","CVE-2026-46244","CVE-2025-71116","CVE-2026-46316","CVE-2026-23455","CVE-2026-46333","CVE-2026-41035","CVE-2026-31411","CVE-2026-22984","CVE-2026-43037","CVE-2026-43112","CVE-2026-43125","CVE-2026-43128","CVE-2026-43329"],"exploited":false,"has_exploit":true,"published_at":"2026-07-03T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0832/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-red-hat-linux-1879"},{"num":247,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","title":"ClamAV Vulnerabilities Affecting Cisco Products: July 2026","severity":"high","cvss":null,"cves":["CVE-2026-20213","CVE-2026-20214","CVE-2026-20215","CVE-2026-20216","CVE-2026-20217","CVE-2026-20243","CVE-2026-20244"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T20:52:13+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=ClamAV%20Vulnerabilities%20Affecting%20Cisco%20Products:%20July%202026%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/clamav-vulnerabilities-affecting-cisco-247"},{"num":19584,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/al26-016-vulnerability-impacting-citrix-netscaler-cve-2026-8451","title":"AL26-016 - Vulnerability impacting Citrix NetScaler CVE-2026-8451","severity":"unknown","cvss":null,"cves":["CVE-2026-8451","CVE-2026-8452","CVE-2026-8655","CVE-2026-10816","CVE-2026-10817","CVE-2026-13474"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T19:04:51+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/al26-016-vulnerability-impacting-citrix-netscaler-cve-2026-8451","csirts_url":"https://www.csirts.com/advisory/al26-016-vulnerability-impacting-citrix-19584"},{"num":19585,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/progress-security-advisory-av26-552","title":"Progress security advisory (AV26-552) – Update 1","severity":"critical","cvss":null,"cves":["CVE-2026-8037","CVE-2026-7312","CVE-2026-7198","CVE-2026-7195","CVE-2026-7201","CVE-2026-7313","CVE-2026-33691"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T17:55:20+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/progress-security-advisory-av26-552","csirts_url":"https://www.csirts.com/advisory/progress-security-advisory-av26-552-19585"},{"num":19586,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-648","title":"Google Chrome security advisory (AV26-648)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T17:49:35+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-648","csirts_url":"https://www.csirts.com/advisory/google-chrome-security-advisory-av26-648-19586"},{"num":19587,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-646","title":"Cisco security advisory (AV26-646)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T17:07:37+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-646","csirts_url":"https://www.csirts.com/advisory/cisco-security-advisory-av26-646-19587"},{"num":19588,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/al26-015-critical-vulnerability-impacting-microsoft-sharepoint-server-cve-2026-45659","title":"AL26-015 - Critical vulnerability impacting Microsoft SharePoint Server – CVE-2026-45659","severity":"critical","cvss":null,"cves":["CVE-2026-45659"],"exploited":true,"has_exploit":true,"published_at":"2026-07-02T14:37:55+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/al26-015-critical-vulnerability-impacting-microsoft-sharepoint-server-cve-2026-45659","csirts_url":"https://www.csirts.com/advisory/al26-015-critical-vulnerability-impacting-19588"},{"num":939,"source_id":"ncsc-nl","external_id":"NCSC-2026-0218 [1.00]","title":"NCSC-2026-0218 [1.00] [M/H] Vulnerability fixed in Cisco Catalyst Center","severity":"unknown","cvss":null,"cves":["CVE-2026-20191"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T12:39:15+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0218","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0218-1-00-m-h-vulnerability-939"},{"num":232,"source_id":"cisa","external_id":"/node/25108","title":"Gardyn IoT Hub","severity":"critical","cvss":null,"cves":["CVE-2026-13768","CVE-2026-55726","CVE-2026-54477"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-183-03","csirts_url":"https://www.csirts.com/advisory/gardyn-iot-hub-232"},{"num":487,"source_id":"cisa","external_id":"/node/25107","title":"CubeSpace CW0057 Reaction Wheel","severity":"critical","cvss":null,"cves":["CVE-2026-13743"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-183-02","csirts_url":"https://www.csirts.com/advisory/cubespace-cw0057-reaction-wheel-487"},{"num":292,"source_id":"cisa","external_id":"/node/25106","title":"ST Engineering iDirect iQ-Series Terminals","severity":"critical","cvss":null,"cves":["CVE-2026-38059","CVE-2026-38057"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-183-01","csirts_url":"https://www.csirts.com/advisory/st-engineering-idirect-iq-series-terminals-292"},{"num":1808,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2181","title":"[NEW] [medium] Drupal Extensions: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-58587","CVE-2026-58588","CVE-2026-58589","CVE-2026-58590","CVE-2026-58591"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:45:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2181","csirts_url":"https://www.csirts.com/advisory/new-medium-drupal-extensions-multiple-1808"},{"num":1559,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2180","title":"[NEW] [medium] Elasticsearch: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-49090","CVE-2026-56148","CVE-2026-56149"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:35:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2180","csirts_url":"https://www.csirts.com/advisory/new-medium-elasticsearch-multiple-1559"},{"num":915,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2179","title":"[NEW] [high] Kibana: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-49087","CVE-2026-49088","CVE-2026-49089","CVE-2026-49091","CVE-2026-56151"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:35:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2179","csirts_url":"https://www.csirts.com/advisory/new-high-kibana-multiple-vulnerabilities-915"},{"num":268,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2177","title":"[NEW] [high] OPNsense: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-57154","CVE-2026-57155","CVE-2026-58391","CVE-2026-58392","CVE-2026-58393","CVE-2026-58394","CVE-2026-58395"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:35:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2177","csirts_url":"https://www.csirts.com/advisory/new-high-opnsense-multiple-vulnerabilities-268"},{"num":462,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2172","title":"[NEW] [medium] Apache HttpComponents Core: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-54399","CVE-2026-54428"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:30:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2172","csirts_url":"https://www.csirts.com/advisory/new-medium-apache-httpcomponents-core-462"},{"num":1566,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2170","title":"[NEW] [high] MediaWiki and Extensions: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-58031","CVE-2026-58035","CVE-2026-58520","CVE-2026-14363","CVE-2026-58521","CVE-2026-58517","CVE-2026-14358"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:30:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2170","csirts_url":"https://www.csirts.com/advisory/new-high-mediawiki-and-extensions-1566"},{"num":1567,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2169","title":"[NEW] [high] IBM DataPower Gateway: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-36374","CVE-2026-12733","CVE-2026-42264"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:30:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2169","csirts_url":"https://www.csirts.com/advisory/new-high-ibm-datapower-gateway-multiple-1567"},{"num":1568,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2168","title":"[NEW] [medium] Fleet: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2026-56150"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:25:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2168","csirts_url":"https://www.csirts.com/advisory/new-medium-fleet-vulnerability-allows-1568"},{"num":1573,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2167","title":"[NEW] [low] Hashicorp Vault: Vulnerability allows bypassing security measures","severity":"low","cvss":null,"cves":["CVE-2026-5051"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T11:05:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2167","csirts_url":"https://www.csirts.com/advisory/new-low-hashicorp-vault-vulnerability-1573"},{"num":1576,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2001","title":"[UPDATE] [high] IBM WebSphere Application Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-10845","CVE-2026-10852","CVE-2026-8646","CVE-2026-8858","CVE-2026-9006","CVE-2026-9071","CVE-2026-9072","CVE-2026-9320"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T10:50:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2001","csirts_url":"https://www.csirts.com/advisory/update-high-ibm-websphere-application-1576"},{"num":1575,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2159","title":"[UPDATE] [high] IBM WebSphere Application Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-11708","CVE-2026-11712","CVE-2026-11595"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T10:50:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2159","csirts_url":"https://www.csirts.com/advisory/update-high-ibm-websphere-application-1575"},{"num":1577,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2050","title":"[UPDATE] [high] IBM WebSphere Application Server and Application Server Liberty: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-11383","CVE-2026-11536","CVE-2026-11541","CVE-2026-11594","CVE-2026-11707","CVE-2026-11806","CVE-2026-42402","CVE-2026-42403","CVE-2026-42404"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T10:50:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2050","csirts_url":"https://www.csirts.com/advisory/update-high-ibm-websphere-application-1577"},{"num":840,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1663","title":"[UPDATE] [medium] Perl: Vulnerability allows unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-8376"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T10:50:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1663","csirts_url":"https://www.csirts.com/advisory/update-medium-perl-vulnerability-allows-840"},{"num":1586,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1407","title":"[UPDATE] [high] IBM App Connect Enterprise Certified Container: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-26013","CVE-2026-27142","CVE-2026-28277","CVE-2026-28684","CVE-2026-32288","CVE-2026-33151","CVE-2026-33349","CVE-2026-33532","CVE-2026-33891","CVE-2026-33894","CVE-2026-33895","CVE-2026-33896","CVE-2026-33916","CVE-2026-34601","CVE-2026-35469","CVE-2026-39406","CVE-2026-39407","CVE-2026-39408","CVE-2026-39409","CVE-2026-39410","CVE-2026-39983","CVE-2026-40175","CVE-2026-40347","CVE-2026-40895","CVE-2026-41238","CVE-2026-41239","CVE-2026-41240","CVE-2026-4923","CVE-2026-4926"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T10:50:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1407","csirts_url":"https://www.csirts.com/advisory/update-high-ibm-app-connect-enterprise-1586"},{"num":1590,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1652","title":"[UPDATE] [high] Microsoft SharePoint Server 2016 and SharePoint Server 2019: Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-45659"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T10:10:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1652","csirts_url":"https://www.csirts.com/advisory/update-high-microsoft-sharepoint-server-1590"},{"num":463,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0244","title":"[UPDATE] [medium] FreeRDP: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-23948","CVE-2026-24491","CVE-2026-24675","CVE-2026-24676","CVE-2026-24677","CVE-2026-24678","CVE-2026-24679","CVE-2026-24680","CVE-2026-24681","CVE-2026-24682","CVE-2026-24683","CVE-2026-24684"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:46:20+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0244","csirts_url":"https://www.csirts.com/advisory/update-medium-freerdp-multiple-463"},{"num":1591,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0262","title":"[UPDATE] [high] IBM DB2: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-2668","CVE-2025-36001","CVE-2025-36009","CVE-2025-36070","CVE-2025-36098","CVE-2025-36123","CVE-2025-36184","CVE-2025-36353","CVE-2025-36365","CVE-2025-36366","CVE-2025-36384","CVE-2025-36387","CVE-2025-36423","CVE-2025-36424","CVE-2025-36427","CVE-2025-36428","CVE-2025-36442"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:46:20+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0262","csirts_url":"https://www.csirts.com/advisory/update-high-ibm-db2-multiple-1591"},{"num":1597,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0219","title":"[UPDATE] [medium] Vercel Next.js: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-59471","CVE-2025-59472","CVE-2026-23864"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:46:00+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0219","csirts_url":"https://www.csirts.com/advisory/update-medium-vercel-next-js-multiple-1597"},{"num":934,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0211","title":"[UPDATE] [medium] avahi-daemon: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-24401"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:59+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0211","csirts_url":"https://www.csirts.com/advisory/update-medium-avahi-daemon-vulnerability-934"},{"num":1598,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0207","title":"[UPDATE] [high] Red Hat Enterprise Linux (urllib3): Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-66418","CVE-2025-66471","CVE-2026-21441"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:58+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0207","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-1598"},{"num":944,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0187","title":"[UPDATE] [medium] Red Hat Enterprise Linux (glib): Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-13601"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:57+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0187","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-944"},{"num":1606,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0164","title":"[UPDATE] [medium] Oracle Java SE: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-12183","CVE-2025-43368","CVE-2025-47219","CVE-2025-6021","CVE-2025-6052","CVE-2025-7425","CVE-2026-21925","CVE-2026-21932","CVE-2026-21933","CVE-2026-21945","CVE-2026-21947"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:57+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0164","csirts_url":"https://www.csirts.com/advisory/update-medium-oracle-java-se-multiple-1606"},{"num":466,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0145","title":"[UPDATE] [high] FreeRDP: Multiple vulnerabilities allow DoS and code execution","severity":"high","cvss":null,"cves":["CVE-2026-23530","CVE-2026-23531","CVE-2026-23532","CVE-2026-23533","CVE-2026-23534","CVE-2026-23732","CVE-2026-23883","CVE-2026-23884"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:56+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0145","csirts_url":"https://www.csirts.com/advisory/update-high-freerdp-multiple-466"},{"num":1621,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0098","title":"[UPDATE] [critical] Node.js: Multiple vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2025-55130","CVE-2025-55131","CVE-2025-55132","CVE-2025-59464","CVE-2025-59465","CVE-2025-59466","CVE-2026-21636","CVE-2026-21637"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0098","csirts_url":"https://www.csirts.com/advisory/update-critical-node-js-multiple-1621"},{"num":1817,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0111","title":"[UPDATE] [high] FreeRDP: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-22851","CVE-2026-22858","CVE-2026-22852","CVE-2026-22853","CVE-2026-22854","CVE-2026-22855","CVE-2026-22856","CVE-2026-22857","CVE-2026-22859"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0111","csirts_url":"https://www.csirts.com/advisory/update-high-freerdp-multiple-1817"},{"num":468,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0008","title":"[UPDATE] [medium] Red Hat Enterprise Linux: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-45582","CVE-2025-6176"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0008","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-468"},{"num":1622,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0019","title":"[UPDATE] [medium] Red Hat Enterprise Linux (Quarkus): Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-11966","CVE-2025-12183","CVE-2025-66566"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:45:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0019","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1622"},{"num":1629,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0846","title":"[UPDATE] [medium] Netty: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-33870","CVE-2026-33871"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:31:24+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0846","csirts_url":"https://www.csirts.com/advisory/update-medium-netty-multiple-1629"},{"num":1630,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0843","title":"[UPDATE] [medium] Node.js: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-36137","CVE-2026-21637","CVE-2026-21710","CVE-2026-21711","CVE-2026-21712","CVE-2026-21713","CVE-2026-21714","CVE-2026-21715","CVE-2026-21716","CVE-2026-21717"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:31:23+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0843","csirts_url":"https://www.csirts.com/advisory/update-medium-node-js-multiple-1630"},{"num":960,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0775","title":"[UPDATE] [medium] nghttp2: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-27135"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:31:21+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0775","csirts_url":"https://www.csirts.com/advisory/update-medium-nghttp2-vulnerability-960"},{"num":971,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0761","title":"[UPDATE] [medium] Red Hat JBoss Enterprise Application Platform: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-1002"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:31:21+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0761","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-jboss-enterprise-971"},{"num":470,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0756","title":"[UPDATE] [medium] Red Hat Enterprise Linux: Vulnerability allows privilege escalation and information disclosure","severity":"medium","cvss":null,"cves":["CVE-2026-23893"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:31:20+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0756","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-470"},{"num":471,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0748","title":"[UPDATE] [medium] Vercel Next.js: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-27979","CVE-2026-27980","CVE-2026-29057","CVE-2026-27977","CVE-2026-27978"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:31:19+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0748","csirts_url":"https://www.csirts.com/advisory/update-medium-vercel-next-js-multiple-471"},{"num":472,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0739","title":"[UPDATE] [medium] libexif: Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2026-32775"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:30:59+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0739","csirts_url":"https://www.csirts.com/advisory/update-medium-libexif-vulnerability-472"},{"num":1632,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0729","title":"[UPDATE] [low] OpenSSL: Vulnerability allows bypassing security measures","severity":"low","cvss":null,"cves":["CVE-2026-2673"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:30:59+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0729","csirts_url":"https://www.csirts.com/advisory/update-low-openssl-vulnerability-allows-1632"},{"num":1633,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0725","title":"[UPDATE] [high] FreeRDP: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-29774","CVE-2026-29775","CVE-2026-29776","CVE-2026-31806","CVE-2026-31883","CVE-2026-31884","CVE-2026-31885","CVE-2026-31897"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:30:58+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0725","csirts_url":"https://www.csirts.com/advisory/update-high-freerdp-multiple-1633"},{"num":1635,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0716","title":"[UPDATE] [medium] OpenSSH GSSAPI delta: Vulnerability allows unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-3497"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:30:58+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0716","csirts_url":"https://www.csirts.com/advisory/update-medium-openssh-gssapi-delta-1635"},{"num":1636,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0694","title":"[UPDATE] [high] Red Hat Build of Debezium for Red Hat Application Foundations: Multiple vulnerabilities allow code execution","severity":"high","cvss":null,"cves":["CVE-2026-27727","CVE-2026-27830"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:30:57+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0694","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-build-of-debezium-for-1636"},{"num":1824,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0514","title":"[UPDATE] [high] FreeRDP: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-26965","CVE-2026-26955","CVE-2026-25955","CVE-2026-25954","CVE-2026-25953","CVE-2026-25952","CVE-2026-25942","CVE-2026-26986","CVE-2026-25941","CVE-2026-25959","CVE-2026-25997","CVE-2026-26271","CVE-2026-27015","CVE-2026-27950","CVE-2026-27951"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:30:55+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0514","csirts_url":"https://www.csirts.com/advisory/update-high-freerdp-multiple-1824"},{"num":1832,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0352","title":"[UPDATE] [medium] IBM DB2: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-13867","CVE-2025-14689","CVE-2025-36247","CVE-2025-36425","CVE-2025-13108","CVE-2025-33124","CVE-2025-33130"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:30:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0352","csirts_url":"https://www.csirts.com/advisory/update-medium-ibm-db2-multiple-1832"},{"num":480,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0362","title":"[UPDATE] [high] Red Hat Enterprise Linux (Lodash): Vulnerability allows denial of service","severity":"high","cvss":null,"cves":["CVE-2025-13465"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:30:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0362","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-480"},{"num":1650,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2147","title":"[UPDATE] [high] Citrix Systems NetScaler ADC and Gateway: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-8451","CVE-2026-10816","CVE-2026-10817","CVE-2026-13474","CVE-2026-8452","CVE-2026-8655"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T09:30:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2147","csirts_url":"https://www.csirts.com/advisory/update-high-citrix-systems-netscaler-adc-1650"},{"num":1653,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1343","title":"[UPDATE] [low] mutt: Multiple vulnerabilities","severity":"low","cvss":null,"cves":["CVE-2026-43859","CVE-2026-43860","CVE-2026-43861","CVE-2026-43862","CVE-2026-43863","CVE-2026-43864"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:24:34+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1343","csirts_url":"https://www.csirts.com/advisory/update-low-mutt-multiple-vulnerabilities-1653"},{"num":1659,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1328","title":"[UPDATE] [medium] Red Hat Hardened Images RPMs: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-33813","CVE-2026-2625","CVE-2026-2950","CVE-2026-42371"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:24:13+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1328","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-hardened-images-1659"},{"num":488,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1290","title":"[UPDATE] [medium] MIT Kerberos: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-40355","CVE-2026-40356"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:24:10+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1290","csirts_url":"https://www.csirts.com/advisory/update-medium-mit-kerberos-multiple-488"},{"num":978,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1927","title":"[UPDATE] [medium] jq: Vulnerability allows unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2026-54679"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:24:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1927","csirts_url":"https://www.csirts.com/advisory/update-medium-jq-vulnerability-allows-978"},{"num":977,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1283","title":"[UPDATE] [medium] CoreDNS: Multiple vulnerabilities allow","severity":"medium","cvss":null,"cves":["CVE-2026-33190","CVE-2026-33489","CVE-2026-35579","CVE-2026-32934","CVE-2026-32936"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:24:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1283","csirts_url":"https://www.csirts.com/advisory/update-medium-coredns-multiple-977"},{"num":213,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1934","title":"[UPDATE] [high] Red Hat OpenShift Service Mesh: Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-9277"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:24:09+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1934","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-openshift-service-213"},{"num":1844,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2301","title":"[UPDATE] [medium] Red Hat Enterprise Linux: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-58056","CVE-2025-58057"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:24:07+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2301","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-1844"},{"num":1855,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1272","title":"[UPDATE] [medium] ImageMagick: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-42050"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:23:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1272","csirts_url":"https://www.csirts.com/advisory/update-medium-imagemagick-vulnerability-1855"},{"num":1953,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1866","title":"[UPDATE] [medium] ImageMagick: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-53460","CVE-2026-53461","CVE-2026-53462","CVE-2026-53463","CVE-2026-53464","CVE-2026-53465"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:23:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1866","csirts_url":"https://www.csirts.com/advisory/update-medium-imagemagick-multiple-1953"},{"num":1669,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1948","title":"[UPDATE] [medium] libxml2 (exsltDynMapFunction): Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-9714"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:23:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1948","csirts_url":"https://www.csirts.com/advisory/update-medium-libxml2-exsltdynmapfunction-1669"},{"num":498,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1756","title":"[UPDATE] [medium] libTIFF: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-8851"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:23:42+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1756","csirts_url":"https://www.csirts.com/advisory/update-medium-libtiff-vulnerability-498"},{"num":276,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1230","title":"[UPDATE] [medium] DNSdist: Multiple vulnerabilities allow denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-33254","CVE-2026-33257","CVE-2026-33260","CVE-2026-33593","CVE-2026-33594","CVE-2026-33595","CVE-2026-33596","CVE-2026-33597","CVE-2026-33598","CVE-2026-33599","CVE-2026-33602"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:23:17+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1230","csirts_url":"https://www.csirts.com/advisory/update-medium-dnsdist-multiple-276"},{"num":867,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1226","title":"[UPDATE] [medium] Red Hat Hardened Images RPMs: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-11233","CVE-2026-32285"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:23:16+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1226","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-hardened-images-867"},{"num":1672,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1225","title":"[UPDATE] [medium] PowerDNS: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-33256","CVE-2026-33257","CVE-2026-33258","CVE-2026-33259","CVE-2026-33260","CVE-2026-33261","CVE-2026-33262","CVE-2026-33600","CVE-2026-33601"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:23:15+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1225","csirts_url":"https://www.csirts.com/advisory/update-medium-powerdns-multiple-1672"},{"num":192,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1736","title":"[UPDATE] [medium] 7-Zip: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-48092","CVE-2026-48101","CVE-2026-48102","CVE-2026-48103","CVE-2026-48104","CVE-2026-48111","CVE-2026-48112"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:23:13+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1736","csirts_url":"https://www.csirts.com/advisory/update-medium-7-zip-multiple-192"},{"num":1863,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0975","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-37802","CVE-2025-37803","CVE-2025-37804","CVE-2025-37805","CVE-2025-37806","CVE-2025-37807","CVE-2025-37808","CVE-2025-37809","CVE-2025-37818","CVE-2025-37819","CVE-2025-37820","CVE-2025-37821","CVE-2025-37822","CVE-2025-37823","CVE-2025-37824","CVE-2025-37825","CVE-2025-37826","CVE-2025-37827","CVE-2025-37828","CVE-2025-37829","CVE-2025-37830","CVE-2025-37831","CVE-2025-37832","CVE-2025-37833","CVE-2025-37834","CVE-2025-37800","CVE-2025-37801","CVE-2025-37810","CVE-2025-37811","CVE-2025-37812","CVE-2025-37813","CVE-2025-37814"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:49+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0975","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1863"},{"num":1867,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1681","title":"[UPDATE] [high] 7-Zip: Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-48095"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1681","csirts_url":"https://www.csirts.com/advisory/update-high-7-zip-vulnerability-allows-1867"},{"num":1714,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0922","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2022-49834","CVE-2022-49837","CVE-2022-49838","CVE-2022-49839","CVE-2022-49840","CVE-2022-49841","CVE-2022-49842","CVE-2022-49843","CVE-2022-49857","CVE-2022-49858","CVE-2022-49859","CVE-2022-49860","CVE-2022-49861","CVE-2022-49862","CVE-2022-49863","CVE-2022-49864","CVE-2022-49865","CVE-2022-49867","CVE-2022-49876","CVE-2022-49877","CVE-2022-49878","CVE-2022-49879","CVE-2022-49880","CVE-2022-49881","CVE-2022-49882","CVE-2022-49897","CVE-2022-49900","CVE-2022-49901","CVE-2022-49902","CVE-2022-49903","CVE-2022-49904","CVE-2022-49905","CVE-2022-49906","CVE-2022-49917","CVE-2022-49918","CVE-2022-49919","CVE-2022-49920","CVE-2022-49921","CVE-2022-49922","CVE-2022-49923","CVE-2022-49924","CVE-2022-49925","CVE-2022-49926","CVE-2022-49927","CVE-2022-49928","CVE-2022-49929","CVE-2022-49930","CVE-2022-49931","CVE-2025-23146","CVE-2025-23147","CVE-2025-23148","CVE-2025-37738","CVE-2025-37739","CVE-2025-37740","CVE-2025-37741","CVE-2025-37742","CVE-2025-37743","CVE-2025-37744","CVE-2025-37745","CVE-2025-37746"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:45+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0922","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1714"},{"num":506,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1175","title":"[UPDATE] [low] AMD Processors and Xen: Vulnerability allows information disclosure","severity":"low","cvss":null,"cves":["CVE-2025-54505"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:44+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1175","csirts_url":"https://www.csirts.com/advisory/update-low-amd-processors-and-xen-506"},{"num":1728,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1160","title":"[UPDATE] [high] Red Hat Enterprise Linux and Satellite (satellite/iop-remediations-rhel9 container image): Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-30951","CVE-2026-4800"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:43+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1160","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-enterprise-linux-and-1728"},{"num":828,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0512","title":"[UPDATE] [medium] Red Hat Advanced Cluster Security: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-22868"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:41+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0512","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-advanced-cluster-828"},{"num":511,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1604","title":"[UPDATE] [medium] Red Hat OpenShift Data Foundation: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-6321"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:20+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1604","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-openshift-data-511"},{"num":2204,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1134","title":"[UPDATE] [medium] IBM DB2: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2025-14688","CVE-2025-36122","CVE-2026-1352","CVE-2026-1577","CVE-2026-3676"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:20+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1134","csirts_url":"https://www.csirts.com/advisory/update-medium-ibm-db2-multiple-2204"},{"num":513,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1147","title":"[UPDATE] [medium] vim: Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2026-41411"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:19+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1147","csirts_url":"https://www.csirts.com/advisory/update-medium-vim-vulnerability-allows-513"},{"num":281,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0485","title":"[UPDATE] [medium] Golang Go: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2025-22870"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:19+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0485","csirts_url":"https://www.csirts.com/advisory/update-medium-golang-go-vulnerability-281"},{"num":1853,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0309","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2024-57950","CVE-2025-21686","CVE-2025-21687","CVE-2025-21688","CVE-2025-21689","CVE-2025-21690","CVE-2025-21691","CVE-2025-21692","CVE-2025-21693"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:17+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0309","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1853"},{"num":516,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1574","title":"[UPDATE] [medium] ImageMagick (pixel cache server): Multiple vulnerabilities allow information disclosure or DoS","severity":"medium","cvss":null,"cves":["CVE-2026-46692","CVE-2026-46693","CVE-2026-47165","CVE-2026-47166"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:16+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1574","csirts_url":"https://www.csirts.com/advisory/update-medium-imagemagick-pixel-cache-516"},{"num":1874,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0119","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2024-57904","CVE-2024-57905","CVE-2024-57906","CVE-2024-57907","CVE-2024-57908","CVE-2024-57909","CVE-2024-57910","CVE-2024-57911","CVE-2024-57912","CVE-2024-57913","CVE-2024-57914","CVE-2024-57915","CVE-2024-57916","CVE-2024-57917","CVE-2024-57918","CVE-2024-57919","CVE-2024-57920","CVE-2024-57921","CVE-2024-57922","CVE-2024-57923","CVE-2024-57924","CVE-2024-57925","CVE-2024-57926","CVE-2024-57927","CVE-2024-57928","CVE-2024-57929","CVE-2025-21631","CVE-2025-21632","CVE-2025-21633","CVE-2025-21634","CVE-2025-21635","CVE-2025-21636","CVE-2025-21637","CVE-2025-21638","CVE-2025-21639","CVE-2025-21640","CVE-2025-21641","CVE-2025-21642","CVE-2025-21643","CVE-2025-21644","CVE-2025-21645","CVE-2025-21646","CVE-2025-21647","CVE-2025-21648","CVE-2025-21649","CVE-2025-21650","CVE-2025-21651","CVE-2025-21652","CVE-2025-21653","CVE-2025-21654"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:22:14+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0119","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1874"},{"num":1748,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2036","title":"[UPDATE] [medium] Red Hat OpenShift: Multiple vulnerabilities allow bypassing of security measures","severity":"medium","cvss":null,"cves":["CVE-2024-29041","CVE-2024-39338","CVE-2024-4067","CVE-2024-4068"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2036","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-openshift-multiple-1748"},{"num":1779,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1548","title":"[UPDATE] [medium] vim: Multiple vulnerabilities allow code execution","severity":"medium","cvss":null,"cves":["CVE-2026-43961","CVE-2026-46483"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1548","csirts_url":"https://www.csirts.com/advisory/update-medium-vim-multiple-1779"},{"num":1771,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1075","title":"[UPDATE] [medium] ImageMagick: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-33899","CVE-2026-33900","CVE-2026-33901","CVE-2026-33902","CVE-2026-33905","CVE-2026-33908","CVE-2026-34238","CVE-2026-40169","CVE-2026-40183","CVE-2026-40310","CVE-2026-40311","CVE-2026-40312"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1075","csirts_url":"https://www.csirts.com/advisory/update-medium-imagemagick-multiple-1771"},{"num":1781,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1625","title":"[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack","severity":"medium","cvss":null,"cves":["CVE-2021-47622","CVE-2021-47623","CVE-2021-47624","CVE-2022-48773","CVE-2022-48774","CVE-2022-48775","CVE-2022-48776","CVE-2022-48777","CVE-2022-48778","CVE-2022-48779","CVE-2022-48780","CVE-2022-48781","CVE-2022-48782","CVE-2022-48783","CVE-2022-48784","CVE-2022-48785","CVE-2022-48786","CVE-2022-48787","CVE-2022-48788","CVE-2022-48789","CVE-2022-48790","CVE-2022-48791","CVE-2022-48792","CVE-2022-48793","CVE-2022-48794","CVE-2022-48795","CVE-2022-48796","CVE-2022-48797","CVE-2022-48798","CVE-2022-48799","CVE-2022-48800","CVE-2022-48801","CVE-2022-48802","CVE-2022-48803","CVE-2022-48804","CVE-2022-48805","CVE-2022-48806","CVE-2022-48807","CVE-2022-48808","CVE-2022-48809","CVE-2022-48810","CVE-2022-48811","CVE-2022-48812","CVE-2022-48813","CVE-2022-48814","CVE-2022-48815","CVE-2022-48816","CVE-2022-48817","CVE-2022-48818","CVE-2022-48819","CVE-2022-48820","CVE-2022-48821","CVE-2022-48822","CVE-2022-48823","CVE-2022-48824","CVE-2022-48825","CVE-2022-48826","CVE-2022-48827","CVE-2022-48828","CVE-2022-48829"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1625","csirts_url":"https://www.csirts.com/advisory/update-medium-linux-kernel-multiple-1781"},{"num":1780,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1067","title":"[UPDATE] [medium] Apache log4j: Multiple vulnerabilities allow file manipulation","severity":"medium","cvss":null,"cves":["CVE-2026-34477","CVE-2026-34478","CVE-2026-34479","CVE-2026-34480","CVE-2026-34481"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1067","csirts_url":"https://www.csirts.com/advisory/update-medium-apache-log4j-multiple-1780"},{"num":1791,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1057","title":"[UPDATE] [medium] GNU tar: Vulnerability allows bypassing of security measures","severity":"medium","cvss":null,"cves":["CVE-2026-5704"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1057","csirts_url":"https://www.csirts.com/advisory/update-medium-gnu-tar-vulnerability-1791"},{"num":1883,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1504","title":"[UPDATE] [high] Apache HTTP Server: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2024-38475","CVE-2023-38709","CVE-2024-36387","CVE-2024-38472","CVE-2024-38473","CVE-2024-38474","CVE-2024-38476","CVE-2024-38477","CVE-2024-39573"],"exploited":true,"has_exploit":true,"published_at":"2026-07-02T09:21:50+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1504","csirts_url":"https://www.csirts.com/advisory/update-high-apache-http-server-multiple-1883"},{"num":1884,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1060","title":"[UPDATE] [low] libexif: Multiple vulnerabilities allow denial of service and information disclosure","severity":"low","cvss":null,"cves":["CVE-2026-40385","CVE-2026-40386"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:49+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1060","csirts_url":"https://www.csirts.com/advisory/update-low-libexif-multiple-1884"},{"num":1897,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1350","title":"[UPDATE] [medium] Splunk Splunk Enterprise: Multiple vulnerabilities in third-party components","severity":"medium","cvss":null,"cves":["CVE-2017-16042","CVE-2018-25032","CVE-2019-10744","CVE-2019-10746","CVE-2019-20149","CVE-2020-13822","CVE-2020-15138","CVE-2020-28469","CVE-2020-7662","CVE-2020-7753","CVE-2020-7774","CVE-2020-8116","CVE-2020-8169","CVE-2020-8177","CVE-2020-8203","CVE-2020-8231","CVE-2020-8284","CVE-2020-8285","CVE-2020-8286","CVE-2021-20095","CVE-2021-22876","CVE-2021-22890","CVE-2021-22897","CVE-2021-22898","CVE-2021-22901","CVE-2021-22922","CVE-2021-22923","CVE-2021-22924","CVE-2021-22925","CVE-2021-22926","CVE-2021-22945","CVE-2021-22946","CVE-2021-22947","CVE-2021-23343","CVE-2021-23368","CVE-2021-23382","CVE-2021-27292","CVE-2021-29060","CVE-2021-31566","CVE-2021-33502","CVE-2021-33503","CVE-2021-33587","CVE-2021-3520","CVE-2021-36976","CVE-2021-3803","CVE-2021-43565","CVE-2022-1705","CVE-2022-1962","CVE-2022-22576","CVE-2022-23491","CVE-2022-23772","CVE-2022-23773","CVE-2022-23806","CVE-2022-24675","CVE-2022-24921","CVE-2022-24999","CVE-2022-25858","CVE-2022-27191","CVE-2022-27664","CVE-2022-27774"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:48+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1350","csirts_url":"https://www.csirts.com/advisory/update-medium-splunk-splunk-enterprise-1897"},{"num":1798,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0350","title":"[UPDATE] [medium] libTIFF: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2023-0795","CVE-2023-0796","CVE-2023-0797","CVE-2023-0798","CVE-2023-0799","CVE-2023-0800","CVE-2023-0801","CVE-2023-0802","CVE-2023-0803","CVE-2023-0804"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:46+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0350","csirts_url":"https://www.csirts.com/advisory/update-medium-libtiff-multiple-1798"},{"num":1907,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1514","title":"[UPDATE] [high] Apache Tomcat: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-41284","CVE-2026-41293","CVE-2026-42498","CVE-2026-43512","CVE-2026-43513","CVE-2026-43514","CVE-2026-43515"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:25+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1514","csirts_url":"https://www.csirts.com/advisory/update-high-apache-tomcat-multiple-1907"},{"num":1905,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0699","title":"[UPDATE] [medium] Red Hat Virtualization: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":["CVE-2021-33623","CVE-2021-35515","CVE-2021-35516","CVE-2021-35517","CVE-2021-36090","CVE-2021-3807","CVE-2022-22950","CVE-2022-31051"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:25+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0699","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-virtualization-1905"},{"num":1799,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1384","title":"[UPDATE] [medium] Red Hat Virtualization: Multiple vulnerabilities allow Denial of Service","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:24+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1384","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-virtualization-1799"},{"num":1908,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1031","title":"[UPDATE] [medium] libTIFF: Vulnerability allows code execution and DoS","severity":"medium","cvss":null,"cves":["CVE-2026-4775"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:24+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1031","csirts_url":"https://www.csirts.com/advisory/update-medium-libtiff-vulnerability-1908"},{"num":521,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1469","title":"[UPDATE] [high] jq: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-40612","CVE-2026-41256","CVE-2026-41257","CVE-2026-44777"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:23+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1469","csirts_url":"https://www.csirts.com/advisory/update-high-jq-multiple-vulnerabilities-521"},{"num":947,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0897","title":"[UPDATE] [medium] Red Hat Enterprise Linux: Multiple vulnerabilities allow unspecified attack","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:23+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0897","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-947"},{"num":523,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1453","title":"[UPDATE] [medium] Red Hat Enterprise Linux (glib): Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-14087","CVE-2025-14512"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:22+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1453","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-523"},{"num":524,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2525","title":"[UPDATE] [medium] libTIFF: Vulnerability allows Denial of Service","severity":"medium","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:21+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2525","csirts_url":"https://www.csirts.com/advisory/update-medium-libtiff-vulnerability-524"},{"num":1695,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2153","title":"[UPDATE] [high] Mozilla Firefox: Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-14241"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:20+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2153","csirts_url":"https://www.csirts.com/advisory/update-high-mozilla-firefox-vulnerability-1695"},{"num":1697,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1449","title":"[UPDATE] [medium] jq: Vulnerability allows bypassing security measures","severity":"medium","cvss":null,"cves":["CVE-2026-43895"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:21:19+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1449","csirts_url":"https://www.csirts.com/advisory/update-medium-jq-vulnerability-allows-1697"},{"num":1700,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0975","title":"[UPDATE] [medium] avahi: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-34933"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:20:57+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0975","csirts_url":"https://www.csirts.com/advisory/update-medium-avahi-vulnerability-allows-1700"},{"num":954,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0932","title":"[UPDATE] [high] PowerDNS: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-0396","CVE-2026-0397","CVE-2026-24028","CVE-2026-24029","CVE-2026-24030","CVE-2026-27853","CVE-2026-27854"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:20:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0932","csirts_url":"https://www.csirts.com/advisory/update-high-powerdns-multiple-954"},{"num":955,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1401","title":"[UPDATE] [high] Vercel Next.js: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-23870","CVE-2026-44572","CVE-2026-44573","CVE-2026-44574","CVE-2026-44575","CVE-2026-44576","CVE-2026-44577","CVE-2026-44578","CVE-2026-44579","CVE-2026-44580","CVE-2026-44581","CVE-2026-44582"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:20:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1401","csirts_url":"https://www.csirts.com/advisory/update-high-vercel-next-js-multiple-955"},{"num":956,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1384","title":"[UPDATE] [medium] jq: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-43894"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:20:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1384","csirts_url":"https://www.csirts.com/advisory/update-medium-jq-vulnerability-allows-956"},{"num":1709,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0880","title":"[UPDATE] [medium] FreeRDP: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-33952","CVE-2026-33977","CVE-2026-33982","CVE-2026-33983","CVE-2026-33984","CVE-2026-33985","CVE-2026-33986","CVE-2026-33987","CVE-2026-33995"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:20:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0880","csirts_url":"https://www.csirts.com/advisory/update-medium-freerdp-multiple-1709"},{"num":957,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2100","title":"[UPDATE] [medium] ImageMagick: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-25797","CVE-2026-49219","CVE-2026-53466","CVE-2026-53467","CVE-2026-55510","CVE-2026-55577","CVE-2026-55594","CVE-2026-55595","CVE-2026-55597","CVE-2026-55628"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:05:57+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2100","csirts_url":"https://www.csirts.com/advisory/update-medium-imagemagick-multiple-957"},{"num":962,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1367","title":"[UPDATE] [high] Red Hat Advanced Cluster Management and Multicluster engine for Kubernetes: Vulnerability allows code execution or DoS","severity":"high","cvss":null,"cves":["CVE-2026-29063"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:05:56+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1367","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-advanced-cluster-962"},{"num":963,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2049","title":"[UPDATE] [medium] Red Hat Enterprise Linux (keylime): Vulnerability allows bypassing security precautions","severity":"medium","cvss":null,"cves":["CVE-2026-6420"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:05:55+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2049","csirts_url":"https://www.csirts.com/advisory/update-medium-red-hat-enterprise-linux-963"},{"num":964,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2098","title":"[UPDATE] [medium] nmap: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-58058"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:05:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2098","csirts_url":"https://www.csirts.com/advisory/update-medium-nmap-vulnerability-allows-964"},{"num":1726,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2083","title":"[UPDATE] [medium] jq: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-49839"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:05:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2083","csirts_url":"https://www.csirts.com/advisory/update-medium-jq-vulnerability-allows-1726"},{"num":968,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2072","title":"[UPDATE] [high] Red Hat OpenShift: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-1784","CVE-2026-35172"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:00:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2072","csirts_url":"https://www.csirts.com/advisory/update-high-red-hat-openshift-multiple-968"},{"num":1727,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2108","title":"[UPDATE] [high] Microsoft Edge (Chromium-based): Vulnerability allows code execution","severity":"high","cvss":null,"cves":["CVE-2026-50521"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T09:00:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2108","csirts_url":"https://www.csirts.com/advisory/update-high-microsoft-edge-chromium-based-1727"},{"num":1736,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1812","title":"[UPDATE] [critical] Kemp LoadMaster: Multiple vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-8037","CVE-2026-33691"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T08:30:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1812","csirts_url":"https://www.csirts.com/advisory/update-critical-kemp-loadmaster-multiple-1736"},{"num":6034,"source_id":"msrc","external_id":"CVE-2026-14086","title":"CVE-2026-14086: Chromium: CVE-2026-14086 Insufficient policy enforcement in HID","severity":"unknown","cvss":null,"cves":["CVE-2026-14086"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14086","csirts_url":"https://www.csirts.com/advisory/cve-2026-14086-6034"},{"num":1774,"source_id":"msrc","external_id":"CVE-2026-56149","title":"CVE-2026-56149: Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service","severity":"medium","cvss":4.9,"cves":["CVE-2026-56149"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56149","csirts_url":"https://www.csirts.com/advisory/cve-2026-56149-1774"},{"num":6123,"source_id":"msrc","external_id":"CVE-2026-14141","title":"CVE-2026-14141: Chromium: CVE-2026-14141 Incorrect security UI in Document Picture-in-Picture","severity":"unknown","cvss":null,"cves":["CVE-2026-14141"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14141","csirts_url":"https://www.csirts.com/advisory/cve-2026-14141-6123"},{"num":184,"source_id":"msrc","external_id":"CVE-2026-53339","title":"CVE-2026-53339: i2c: qcom-cci: Fix NULL pointer dereference in cci_remove()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53339"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53339","csirts_url":"https://www.csirts.com/advisory/cve-2026-53339-184"},{"num":5978,"source_id":"msrc","external_id":"CVE-2026-57983","title":"CVE-2026-57983: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability","severity":"high","cvss":8.7,"cves":["CVE-2026-57983"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57983","csirts_url":"https://www.csirts.com/advisory/cve-2026-57983-5978"},{"num":85952,"source_id":"msrc","external_id":"CVE-2026-8927","title":"CVE-2026-8927: env-set cross-proxy Digest auth state leak","severity":"medium","cvss":5.3,"cves":["CVE-2026-8927"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8927","csirts_url":"https://www.csirts.com/advisory/cve-2026-8927-85952"},{"num":1775,"source_id":"msrc","external_id":"CVE-2026-14258","title":"CVE-2026-14258: Dhcpcd: dhcpcd infinite loop and out-of-bounds read via zero-length ipv6 nd option in router advertisement handling","severity":"medium","cvss":6.5,"cves":["CVE-2026-14258"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14258","csirts_url":"https://www.csirts.com/advisory/cve-2026-14258-1775"},{"num":6164,"source_id":"msrc","external_id":"CVE-2026-14000","title":"CVE-2026-14000: Chromium: CVE-2026-14000 Inappropriate implementation in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-14000"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14000","csirts_url":"https://www.csirts.com/advisory/cve-2026-14000-6164"},{"num":85953,"source_id":"msrc","external_id":"CVE-2026-12064","title":"CVE-2026-12064: proto-default skips SSH verification","severity":"high","cvss":7.5,"cves":["CVE-2026-12064"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12064","csirts_url":"https://www.csirts.com/advisory/cve-2026-12064-85953"},{"num":6108,"source_id":"msrc","external_id":"CVE-2026-14039","title":"CVE-2026-14039: Chromium: CVE-2026-14039 Insufficient policy enforcement in GetUserMedia","severity":"unknown","cvss":null,"cves":["CVE-2026-14039"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14039","csirts_url":"https://www.csirts.com/advisory/cve-2026-14039-6108"},{"num":5727,"source_id":"msrc","external_id":"CVE-2026-13815","title":"CVE-2026-13815: Chromium: CVE-2026-13815 Use after free in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-13815"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13815","csirts_url":"https://www.csirts.com/advisory/cve-2026-13815-5727"},{"num":5845,"source_id":"msrc","external_id":"CVE-2026-14072","title":"CVE-2026-14072: Chromium: CVE-2026-14072 Incorrect security UI in SplitView","severity":"unknown","cvss":null,"cves":["CVE-2026-14072"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14072","csirts_url":"https://www.csirts.com/advisory/cve-2026-14072-5845"},{"num":6058,"source_id":"msrc","external_id":"CVE-2026-13835","title":"CVE-2026-13835: Chromium: CVE-2026-13835 Inappropriate implementation in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-13835"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13835","csirts_url":"https://www.csirts.com/advisory/cve-2026-13835-6058"},{"num":1071,"source_id":"msrc","external_id":"CVE-2026-14129","title":"CVE-2026-14129: Chromium: CVE-2026-14129 Incorrect security UI in PreviewTab","severity":"unknown","cvss":null,"cves":["CVE-2026-14129"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14129","csirts_url":"https://www.csirts.com/advisory/cve-2026-14129-1071"},{"num":3579,"source_id":"msrc","external_id":"CVE-2026-53327","title":"CVE-2026-53327: debugobjects: Do not fill_pool() if pi_blocked_on","severity":"medium","cvss":5.5,"cves":["CVE-2026-53327"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53327","csirts_url":"https://www.csirts.com/advisory/cve-2026-53327-3579"},{"num":2593,"source_id":"msrc","external_id":"CVE-2026-58276","title":"CVE-2026-58276: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-58276"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58276","csirts_url":"https://www.csirts.com/advisory/cve-2026-58276-2593"},{"num":150,"source_id":"msrc","external_id":"CVE-2026-14106","title":"CVE-2026-14106: Chromium: CVE-2026-14106 Insufficient validation of untrusted input in Text","severity":"unknown","cvss":null,"cves":["CVE-2026-14106"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14106","csirts_url":"https://www.csirts.com/advisory/cve-2026-14106-150"},{"num":1785,"source_id":"msrc","external_id":"CVE-2026-58282","title":"CVE-2026-58282: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-58282"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58282","csirts_url":"https://www.csirts.com/advisory/cve-2026-58282-1785"},{"num":6100,"source_id":"msrc","external_id":"CVE-2026-13962","title":"CVE-2026-13962: Chromium: CVE-2026-13962 Insufficient data validation in PDF","severity":"unknown","cvss":null,"cves":["CVE-2026-13962"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13962","csirts_url":"https://www.csirts.com/advisory/cve-2026-13962-6100"},{"num":3478,"source_id":"msrc","external_id":"CVE-2026-56646","title":"CVE-2026-56646: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-56646"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56646","csirts_url":"https://www.csirts.com/advisory/cve-2026-56646-3478"},{"num":6054,"source_id":"msrc","external_id":"CVE-2026-13832","title":"CVE-2026-13832: Chromium: CVE-2026-13832 Use after free in Headless","severity":"unknown","cvss":null,"cves":["CVE-2026-13832"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13832","csirts_url":"https://www.csirts.com/advisory/cve-2026-13832-6054"},{"num":6170,"source_id":"msrc","external_id":"CVE-2026-57986","title":"CVE-2026-57986: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-57986"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57986","csirts_url":"https://www.csirts.com/advisory/cve-2026-57986-6170"},{"num":85922,"source_id":"msrc","external_id":"CVE-2026-50722","title":"CVE-2026-50722: IKEv2 Denial of Service via RSA-SHA1 (PKCS#1 RSASSA-PKCS1-v1_5) authentication payload","severity":"high","cvss":8.1,"cves":["CVE-2026-50722"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50722","csirts_url":"https://www.csirts.com/advisory/cve-2026-50722-85922"},{"num":3569,"source_id":"msrc","external_id":"CVE-2026-14108","title":"CVE-2026-14108: Chromium: CVE-2026-14108 Use after free in PDFium","severity":"unknown","cvss":null,"cves":["CVE-2026-14108"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14108","csirts_url":"https://www.csirts.com/advisory/cve-2026-14108-3569"},{"num":6168,"source_id":"msrc","external_id":"CVE-2026-45488","title":"CVE-2026-45488: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-45488"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45488","csirts_url":"https://www.csirts.com/advisory/cve-2026-45488-6168"},{"num":2537,"source_id":"msrc","external_id":"CVE-2026-14124","title":"CVE-2026-14124: Chromium: CVE-2026-14124 Inappropriate implementation in CredentialProvider","severity":"unknown","cvss":null,"cves":["CVE-2026-14124"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14124","csirts_url":"https://www.csirts.com/advisory/cve-2026-14124-2537"},{"num":1038,"source_id":"msrc","external_id":"CVE-2026-13938","title":"CVE-2026-13938: Chromium: CVE-2026-13938 Integer overflow in Fonts","severity":"unknown","cvss":null,"cves":["CVE-2026-13938"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13938","csirts_url":"https://www.csirts.com/advisory/cve-2026-13938-1038"},{"num":884,"source_id":"msrc","external_id":"CVE-2026-56645","title":"CVE-2026-56645: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-56645"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56645","csirts_url":"https://www.csirts.com/advisory/cve-2026-56645-884"},{"num":2561,"source_id":"msrc","external_id":"CVE-2026-14040","title":"CVE-2026-14040: Chromium: CVE-2026-14040 Use after free in BrowserTag","severity":"unknown","cvss":null,"cves":["CVE-2026-14040"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14040","csirts_url":"https://www.csirts.com/advisory/cve-2026-14040-2561"},{"num":5851,"source_id":"msrc","external_id":"CVE-2026-14061","title":"CVE-2026-14061: Chromium: CVE-2026-14061 Inappropriate implementation in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-14061"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14061","csirts_url":"https://www.csirts.com/advisory/cve-2026-14061-5851"},{"num":2513,"source_id":"msrc","external_id":"CVE-2026-58522","title":"CVE-2026-58522: Microsoft Edge for Android Information Disclosure Vulnerability","severity":"medium","cvss":6.8,"cves":["CVE-2026-58522"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58522","csirts_url":"https://www.csirts.com/advisory/cve-2026-58522-2513"},{"num":904,"source_id":"msrc","external_id":"CVE-2026-13797","title":"CVE-2026-13797: Chromium: CVE-2026-13797 Insufficient validation of untrusted input in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13797"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13797","csirts_url":"https://www.csirts.com/advisory/cve-2026-13797-904"},{"num":889,"source_id":"msrc","external_id":"CVE-2026-13776","title":"CVE-2026-13776: Chromium: CVE-2026-13776 Type Confusion in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-13776"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13776","csirts_url":"https://www.csirts.com/advisory/cve-2026-13776-889"},{"num":6132,"source_id":"msrc","external_id":"CVE-2026-14109","title":"CVE-2026-14109: Chromium: CVE-2026-14109 Insufficient policy enforcement in Mojo","severity":"unknown","cvss":null,"cves":["CVE-2026-14109"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14109","csirts_url":"https://www.csirts.com/advisory/cve-2026-14109-6132"},{"num":2587,"source_id":"msrc","external_id":"CVE-2026-13977","title":"CVE-2026-13977: Chromium: CVE-2026-13977 Inappropriate implementation in HTMLParser","severity":"unknown","cvss":null,"cves":["CVE-2026-13977"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13977","csirts_url":"https://www.csirts.com/advisory/cve-2026-13977-2587"},{"num":1526,"source_id":"msrc","external_id":"CVE-2026-57987","title":"CVE-2026-57987: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-57987"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57987","csirts_url":"https://www.csirts.com/advisory/cve-2026-57987-1526"},{"num":6099,"source_id":"msrc","external_id":"CVE-2026-13960","title":"CVE-2026-13960: Chromium: CVE-2026-13960 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13960"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13960","csirts_url":"https://www.csirts.com/advisory/cve-2026-13960-6099"},{"num":2223,"source_id":"msrc","external_id":"CVE-2026-13982","title":"CVE-2026-13982: Chromium: CVE-2026-13982 Incorrect security UI in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13982"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13982","csirts_url":"https://www.csirts.com/advisory/cve-2026-13982-2223"},{"num":2490,"source_id":"msrc","external_id":"CVE-2026-14049","title":"CVE-2026-14049: Chromium: CVE-2026-14049 Inappropriate implementation in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-14049"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14049","csirts_url":"https://www.csirts.com/advisory/cve-2026-14049-2490"},{"num":2279,"source_id":"msrc","external_id":"CVE-2026-13976","title":"CVE-2026-13976: Chromium: CVE-2026-13976 Heap buffer overflow in Storage","severity":"unknown","cvss":null,"cves":["CVE-2026-13976"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13976","csirts_url":"https://www.csirts.com/advisory/cve-2026-13976-2279"},{"num":881,"source_id":"msrc","external_id":"CVE-2026-14125","title":"CVE-2026-14125: Chromium: CVE-2026-14125 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-14125"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14125","csirts_url":"https://www.csirts.com/advisory/cve-2026-14125-881"},{"num":5853,"source_id":"msrc","external_id":"CVE-2026-14051","title":"CVE-2026-14051: Chromium: CVE-2026-14051 Uninitialized Use in GamepadAPI","severity":"unknown","cvss":null,"cves":["CVE-2026-14051"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14051","csirts_url":"https://www.csirts.com/advisory/cve-2026-14051-5853"},{"num":2322,"source_id":"msrc","external_id":"CVE-2026-13971","title":"CVE-2026-13971: Chromium: CVE-2026-13971 Uninitialized Use in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-13971"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13971","csirts_url":"https://www.csirts.com/advisory/cve-2026-13971-2322"},{"num":2584,"source_id":"msrc","external_id":"CVE-2026-13978","title":"CVE-2026-13978: Chromium: CVE-2026-13978 Insufficient policy enforcement in PageInfo","severity":"unknown","cvss":null,"cves":["CVE-2026-13978"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13978","csirts_url":"https://www.csirts.com/advisory/cve-2026-13978-2584"},{"num":1121,"source_id":"msrc","external_id":"CVE-2026-14013","title":"CVE-2026-14013: Chromium: CVE-2026-14013 Inappropriate implementation in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-14013"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14013","csirts_url":"https://www.csirts.com/advisory/cve-2026-14013-1121"},{"num":3556,"source_id":"msrc","external_id":"CVE-2026-14135","title":"CVE-2026-14135: Chromium: CVE-2026-14135 Insufficient validation of untrusted input in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-14135"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14135","csirts_url":"https://www.csirts.com/advisory/cve-2026-14135-3556"},{"num":5776,"source_id":"msrc","external_id":"CVE-2026-13933","title":"CVE-2026-13933: Chromium: CVE-2026-13933 Insufficient policy enforcement in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13933"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13933","csirts_url":"https://www.csirts.com/advisory/cve-2026-13933-5776"},{"num":2528,"source_id":"msrc","external_id":"CVE-2026-13817","title":"CVE-2026-13817: Chromium: CVE-2026-13817 Insufficient validation of untrusted input in Glic","severity":"unknown","cvss":null,"cves":["CVE-2026-13817"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13817","csirts_url":"https://www.csirts.com/advisory/cve-2026-13817-2528"},{"num":6074,"source_id":"msrc","external_id":"CVE-2026-13888","title":"CVE-2026-13888: Chromium: CVE-2026-13888 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13888"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13888","csirts_url":"https://www.csirts.com/advisory/cve-2026-13888-6074"},{"num":1082,"source_id":"msrc","external_id":"CVE-2026-14064","title":"CVE-2026-14064: Chromium: CVE-2026-14064 Use after free in PageInfo","severity":"unknown","cvss":null,"cves":["CVE-2026-14064"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14064","csirts_url":"https://www.csirts.com/advisory/cve-2026-14064-1082"},{"num":185,"source_id":"msrc","external_id":"CVE-2026-49090","title":"CVE-2026-49090: Uncontrolled Resource Consumption in Elasticsearch Leading to Denial of Service","severity":"medium","cvss":6.5,"cves":["CVE-2026-49090"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49090","csirts_url":"https://www.csirts.com/advisory/cve-2026-49090-185"},{"num":2221,"source_id":"msrc","external_id":"CVE-2026-13984","title":"CVE-2026-13984: Chromium: CVE-2026-13984 Incorrect security UI in TabStrip","severity":"unknown","cvss":null,"cves":["CVE-2026-13984"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13984","csirts_url":"https://www.csirts.com/advisory/cve-2026-13984-2221"},{"num":798,"source_id":"msrc","external_id":"CVE-2026-53336","title":"CVE-2026-53336: nvmem: layouts: onie-tlv: fix hang on unknown types","severity":"medium","cvss":5.5,"cves":["CVE-2026-53336"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53336","csirts_url":"https://www.csirts.com/advisory/cve-2026-53336-798"},{"num":2543,"source_id":"msrc","external_id":"CVE-2026-14095","title":"CVE-2026-14095: Chromium: CVE-2026-14095 Insufficient validation of untrusted input in Browser","severity":"unknown","cvss":null,"cves":["CVE-2026-14095"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14095","csirts_url":"https://www.csirts.com/advisory/cve-2026-14095-2543"},{"num":124150,"source_id":"msrc","external_id":"CVE-2026-12480","title":"CVE-2026-12480: Arbitrary HDF5 File Read via Virtual Dataset Bypass in keras-team/keras","severity":"medium","cvss":5.5,"cves":["CVE-2026-12480"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12480","csirts_url":"https://www.csirts.com/advisory/cve-2026-12480-124150"},{"num":3544,"source_id":"msrc","external_id":"CVE-2026-13968","title":"CVE-2026-13968: Chromium: CVE-2026-13968 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-13968"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13968","csirts_url":"https://www.csirts.com/advisory/cve-2026-13968-3544"},{"num":169,"source_id":"msrc","external_id":"CVE-2026-14085","title":"CVE-2026-14085: Chromium: CVE-2026-14085 Side-channel information leakage in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-14085"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14085","csirts_url":"https://www.csirts.com/advisory/cve-2026-14085-169"},{"num":1971,"source_id":"msrc","external_id":"CVE-2026-14054","title":"CVE-2026-14054: Chromium: CVE-2026-14054 Insufficient policy enforcement in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-14054"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14054","csirts_url":"https://www.csirts.com/advisory/cve-2026-14054-1971"},{"num":1751,"source_id":"msrc","external_id":"CVE-2026-53349","title":"CVE-2026-53349: netfilter: nf_conntrack: destroy stale expectfn expectations on unregister","severity":"medium","cvss":5.5,"cves":["CVE-2026-53349"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53349","csirts_url":"https://www.csirts.com/advisory/cve-2026-53349-1751"},{"num":3500,"source_id":"msrc","external_id":"CVE-2026-14155","title":"CVE-2026-14155: Chromium: CVE-2026-14155 Insufficient policy enforcement in StorageAccessAPI","severity":"unknown","cvss":null,"cves":["CVE-2026-14155"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14155","csirts_url":"https://www.csirts.com/advisory/cve-2026-14155-3500"},{"num":6091,"source_id":"msrc","external_id":"CVE-2026-13948","title":"CVE-2026-13948: Chromium: CVE-2026-13948 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13948"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13948","csirts_url":"https://www.csirts.com/advisory/cve-2026-13948-6091"},{"num":133,"source_id":"msrc","external_id":"CVE-2026-14107","title":"CVE-2026-14107: Chromium: CVE-2026-14107 Use after free in Scheduling","severity":"unknown","cvss":null,"cves":["CVE-2026-14107"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14107","csirts_url":"https://www.csirts.com/advisory/cve-2026-14107-133"},{"num":6169,"source_id":"msrc","external_id":"CVE-2026-57981","title":"CVE-2026-57981: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-57981"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57981","csirts_url":"https://www.csirts.com/advisory/cve-2026-57981-6169"},{"num":6135,"source_id":"msrc","external_id":"CVE-2026-14102","title":"CVE-2026-14102: Chromium: CVE-2026-14102 Use after free in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-14102"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14102","csirts_url":"https://www.csirts.com/advisory/cve-2026-14102-6135"},{"num":2613,"source_id":"msrc","external_id":"CVE-2026-13806","title":"CVE-2026-13806: Chromium: CVE-2026-13806 Insufficient validation of untrusted input in Accessibility","severity":"unknown","cvss":null,"cves":["CVE-2026-13806"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13806","csirts_url":"https://www.csirts.com/advisory/cve-2026-13806-2613"},{"num":5725,"source_id":"msrc","external_id":"CVE-2026-13786","title":"CVE-2026-13786: Chromium: CVE-2026-13786 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-13786"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13786","csirts_url":"https://www.csirts.com/advisory/cve-2026-13786-5725"},{"num":70,"source_id":"msrc","external_id":"CVE-2026-14118","title":"CVE-2026-14118: Chromium: CVE-2026-14118 Insufficient data validation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14118"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14118","csirts_url":"https://www.csirts.com/advisory/cve-2026-14118-70"},{"num":6088,"source_id":"msrc","external_id":"CVE-2026-13940","title":"CVE-2026-13940: Chromium: CVE-2026-13940 Uninitialized Use in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-13940"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13940","csirts_url":"https://www.csirts.com/advisory/cve-2026-13940-6088"},{"num":6066,"source_id":"msrc","external_id":"CVE-2026-13882","title":"CVE-2026-13882: Chromium: CVE-2026-13882 Inappropriate implementation in USB","severity":"unknown","cvss":null,"cves":["CVE-2026-13882"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13882","csirts_url":"https://www.csirts.com/advisory/cve-2026-13882-6066"},{"num":6053,"source_id":"msrc","external_id":"CVE-2026-13828","title":"CVE-2026-13828: Chromium: CVE-2026-13828 Inappropriate implementation in Enterprise","severity":"unknown","cvss":null,"cves":["CVE-2026-13828"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13828","csirts_url":"https://www.csirts.com/advisory/cve-2026-13828-6053"},{"num":176,"source_id":"msrc","external_id":"CVE-2026-14007","title":"CVE-2026-14007: Chromium: CVE-2026-14007 Insufficient policy enforcement in PermissionsPolicy","severity":"unknown","cvss":null,"cves":["CVE-2026-14007"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14007","csirts_url":"https://www.csirts.com/advisory/cve-2026-14007-176"},{"num":1183,"source_id":"msrc","external_id":"CVE-2026-14120","title":"CVE-2026-14120: Chromium: CVE-2026-14120 Inappropriate implementation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14120"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14120","csirts_url":"https://www.csirts.com/advisory/cve-2026-14120-1183"},{"num":6090,"source_id":"msrc","external_id":"CVE-2026-13942","title":"CVE-2026-13942: Chromium: CVE-2026-13942 Insufficient validation of untrusted input in Video Capture","severity":"unknown","cvss":null,"cves":["CVE-2026-13942"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13942","csirts_url":"https://www.csirts.com/advisory/cve-2026-13942-6090"},{"num":3552,"source_id":"msrc","external_id":"CVE-2026-13798","title":"CVE-2026-13798: Chromium: CVE-2026-13798 Heap buffer overflow in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13798"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13798","csirts_url":"https://www.csirts.com/advisory/cve-2026-13798-3552"},{"num":6073,"source_id":"msrc","external_id":"CVE-2026-13890","title":"CVE-2026-13890: Chromium: CVE-2026-13890 Out of bounds read in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13890"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13890","csirts_url":"https://www.csirts.com/advisory/cve-2026-13890-6073"},{"num":171,"source_id":"msrc","external_id":"CVE-2026-14083","title":"CVE-2026-14083: Chromium: CVE-2026-14083 Insufficient validation of untrusted input in HTML","severity":"unknown","cvss":null,"cves":["CVE-2026-14083"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14083","csirts_url":"https://www.csirts.com/advisory/cve-2026-14083-171"},{"num":182,"source_id":"msrc","external_id":"CVE-2026-45489","title":"CVE-2026-45489: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-45489"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45489","csirts_url":"https://www.csirts.com/advisory/cve-2026-45489-182"},{"num":1150,"source_id":"msrc","external_id":"CVE-2026-58289","title":"CVE-2026-58289: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"critical","cvss":9,"cves":["CVE-2026-58289"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58289","csirts_url":"https://www.csirts.com/advisory/cve-2026-58289-1150"},{"num":1161,"source_id":"msrc","external_id":"CVE-2026-58292","title":"CVE-2026-58292: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-58292"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58292","csirts_url":"https://www.csirts.com/advisory/cve-2026-58292-1161"},{"num":6138,"source_id":"msrc","external_id":"CVE-2026-14097","title":"CVE-2026-14097: Chromium: CVE-2026-14097 Inappropriate implementation in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-14097"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14097","csirts_url":"https://www.csirts.com/advisory/cve-2026-14097-6138"},{"num":172,"source_id":"msrc","external_id":"CVE-2026-14073","title":"CVE-2026-14073: Chromium: CVE-2026-14073 Insufficient policy enforcement in WebXR","severity":"unknown","cvss":null,"cves":["CVE-2026-14073"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14073","csirts_url":"https://www.csirts.com/advisory/cve-2026-14073-172"},{"num":1151,"source_id":"msrc","external_id":"CVE-2026-58290","title":"CVE-2026-58290: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-58290"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58290","csirts_url":"https://www.csirts.com/advisory/cve-2026-58290-1151"},{"num":6152,"source_id":"msrc","external_id":"CVE-2026-14035","title":"CVE-2026-14035: Chromium: CVE-2026-14035 Insufficient policy enforcement in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-14035"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14035","csirts_url":"https://www.csirts.com/advisory/cve-2026-14035-6152"},{"num":2577,"source_id":"msrc","external_id":"CVE-2026-13985","title":"CVE-2026-13985: Chromium: CVE-2026-13985 Inappropriate implementation in MediaCapture","severity":"unknown","cvss":null,"cves":["CVE-2026-13985"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13985","csirts_url":"https://www.csirts.com/advisory/cve-2026-13985-2577"},{"num":186423,"source_id":"msrc","external_id":"CVE-2026-60001","title":"CVE-2026-60001: sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.","severity":"medium","cvss":6.5,"cves":["CVE-2026-60001"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-60001","csirts_url":"https://www.csirts.com/advisory/cve-2026-60001-186423"},{"num":1172,"source_id":"msrc","external_id":"CVE-2026-14134","title":"CVE-2026-14134: Chromium: CVE-2026-14134 Inappropriate implementation in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-14134"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14134","csirts_url":"https://www.csirts.com/advisory/cve-2026-14134-1172"},{"num":3545,"source_id":"msrc","external_id":"CVE-2026-13967","title":"CVE-2026-13967: Chromium: CVE-2026-13967 Type Confusion in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-13967"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13967","csirts_url":"https://www.csirts.com/advisory/cve-2026-13967-3545"},{"num":6173,"source_id":"msrc","external_id":"CVE-2026-58288","title":"CVE-2026-58288: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.3,"cves":["CVE-2026-58288"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58288","csirts_url":"https://www.csirts.com/advisory/cve-2026-58288-6173"},{"num":2607,"source_id":"msrc","external_id":"CVE-2026-58298","title":"CVE-2026-58298: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"high","cvss":7.2,"cves":["CVE-2026-58298"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58298","csirts_url":"https://www.csirts.com/advisory/cve-2026-58298-2607"},{"num":1803,"source_id":"msrc","external_id":"CVE-2026-53356","title":"CVE-2026-53356: drm/i915/gem: Fix phys BO pread/pwrite with offset","severity":"high","cvss":7.1,"cves":["CVE-2026-53356"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53356","csirts_url":"https://www.csirts.com/advisory/cve-2026-53356-1803"},{"num":6156,"source_id":"msrc","external_id":"CVE-2026-14018","title":"CVE-2026-14018: Chromium: CVE-2026-14018 Use after free in Updater","severity":"unknown","cvss":null,"cves":["CVE-2026-14018"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14018","csirts_url":"https://www.csirts.com/advisory/cve-2026-14018-6156"},{"num":85937,"source_id":"msrc","external_id":"CVE-2026-14355","title":"CVE-2026-14355: ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD","severity":"medium","cvss":5.6,"cves":["CVE-2026-14355"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14355","csirts_url":"https://www.csirts.com/advisory/cve-2026-14355-85937"},{"num":186431,"source_id":"msrc","external_id":"CVE-2026-54908","title":"CVE-2026-54908: Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message","severity":"unknown","cvss":null,"cves":["CVE-2026-54908"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54908","csirts_url":"https://www.csirts.com/advisory/cve-2026-54908-186431"},{"num":3526,"source_id":"msrc","external_id":"CVE-2026-13861","title":"CVE-2026-13861: Chromium: CVE-2026-13861 Use after free in Core","severity":"unknown","cvss":null,"cves":["CVE-2026-13861"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13861","csirts_url":"https://www.csirts.com/advisory/cve-2026-13861-3526"},{"num":3502,"source_id":"msrc","external_id":"CVE-2026-14140","title":"CVE-2026-14140: Chromium: CVE-2026-14140 Insufficient validation of untrusted input in Input","severity":"unknown","cvss":null,"cves":["CVE-2026-14140"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14140","csirts_url":"https://www.csirts.com/advisory/cve-2026-14140-3502"},{"num":5852,"source_id":"msrc","external_id":"CVE-2026-14056","title":"CVE-2026-14056: Chromium: CVE-2026-14056 Insufficient validation of untrusted input in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-14056"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14056","csirts_url":"https://www.csirts.com/advisory/cve-2026-14056-5852"},{"num":6064,"source_id":"msrc","external_id":"CVE-2026-13874","title":"CVE-2026-13874: Chromium: CVE-2026-13874 Inappropriate implementation in DataTransfer","severity":"unknown","cvss":null,"cves":["CVE-2026-13874"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13874","csirts_url":"https://www.csirts.com/advisory/cve-2026-13874-6064"},{"num":976,"source_id":"msrc","external_id":"CVE-2026-13898","title":"CVE-2026-13898: Chromium: CVE-2026-13898 Use after free in Cast Receiver","severity":"unknown","cvss":null,"cves":["CVE-2026-13898"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13898","csirts_url":"https://www.csirts.com/advisory/cve-2026-13898-976"},{"num":6175,"source_id":"msrc","external_id":"CVE-2026-58294","title":"CVE-2026-58294: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-58294"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58294","csirts_url":"https://www.csirts.com/advisory/cve-2026-58294-6175"},{"num":6124,"source_id":"msrc","external_id":"CVE-2026-14131","title":"CVE-2026-14131: Chromium: CVE-2026-14131 Insufficient validation of untrusted input in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-14131"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14131","csirts_url":"https://www.csirts.com/advisory/cve-2026-14131-6124"},{"num":3538,"source_id":"msrc","external_id":"CVE-2026-14026","title":"CVE-2026-14026: Chromium: CVE-2026-14026 Incorrect security UI in SplitView","severity":"unknown","cvss":null,"cves":["CVE-2026-14026"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14026","csirts_url":"https://www.csirts.com/advisory/cve-2026-14026-3538"},{"num":1098,"source_id":"msrc","external_id":"CVE-2026-14032","title":"CVE-2026-14032: Chromium: CVE-2026-14032 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-14032"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14032","csirts_url":"https://www.csirts.com/advisory/cve-2026-14032-1098"},{"num":85925,"source_id":"msrc","external_id":"CVE-2026-8932","title":"CVE-2026-8932: incomplete mTLS config matching in conn reuse","severity":"high","cvss":7.5,"cves":["CVE-2026-8932"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8932","csirts_url":"https://www.csirts.com/advisory/cve-2026-8932-85925"},{"num":6126,"source_id":"msrc","external_id":"CVE-2026-14122","title":"CVE-2026-14122: Chromium: CVE-2026-14122 Insufficient validation of untrusted input in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-14122"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14122","csirts_url":"https://www.csirts.com/advisory/cve-2026-14122-6126"},{"num":6166,"source_id":"msrc","external_id":"CVE-2026-13988","title":"CVE-2026-13988: Chromium: CVE-2026-13988 Inappropriate implementation in Paint","severity":"unknown","cvss":null,"cves":["CVE-2026-13988"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13988","csirts_url":"https://www.csirts.com/advisory/cve-2026-13988-6166"},{"num":85936,"source_id":"msrc","external_id":"CVE-2026-53359","title":"CVE-2026-53359: KVM: x86: Fix shadow paging use-after-free due to unexpected role","severity":"high","cvss":7,"cves":["CVE-2026-53359"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53359","csirts_url":"https://www.csirts.com/advisory/cve-2026-53359-85936"},{"num":2211,"source_id":"msrc","external_id":"CVE-2026-13802","title":"CVE-2026-13802: Chromium: CVE-2026-13802 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-13802"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13802","csirts_url":"https://www.csirts.com/advisory/cve-2026-13802-2211"},{"num":186426,"source_id":"msrc","external_id":"CVE-2026-60002","title":"CVE-2026-60002: ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)","severity":"high","cvss":7.7,"cves":["CVE-2026-60002"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-60002","csirts_url":"https://www.csirts.com/advisory/cve-2026-60002-186426"},{"num":5855,"source_id":"msrc","external_id":"CVE-2026-14048","title":"CVE-2026-14048: Chromium: CVE-2026-14048 Use after free in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-14048"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14048","csirts_url":"https://www.csirts.com/advisory/cve-2026-14048-5855"},{"num":85938,"source_id":"msrc","external_id":"CVE-2026-53361","title":"CVE-2026-53361: af_unix: Set gc_in_progress to true in unix_gc().","severity":"medium","cvss":4.5,"cves":["CVE-2026-53361"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53361","csirts_url":"https://www.csirts.com/advisory/cve-2026-53361-85938"},{"num":1009,"source_id":"msrc","external_id":"CVE-2026-13925","title":"CVE-2026-13925: Chromium: CVE-2026-13925 Inappropriate implementation in Downloads","severity":"unknown","cvss":null,"cves":["CVE-2026-13925"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13925","csirts_url":"https://www.csirts.com/advisory/cve-2026-13925-1009"},{"num":1145,"source_id":"msrc","external_id":"CVE-2026-57974","title":"CVE-2026-57974: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-57974"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57974","csirts_url":"https://www.csirts.com/advisory/cve-2026-57974-1145"},{"num":3528,"source_id":"msrc","external_id":"CVE-2026-14052","title":"CVE-2026-14052: Chromium: CVE-2026-14052 Insufficient policy enforcement in FileSystem","severity":"unknown","cvss":null,"cves":["CVE-2026-14052"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14052","csirts_url":"https://www.csirts.com/advisory/cve-2026-14052-3528"},{"num":6136,"source_id":"msrc","external_id":"CVE-2026-14100","title":"CVE-2026-14100: Chromium: CVE-2026-14100 Insufficient data validation in NetworkCache","severity":"unknown","cvss":null,"cves":["CVE-2026-14100"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14100","csirts_url":"https://www.csirts.com/advisory/cve-2026-14100-6136"},{"num":5849,"source_id":"msrc","external_id":"CVE-2026-14063","title":"CVE-2026-14063: Chromium: CVE-2026-14063 Out of bounds memory access in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-14063"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14063","csirts_url":"https://www.csirts.com/advisory/cve-2026-14063-5849"},{"num":6174,"source_id":"msrc","external_id":"CVE-2026-58293","title":"CVE-2026-58293: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-58293"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58293","csirts_url":"https://www.csirts.com/advisory/cve-2026-58293-6174"},{"num":3485,"source_id":"msrc","external_id":"CVE-2026-13824","title":"CVE-2026-13824: Chromium: CVE-2026-13824 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13824"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13824","csirts_url":"https://www.csirts.com/advisory/cve-2026-13824-3485"},{"num":3484,"source_id":"msrc","external_id":"CVE-2026-13784","title":"CVE-2026-13784: Chromium: CVE-2026-13784 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-13784"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13784","csirts_url":"https://www.csirts.com/advisory/cve-2026-13784-3484"},{"num":5846,"source_id":"msrc","external_id":"CVE-2026-14070","title":"CVE-2026-14070: Chromium: CVE-2026-14070 Uninitialized Use in WebNN","severity":"unknown","cvss":null,"cves":["CVE-2026-14070"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14070","csirts_url":"https://www.csirts.com/advisory/cve-2026-14070-5846"},{"num":6081,"source_id":"msrc","external_id":"CVE-2026-13903","title":"CVE-2026-13903: Chromium: CVE-2026-13903 Insufficient policy enforcement in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-13903"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13903","csirts_url":"https://www.csirts.com/advisory/cve-2026-13903-6081"},{"num":3523,"source_id":"msrc","external_id":"CVE-2026-13860","title":"CVE-2026-13860: Chromium: CVE-2026-13860 Incorrect security UI in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-13860"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13860","csirts_url":"https://www.csirts.com/advisory/cve-2026-13860-3523"},{"num":6055,"source_id":"msrc","external_id":"CVE-2026-13831","title":"CVE-2026-13831: Chromium: CVE-2026-13831 Use after free in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-13831"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13831","csirts_url":"https://www.csirts.com/advisory/cve-2026-13831-6055"},{"num":6163,"source_id":"msrc","external_id":"CVE-2026-14001","title":"CVE-2026-14001: Chromium: CVE-2026-14001 Inappropriate implementation in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-14001"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14001","csirts_url":"https://www.csirts.com/advisory/cve-2026-14001-6163"},{"num":85935,"source_id":"msrc","external_id":"CVE-2026-53362","title":"CVE-2026-53362: ipv6: account for fraggap on the paged allocation path","severity":"high","cvss":7.3,"cves":["CVE-2026-53362"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53362","csirts_url":"https://www.csirts.com/advisory/cve-2026-53362-85935"},{"num":3539,"source_id":"msrc","external_id":"CVE-2026-13864","title":"CVE-2026-13864: Chromium: CVE-2026-13864 Insufficient policy enforcement in WebHID","severity":"unknown","cvss":null,"cves":["CVE-2026-13864"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13864","csirts_url":"https://www.csirts.com/advisory/cve-2026-13864-3539"},{"num":3521,"source_id":"msrc","external_id":"CVE-2026-14076","title":"CVE-2026-14076: Chromium: CVE-2026-14076 Policy bypass in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-14076"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14076","csirts_url":"https://www.csirts.com/advisory/cve-2026-14076-3521"},{"num":3671,"source_id":"msrc","external_id":"CVE-2026-53353","title":"CVE-2026-53353: hsr: Remove WARN_ONCE() in hsr_addr_is_self().","severity":"medium","cvss":5.5,"cves":["CVE-2026-53353"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53353","csirts_url":"https://www.csirts.com/advisory/cve-2026-53353-3671"},{"num":6142,"source_id":"msrc","external_id":"CVE-2026-14088","title":"CVE-2026-14088: Chromium: CVE-2026-14088 Uninitialized Use in Canvas","severity":"unknown","cvss":null,"cves":["CVE-2026-14088"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14088","csirts_url":"https://www.csirts.com/advisory/cve-2026-14088-6142"},{"num":6075,"source_id":"msrc","external_id":"CVE-2026-13891","title":"CVE-2026-13891: Chromium: CVE-2026-13891 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13891"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13891","csirts_url":"https://www.csirts.com/advisory/cve-2026-13891-6075"},{"num":3547,"source_id":"msrc","external_id":"CVE-2026-58286","title":"CVE-2026-58286: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-58286"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58286","csirts_url":"https://www.csirts.com/advisory/cve-2026-58286-3547"},{"num":1059,"source_id":"msrc","external_id":"CVE-2026-14152","title":"CVE-2026-14152: Chromium: CVE-2026-14152 Out of bounds write in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-14152"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14152","csirts_url":"https://www.csirts.com/advisory/cve-2026-14152-1059"},{"num":177,"source_id":"msrc","external_id":"CVE-2026-13996","title":"CVE-2026-13996: Chromium: CVE-2026-13996 Incorrect security UI in Permissions","severity":"unknown","cvss":null,"cves":["CVE-2026-13996"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13996","csirts_url":"https://www.csirts.com/advisory/cve-2026-13996-177"},{"num":2168,"source_id":"msrc","external_id":"CVE-2026-14021","title":"CVE-2026-14021: Chromium: CVE-2026-14021 Insufficient validation of untrusted input in StorageAccessAPI","severity":"unknown","cvss":null,"cves":["CVE-2026-14021"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14021","csirts_url":"https://www.csirts.com/advisory/cve-2026-14021-2168"},{"num":6119,"source_id":"msrc","external_id":"CVE-2026-14146","title":"CVE-2026-14146: Chromium: CVE-2026-14146 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-14146"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14146","csirts_url":"https://www.csirts.com/advisory/cve-2026-14146-6119"},{"num":5854,"source_id":"msrc","external_id":"CVE-2026-14050","title":"CVE-2026-14050: Chromium: CVE-2026-14050 Insufficient policy enforcement in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-14050"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14050","csirts_url":"https://www.csirts.com/advisory/cve-2026-14050-5854"},{"num":85924,"source_id":"msrc","external_id":"CVE-2026-12413","title":"CVE-2026-12413: IKEv2 Denial of Service via malformed fragmentation","severity":"high","cvss":7.5,"cves":["CVE-2026-12413"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12413","csirts_url":"https://www.csirts.com/advisory/cve-2026-12413-85924"},{"num":3550,"source_id":"msrc","external_id":"CVE-2026-58597","title":"CVE-2026-58597: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"medium","cvss":4.3,"cves":["CVE-2026-58597"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58597","csirts_url":"https://www.csirts.com/advisory/cve-2026-58597-3550"},{"num":3524,"source_id":"msrc","external_id":"CVE-2026-14074","title":"CVE-2026-14074: Chromium: CVE-2026-14074 Side-channel information leakage in WebAuthentication","severity":"unknown","cvss":null,"cves":["CVE-2026-14074"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14074","csirts_url":"https://www.csirts.com/advisory/cve-2026-14074-3524"},{"num":3486,"source_id":"msrc","external_id":"CVE-2026-13830","title":"CVE-2026-13830: Chromium: CVE-2026-13830 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-13830"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13830","csirts_url":"https://www.csirts.com/advisory/cve-2026-13830-3486"},{"num":5223,"source_id":"msrc","external_id":"CVE-2026-13883","title":"CVE-2026-13883: Chromium: CVE-2026-13883 Type Confusion in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-13883"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13883","csirts_url":"https://www.csirts.com/advisory/cve-2026-13883-5223"},{"num":1605,"source_id":"msrc","external_id":"CVE-2026-14060","title":"CVE-2026-14060: Chromium: CVE-2026-14060 Insufficient validation of untrusted input in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-14060"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14060","csirts_url":"https://www.csirts.com/advisory/cve-2026-14060-1605"},{"num":6159,"source_id":"msrc","external_id":"CVE-2026-14009","title":"CVE-2026-14009: Chromium: CVE-2026-14009 Insufficient data validation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-14009"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14009","csirts_url":"https://www.csirts.com/advisory/cve-2026-14009-6159"},{"num":3078,"source_id":"msrc","external_id":"CVE-2026-53337","title":"CVE-2026-53337: net: bonding: fix NULL pointer dereference in bond_do_ioctl()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53337"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53337","csirts_url":"https://www.csirts.com/advisory/cve-2026-53337-3078"},{"num":6104,"source_id":"msrc","external_id":"CVE-2026-14105","title":"CVE-2026-14105: Chromium: CVE-2026-14105 Insufficient policy enforcement in Speech","severity":"unknown","cvss":null,"cves":["CVE-2026-14105"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14105","csirts_url":"https://www.csirts.com/advisory/cve-2026-14105-6104"},{"num":3075,"source_id":"msrc","external_id":"CVE-2026-13853","title":"CVE-2026-13853: Chromium: CVE-2026-13853 Use after free in Journeys","severity":"unknown","cvss":null,"cves":["CVE-2026-13853"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13853","csirts_url":"https://www.csirts.com/advisory/cve-2026-13853-3075"},{"num":6141,"source_id":"msrc","external_id":"CVE-2026-14089","title":"CVE-2026-14089: Chromium: CVE-2026-14089 Insufficient validation of untrusted input in PopupBlocker","severity":"unknown","cvss":null,"cves":["CVE-2026-14089"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14089","csirts_url":"https://www.csirts.com/advisory/cve-2026-14089-6141"},{"num":1116,"source_id":"msrc","external_id":"CVE-2026-14014","title":"CVE-2026-14014: Chromium: CVE-2026-14014 Inappropriate implementation in Paint","severity":"unknown","cvss":null,"cves":["CVE-2026-14014"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14014","csirts_url":"https://www.csirts.com/advisory/cve-2026-14014-1116"},{"num":85921,"source_id":"msrc","external_id":"CVE-2026-50721","title":"CVE-2026-50721: IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload","severity":"high","cvss":8.1,"cves":["CVE-2026-50721"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50721","csirts_url":"https://www.csirts.com/advisory/cve-2026-50721-85921"},{"num":2006,"source_id":"msrc","external_id":"CVE-2026-14025","title":"CVE-2026-14025: Chromium: CVE-2026-14025 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-14025"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14025","csirts_url":"https://www.csirts.com/advisory/cve-2026-14025-2006"},{"num":6062,"source_id":"msrc","external_id":"CVE-2026-13857","title":"CVE-2026-13857: Chromium: CVE-2026-13857 Inappropriate implementation in Geometry","severity":"unknown","cvss":null,"cves":["CVE-2026-13857"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13857","csirts_url":"https://www.csirts.com/advisory/cve-2026-13857-6062"},{"num":2209,"source_id":"msrc","external_id":"CVE-2026-13801","title":"CVE-2026-13801: Chromium: CVE-2026-13801 Integer overflow in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13801"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13801","csirts_url":"https://www.csirts.com/advisory/cve-2026-13801-2209"},{"num":3537,"source_id":"msrc","external_id":"CVE-2026-14031","title":"CVE-2026-14031: Chromium: CVE-2026-14031 Incorrect security UI in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-14031"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14031","csirts_url":"https://www.csirts.com/advisory/cve-2026-14031-3537"},{"num":2169,"source_id":"msrc","external_id":"CVE-2026-14017","title":"CVE-2026-14017: Chromium: CVE-2026-14017 Inappropriate implementation in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-14017"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14017","csirts_url":"https://www.csirts.com/advisory/cve-2026-14017-2169"},{"num":6122,"source_id":"msrc","external_id":"CVE-2026-14143","title":"CVE-2026-14143: Chromium: CVE-2026-14143 Incorrect security UI in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-14143"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14143","csirts_url":"https://www.csirts.com/advisory/cve-2026-14143-6122"},{"num":2987,"source_id":"msrc","external_id":"CVE-2026-13849","title":"CVE-2026-13849: Chromium: CVE-2026-13849 Insufficient validation of untrusted input in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-13849"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13849","csirts_url":"https://www.csirts.com/advisory/cve-2026-13849-2987"},{"num":3487,"source_id":"msrc","external_id":"CVE-2026-13859","title":"CVE-2026-13859: Chromium: CVE-2026-13859 Inappropriate implementation in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-13859"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13859","csirts_url":"https://www.csirts.com/advisory/cve-2026-13859-3487"},{"num":6129,"source_id":"msrc","external_id":"CVE-2026-14117","title":"CVE-2026-14117: Chromium: CVE-2026-14117 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14117"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14117","csirts_url":"https://www.csirts.com/advisory/cve-2026-14117-6129"},{"num":3551,"source_id":"msrc","external_id":"CVE-2026-13796","title":"CVE-2026-13796: Chromium: CVE-2026-13796 Integer overflow in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13796"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13796","csirts_url":"https://www.csirts.com/advisory/cve-2026-13796-3551"},{"num":1062,"source_id":"msrc","external_id":"CVE-2026-14132","title":"CVE-2026-14132: Chromium: CVE-2026-14132 Inappropriate implementation in WebXR","severity":"unknown","cvss":null,"cves":["CVE-2026-14132"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14132","csirts_url":"https://www.csirts.com/advisory/cve-2026-14132-1062"},{"num":6127,"source_id":"msrc","external_id":"CVE-2026-14121","title":"CVE-2026-14121: Chromium: CVE-2026-14121 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-14121"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14121","csirts_url":"https://www.csirts.com/advisory/cve-2026-14121-6127"},{"num":3503,"source_id":"msrc","external_id":"CVE-2026-14139","title":"CVE-2026-14139: Chromium: CVE-2026-14139 Inappropriate implementation in TabStrip","severity":"unknown","cvss":null,"cves":["CVE-2026-14139"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14139","csirts_url":"https://www.csirts.com/advisory/cve-2026-14139-3503"},{"num":2887,"source_id":"msrc","external_id":"CVE-2026-53347","title":"CVE-2026-53347: drm/virtio: Fix driver removal with disabled KMS","severity":"medium","cvss":5.5,"cves":["CVE-2026-53347"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53347","csirts_url":"https://www.csirts.com/advisory/cve-2026-53347-2887"},{"num":2888,"source_id":"msrc","external_id":"CVE-2026-53343","title":"CVE-2026-53343: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow","severity":"high","cvss":7.1,"cves":["CVE-2026-53343"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53343","csirts_url":"https://www.csirts.com/advisory/cve-2026-53343-2888"},{"num":6120,"source_id":"msrc","external_id":"CVE-2026-14145","title":"CVE-2026-14145: Chromium: CVE-2026-14145 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-14145"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14145","csirts_url":"https://www.csirts.com/advisory/cve-2026-14145-6120"},{"num":1049,"source_id":"msrc","external_id":"CVE-2026-14092","title":"CVE-2026-14092: Chromium: CVE-2026-14092 Insufficient policy enforcement in Privacy","severity":"unknown","cvss":null,"cves":["CVE-2026-14092"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14092","csirts_url":"https://www.csirts.com/advisory/cve-2026-14092-1049"},{"num":6117,"source_id":"msrc","external_id":"CVE-2026-14148","title":"CVE-2026-14148: Chromium: CVE-2026-14148 Type Confusion in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-14148"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14148","csirts_url":"https://www.csirts.com/advisory/cve-2026-14148-6117"},{"num":186420,"source_id":"msrc","external_id":"CVE-2026-59997","title":"CVE-2026-59997: internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection.","severity":"medium","cvss":4.2,"cves":["CVE-2026-59997"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59997","csirts_url":"https://www.csirts.com/advisory/cve-2026-59997-186420"},{"num":3499,"source_id":"msrc","external_id":"CVE-2026-14156","title":"CVE-2026-14156: Chromium: CVE-2026-14156 Policy bypass in StorageAccessAPI","severity":"unknown","cvss":null,"cves":["CVE-2026-14156"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14156","csirts_url":"https://www.csirts.com/advisory/cve-2026-14156-3499"},{"num":1831,"source_id":"msrc","external_id":"CVE-2026-53357","title":"CVE-2026-53357: Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del()","severity":"medium","cvss":5.9,"cves":["CVE-2026-53357"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53357","csirts_url":"https://www.csirts.com/advisory/cve-2026-53357-1831"},{"num":6114,"source_id":"msrc","external_id":"CVE-2026-14151","title":"CVE-2026-14151: Chromium: CVE-2026-14151 Inappropriate implementation in AI","severity":"unknown","cvss":null,"cves":["CVE-2026-14151"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14151","csirts_url":"https://www.csirts.com/advisory/cve-2026-14151-6114"},{"num":85929,"source_id":"msrc","external_id":"CVE-2026-10536","title":"CVE-2026-10536: HTTP/2 stream-dependency tree UAF","severity":"critical","cvss":9.8,"cves":["CVE-2026-10536"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10536","csirts_url":"https://www.csirts.com/advisory/cve-2026-10536-85929"},{"num":2592,"source_id":"msrc","external_id":"CVE-2026-57991","title":"CVE-2026-57991: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability","severity":"high","cvss":7.4,"cves":["CVE-2026-57991"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57991","csirts_url":"https://www.csirts.com/advisory/cve-2026-57991-2592"},{"num":6105,"source_id":"msrc","external_id":"CVE-2026-14082","title":"CVE-2026-14082: Chromium: CVE-2026-14082 Race in Storage","severity":"unknown","cvss":null,"cves":["CVE-2026-14082"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14082","csirts_url":"https://www.csirts.com/advisory/cve-2026-14082-6105"},{"num":6110,"source_id":"msrc","external_id":"CVE-2026-14016","title":"CVE-2026-14016: Chromium: CVE-2026-14016 Insufficient policy enforcement in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-14016"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14016","csirts_url":"https://www.csirts.com/advisory/cve-2026-14016-6110"},{"num":2847,"source_id":"msrc","external_id":"CVE-2026-13839","title":"CVE-2026-13839: Chromium: CVE-2026-13839 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-13839"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13839","csirts_url":"https://www.csirts.com/advisory/cve-2026-13839-2847"},{"num":6112,"source_id":"msrc","external_id":"CVE-2026-13989","title":"CVE-2026-13989: Chromium: CVE-2026-13989 Insufficient policy enforcement in PageInfo","severity":"unknown","cvss":null,"cves":["CVE-2026-13989"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13989","csirts_url":"https://www.csirts.com/advisory/cve-2026-13989-6112"},{"num":6116,"source_id":"msrc","external_id":"CVE-2026-14149","title":"CVE-2026-14149: Chromium: CVE-2026-14149 Use after free in Audio","severity":"unknown","cvss":null,"cves":["CVE-2026-14149"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14149","csirts_url":"https://www.csirts.com/advisory/cve-2026-14149-6116"},{"num":124149,"source_id":"msrc","external_id":"CVE-2026-54886","title":"CVE-2026-54886: SSH SFTP server denial of service via extended channel data infinite loop","severity":"unknown","cvss":null,"cves":["CVE-2026-54886"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54886","csirts_url":"https://www.csirts.com/advisory/cve-2026-54886-124149"},{"num":1969,"source_id":"msrc","external_id":"CVE-2026-14057","title":"CVE-2026-14057: Chromium: CVE-2026-14057 Insufficient policy enforcement in FedCM","severity":"unknown","cvss":null,"cves":["CVE-2026-14057"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14057","csirts_url":"https://www.csirts.com/advisory/cve-2026-14057-1969"},{"num":1077,"source_id":"msrc","external_id":"CVE-2026-14112","title":"CVE-2026-14112: Chromium: CVE-2026-14112 Inappropriate implementation in Enterprise","severity":"unknown","cvss":null,"cves":["CVE-2026-14112"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14112","csirts_url":"https://www.csirts.com/advisory/cve-2026-14112-1077"},{"num":5949,"source_id":"msrc","external_id":"CVE-2026-57975","title":"CVE-2026-57975: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-57975"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57975","csirts_url":"https://www.csirts.com/advisory/cve-2026-57975-5949"},{"num":6096,"source_id":"msrc","external_id":"CVE-2026-13957","title":"CVE-2026-13957: Chromium: CVE-2026-13957 Incorrect security UI in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13957"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13957","csirts_url":"https://www.csirts.com/advisory/cve-2026-13957-6096"},{"num":6097,"source_id":"msrc","external_id":"CVE-2026-13958","title":"CVE-2026-13958: Chromium: CVE-2026-13958 Uninitialized Use in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-13958"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13958","csirts_url":"https://www.csirts.com/advisory/cve-2026-13958-6097"},{"num":1088,"source_id":"msrc","external_id":"CVE-2026-14045","title":"CVE-2026-14045: Chromium: CVE-2026-14045 Insufficient validation of untrusted input in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-14045"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14045","csirts_url":"https://www.csirts.com/advisory/cve-2026-14045-1088"},{"num":1623,"source_id":"msrc","external_id":"CVE-2026-45499","title":"CVE-2026-45499: Azure OpenAI Elevation of Privilege Vulnerability","severity":"critical","cvss":9.9,"cves":["CVE-2026-45499"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45499","csirts_url":"https://www.csirts.com/advisory/cve-2026-45499-1623"},{"num":2101,"source_id":"msrc","external_id":"CVE-2026-13793","title":"CVE-2026-13793: Chromium: CVE-2026-13793 Insufficient policy enforcement in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-13793"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13793","csirts_url":"https://www.csirts.com/advisory/cve-2026-13793-2101"},{"num":6051,"source_id":"msrc","external_id":"CVE-2026-13818","title":"CVE-2026-13818: Chromium: CVE-2026-13818 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13818"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13818","csirts_url":"https://www.csirts.com/advisory/cve-2026-13818-6051"},{"num":6162,"source_id":"msrc","external_id":"CVE-2026-14002","title":"CVE-2026-14002: Chromium: CVE-2026-14002 Inappropriate implementation in Geolocation","severity":"unknown","cvss":null,"cves":["CVE-2026-14002"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14002","csirts_url":"https://www.csirts.com/advisory/cve-2026-14002-6162"},{"num":3543,"source_id":"msrc","external_id":"CVE-2026-13970","title":"CVE-2026-13970: Chromium: CVE-2026-13970 Uninitialized Use in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-13970"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13970","csirts_url":"https://www.csirts.com/advisory/cve-2026-13970-3543"},{"num":6098,"source_id":"msrc","external_id":"CVE-2026-13959","title":"CVE-2026-13959: Chromium: CVE-2026-13959 Insufficient validation of untrusted input in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-13959"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13959","csirts_url":"https://www.csirts.com/advisory/cve-2026-13959-6098"},{"num":3496,"source_id":"msrc","external_id":"CVE-2026-14142","title":"CVE-2026-14142: Chromium: CVE-2026-14142 Inappropriate implementation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-14142"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14142","csirts_url":"https://www.csirts.com/advisory/cve-2026-14142-3496"},{"num":1089,"source_id":"msrc","external_id":"CVE-2026-14044","title":"CVE-2026-14044: Chromium: CVE-2026-14044 Use after free in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-14044"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14044","csirts_url":"https://www.csirts.com/advisory/cve-2026-14044-1089"},{"num":6057,"source_id":"msrc","external_id":"CVE-2026-13836","title":"CVE-2026-13836: Chromium: CVE-2026-13836 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-13836"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13836","csirts_url":"https://www.csirts.com/advisory/cve-2026-13836-6057"},{"num":3491,"source_id":"msrc","external_id":"CVE-2026-13947","title":"CVE-2026-13947: Chromium: CVE-2026-13947 Uninitialized Use in XR","severity":"unknown","cvss":null,"cves":["CVE-2026-13947"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13947","csirts_url":"https://www.csirts.com/advisory/cve-2026-13947-3491"},{"num":6093,"source_id":"msrc","external_id":"CVE-2026-13952","title":"CVE-2026-13952: Chromium: CVE-2026-13952 Inappropriate implementation in PerformanceAPIs","severity":"unknown","cvss":null,"cves":["CVE-2026-13952"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13952","csirts_url":"https://www.csirts.com/advisory/cve-2026-13952-6093"},{"num":6094,"source_id":"msrc","external_id":"CVE-2026-13953","title":"CVE-2026-13953: Chromium: CVE-2026-13953 Inappropriate implementation in SplitView","severity":"unknown","cvss":null,"cves":["CVE-2026-13953"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13953","csirts_url":"https://www.csirts.com/advisory/cve-2026-13953-6094"},{"num":1039,"source_id":"msrc","external_id":"CVE-2026-13950","title":"CVE-2026-13950: Chromium: CVE-2026-13950 Uninitialized Use in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-13950"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13950","csirts_url":"https://www.csirts.com/advisory/cve-2026-13950-1039"},{"num":6171,"source_id":"msrc","external_id":"CVE-2026-13954","title":"CVE-2026-13954: Chromium: CVE-2026-13954 Insufficient policy enforcement in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-13954"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13954","csirts_url":"https://www.csirts.com/advisory/cve-2026-13954-6171"},{"num":186424,"source_id":"msrc","external_id":"CVE-2026-60000","title":"CVE-2026-60000: sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.","severity":"low","cvss":3.7,"cves":["CVE-2026-60000"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-60000","csirts_url":"https://www.csirts.com/advisory/cve-2026-60000-186424"},{"num":6161,"source_id":"msrc","external_id":"CVE-2026-14003","title":"CVE-2026-14003: Chromium: CVE-2026-14003 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-14003"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14003","csirts_url":"https://www.csirts.com/advisory/cve-2026-14003-6161"},{"num":1603,"source_id":"msrc","external_id":"CVE-2026-14068","title":"CVE-2026-14068: Chromium: CVE-2026-14068 Inappropriate implementation in Omnibox","severity":"unknown","cvss":null,"cves":["CVE-2026-14068"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14068","csirts_url":"https://www.csirts.com/advisory/cve-2026-14068-1603"},{"num":6102,"source_id":"msrc","external_id":"CVE-2026-14130","title":"CVE-2026-14130: Chromium: CVE-2026-14130 Incorrect security UI in Omnibox","severity":"unknown","cvss":null,"cves":["CVE-2026-14130"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14130","csirts_url":"https://www.csirts.com/advisory/cve-2026-14130-6102"},{"num":1784,"source_id":"msrc","external_id":"CVE-2026-57992","title":"CVE-2026-57992: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-57992"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57992","csirts_url":"https://www.csirts.com/advisory/cve-2026-57992-1784"},{"num":6101,"source_id":"msrc","external_id":"CVE-2026-13774","title":"CVE-2026-13774: Chromium: CVE-2026-13774 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13774"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13774","csirts_url":"https://www.csirts.com/advisory/cve-2026-13774-6101"},{"num":3670,"source_id":"msrc","external_id":"CVE-2026-41579","title":"CVE-2026-41579: runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations","severity":"low","cvss":3.3,"cves":["CVE-2026-41579"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41579","csirts_url":"https://www.csirts.com/advisory/cve-2026-41579-3670"},{"num":6155,"source_id":"msrc","external_id":"CVE-2026-14020","title":"CVE-2026-14020: Chromium: CVE-2026-14020 Insufficient validation of untrusted input in WebXR","severity":"unknown","cvss":null,"cves":["CVE-2026-14020"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14020","csirts_url":"https://www.csirts.com/advisory/cve-2026-14020-6155"},{"num":3483,"source_id":"msrc","external_id":"CVE-2026-13783","title":"CVE-2026-13783: Chromium: CVE-2026-13783 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-13783"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13783","csirts_url":"https://www.csirts.com/advisory/cve-2026-13783-3483"},{"num":6052,"source_id":"msrc","external_id":"CVE-2026-13829","title":"CVE-2026-13829: Chromium: CVE-2026-13829 Insufficient validation of untrusted input in Settings","severity":"unknown","cvss":null,"cves":["CVE-2026-13829"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13829","csirts_url":"https://www.csirts.com/advisory/cve-2026-13829-6052"},{"num":994,"source_id":"msrc","external_id":"CVE-2026-13919","title":"CVE-2026-13919: Chromium: CVE-2026-13919 Insufficient data validation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13919"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13919","csirts_url":"https://www.csirts.com/advisory/cve-2026-13919-994"},{"num":6133,"source_id":"msrc","external_id":"CVE-2026-14104","title":"CVE-2026-14104: Chromium: CVE-2026-14104 Insufficient validation of untrusted input in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-14104"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14104","csirts_url":"https://www.csirts.com/advisory/cve-2026-14104-6133"},{"num":1849,"source_id":"msrc","external_id":"CVE-2026-54998","title":"CVE-2026-54998: Microsoft Exchange Online Elevation of Privilege Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-54998"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54998","csirts_url":"https://www.csirts.com/advisory/cve-2026-54998-1849"},{"num":1085,"source_id":"msrc","external_id":"CVE-2026-14046","title":"CVE-2026-14046: Chromium: CVE-2026-14046 Inappropriate implementation in CustomTabs","severity":"unknown","cvss":null,"cves":["CVE-2026-14046"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14046","csirts_url":"https://www.csirts.com/advisory/cve-2026-14046-1085"},{"num":6134,"source_id":"msrc","external_id":"CVE-2026-14103","title":"CVE-2026-14103: Chromium: CVE-2026-14103 Use after free in SSL","severity":"unknown","cvss":null,"cves":["CVE-2026-14103"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14103","csirts_url":"https://www.csirts.com/advisory/cve-2026-14103-6134"},{"num":2518,"source_id":"msrc","external_id":"CVE-2026-13779","title":"CVE-2026-13779: Chromium: CVE-2026-13779 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-13779"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13779","csirts_url":"https://www.csirts.com/advisory/cve-2026-13779-2518"},{"num":2978,"source_id":"msrc","external_id":"CVE-2026-13844","title":"CVE-2026-13844: Chromium: CVE-2026-13844 Use after free in Updater","severity":"unknown","cvss":null,"cves":["CVE-2026-13844"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13844","csirts_url":"https://www.csirts.com/advisory/cve-2026-13844-2978"},{"num":3195,"source_id":"msrc","external_id":"CVE-2026-13855","title":"CVE-2026-13855: Chromium: CVE-2026-13855 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-13855"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13855","csirts_url":"https://www.csirts.com/advisory/cve-2026-13855-3195"},{"num":1061,"source_id":"msrc","external_id":"CVE-2026-14133","title":"CVE-2026-14133: Chromium: CVE-2026-14133 Race in History Embeddings","severity":"unknown","cvss":null,"cves":["CVE-2026-14133"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14133","csirts_url":"https://www.csirts.com/advisory/cve-2026-14133-1061"},{"num":6176,"source_id":"msrc","external_id":"CVE-2026-58295","title":"CVE-2026-58295: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability","severity":"high","cvss":8.3,"cves":["CVE-2026-58295"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58295","csirts_url":"https://www.csirts.com/advisory/cve-2026-58295-6176"},{"num":124151,"source_id":"msrc","external_id":"CVE-2026-14647","title":"CVE-2026-14647: onnx onnxruntime old.cc convPoolShapeInference_opset19 out-of-bounds","severity":"medium","cvss":4.3,"cves":["CVE-2026-14647"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14647","csirts_url":"https://www.csirts.com/advisory/cve-2026-14647-124151"},{"num":2548,"source_id":"msrc","external_id":"CVE-2026-14094","title":"CVE-2026-14094: Chromium: CVE-2026-14094 Use after free in Installer","severity":"unknown","cvss":null,"cves":["CVE-2026-14094"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14094","csirts_url":"https://www.csirts.com/advisory/cve-2026-14094-2548"},{"num":1011,"source_id":"msrc","external_id":"CVE-2026-13930","title":"CVE-2026-13930: Chromium: CVE-2026-13930 Insufficient policy enforcement in Actor","severity":"unknown","cvss":null,"cves":["CVE-2026-13930"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13930","csirts_url":"https://www.csirts.com/advisory/cve-2026-13930-1011"},{"num":6128,"source_id":"msrc","external_id":"CVE-2026-14119","title":"CVE-2026-14119: Chromium: CVE-2026-14119 Type Confusion in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-14119"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14119","csirts_url":"https://www.csirts.com/advisory/cve-2026-14119-6128"},{"num":6092,"source_id":"msrc","external_id":"CVE-2026-13951","title":"CVE-2026-13951: Chromium: CVE-2026-13951 Policy bypass in USB","severity":"unknown","cvss":null,"cves":["CVE-2026-13951"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13951","csirts_url":"https://www.csirts.com/advisory/cve-2026-13951-6092"},{"num":186427,"source_id":"msrc","external_id":"CVE-2026-56002","title":"CVE-2026-56002: libXfont2 PCF Font Parsing Heap Buffer Overflow","severity":"high","cvss":8.5,"cves":["CVE-2026-56002"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56002","csirts_url":"https://www.csirts.com/advisory/cve-2026-56002-186427"},{"num":186428,"source_id":"msrc","external_id":"CVE-2026-56000","title":"CVE-2026-56000: xorg-x11-server / xwayland GLX contextTags Use-After-Free in CommonMakeCurrent()","severity":"unknown","cvss":null,"cves":["CVE-2026-56000"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56000","csirts_url":"https://www.csirts.com/advisory/cve-2026-56000-186428"},{"num":2011,"source_id":"msrc","external_id":"CVE-2026-53332","title":"CVE-2026-53332: slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd","severity":"medium","cvss":5.5,"cves":["CVE-2026-53332"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53332","csirts_url":"https://www.csirts.com/advisory/cve-2026-53332-2011"},{"num":6082,"source_id":"msrc","external_id":"CVE-2026-13909","title":"CVE-2026-13909: Chromium: CVE-2026-13909 Insufficient policy enforcement in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-13909"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13909","csirts_url":"https://www.csirts.com/advisory/cve-2026-13909-6082"},{"num":6085,"source_id":"msrc","external_id":"CVE-2026-13911","title":"CVE-2026-13911: Chromium: CVE-2026-13911 Insufficient data validation in Spellcheck","severity":"unknown","cvss":null,"cves":["CVE-2026-13911"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13911","csirts_url":"https://www.csirts.com/advisory/cve-2026-13911-6085"},{"num":124148,"source_id":"msrc","external_id":"CVE-2026-55952","title":"CVE-2026-55952: TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension","severity":"unknown","cvss":null,"cves":["CVE-2026-55952"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55952","csirts_url":"https://www.csirts.com/advisory/cve-2026-55952-124148"},{"num":2538,"source_id":"msrc","external_id":"CVE-2026-14077","title":"CVE-2026-14077: Chromium: CVE-2026-14077 Incorrect security UI in Select","severity":"unknown","cvss":null,"cves":["CVE-2026-14077"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14077","csirts_url":"https://www.csirts.com/advisory/cve-2026-14077-2538"},{"num":6111,"source_id":"msrc","external_id":"CVE-2026-14006","title":"CVE-2026-14006: Chromium: CVE-2026-14006 Use after free in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-14006"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14006","csirts_url":"https://www.csirts.com/advisory/cve-2026-14006-6111"},{"num":882,"source_id":"msrc","external_id":"CVE-2026-55945","title":"CVE-2026-55945: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability","severity":"medium","cvss":4.2,"cves":["CVE-2026-55945"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55945","csirts_url":"https://www.csirts.com/advisory/cve-2026-55945-882"},{"num":2560,"source_id":"msrc","external_id":"CVE-2026-14041","title":"CVE-2026-14041: Chromium: CVE-2026-14041 Insufficient policy enforcement in Serial","severity":"unknown","cvss":null,"cves":["CVE-2026-14041"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14041","csirts_url":"https://www.csirts.com/advisory/cve-2026-14041-2560"},{"num":2003,"source_id":"msrc","external_id":"CVE-2026-14030","title":"CVE-2026-14030: Chromium: CVE-2026-14030 Incorrect security UI in SplitView","severity":"unknown","cvss":null,"cves":["CVE-2026-14030"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14030","csirts_url":"https://www.csirts.com/advisory/cve-2026-14030-2003"},{"num":6177,"source_id":"msrc","external_id":"CVE-2026-58296","title":"CVE-2026-58296: Microsoft Edge for Android Information Disclosure Vulnerability","severity":"high","cvss":7.1,"cves":["CVE-2026-58296"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58296","csirts_url":"https://www.csirts.com/advisory/cve-2026-58296-6177"},{"num":5450,"source_id":"msrc","external_id":"CVE-2026-13922","title":"CVE-2026-13922: Chromium: CVE-2026-13922 Side-channel information leakage in Paint","severity":"unknown","cvss":null,"cves":["CVE-2026-13922"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13922","csirts_url":"https://www.csirts.com/advisory/cve-2026-13922-5450"},{"num":2846,"source_id":"msrc","external_id":"CVE-2026-13838","title":"CVE-2026-13838: Chromium: CVE-2026-13838 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-13838"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13838","csirts_url":"https://www.csirts.com/advisory/cve-2026-13838-2846"},{"num":2886,"source_id":"msrc","external_id":"CVE-2026-53355","title":"CVE-2026-53355: net: rds: clear i_sends on setup unwind","severity":"medium","cvss":5.5,"cves":["CVE-2026-53355"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53355","csirts_url":"https://www.csirts.com/advisory/cve-2026-53355-2886"},{"num":1034,"source_id":"msrc","external_id":"CVE-2026-13935","title":"CVE-2026-13935: Chromium: CVE-2026-13935 Side-channel information leakage in ComputePressure","severity":"unknown","cvss":null,"cves":["CVE-2026-13935"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13935","csirts_url":"https://www.csirts.com/advisory/cve-2026-13935-1034"},{"num":2160,"source_id":"msrc","external_id":"CVE-2026-14023","title":"CVE-2026-14023: Chromium: CVE-2026-14023 Insufficient validation of untrusted input in SanitizerAPI","severity":"unknown","cvss":null,"cves":["CVE-2026-14023"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14023","csirts_url":"https://www.csirts.com/advisory/cve-2026-14023-2160"},{"num":1037,"source_id":"msrc","external_id":"CVE-2026-13937","title":"CVE-2026-13937: Chromium: CVE-2026-13937 Insufficient policy enforcement in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13937"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13937","csirts_url":"https://www.csirts.com/advisory/cve-2026-13937-1037"},{"num":2501,"source_id":"msrc","external_id":"CVE-2026-58299","title":"CVE-2026-58299: Microsoft Edge for Android Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-58299"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58299","csirts_url":"https://www.csirts.com/advisory/cve-2026-58299-2501"},{"num":186451,"source_id":"msrc","external_id":"CVE-2026-14191","title":"CVE-2026-14191: WinRAR / UnRAR RAR5 recovery-volume (.rev) out-of-bounds heap write in RecVolumes5::ReadHeader","severity":"high","cvss":7.8,"cves":["CVE-2026-14191"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14191","csirts_url":"https://www.csirts.com/advisory/cve-2026-14191-186451"},{"num":6080,"source_id":"msrc","external_id":"CVE-2026-13901","title":"CVE-2026-13901: Chromium: CVE-2026-13901 Insufficient validation of untrusted input in Serial","severity":"unknown","cvss":null,"cves":["CVE-2026-13901"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13901","csirts_url":"https://www.csirts.com/advisory/cve-2026-13901-6080"},{"num":6059,"source_id":"msrc","external_id":"CVE-2026-13834","title":"CVE-2026-13834: Chromium: CVE-2026-13834 Insufficient validation of untrusted input in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-13834"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13834","csirts_url":"https://www.csirts.com/advisory/cve-2026-13834-6059"},{"num":2495,"source_id":"msrc","external_id":"CVE-2026-57993","title":"CVE-2026-57993: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"high","cvss":7.4,"cves":["CVE-2026-57993"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57993","csirts_url":"https://www.csirts.com/advisory/cve-2026-57993-2495"},{"num":942,"source_id":"msrc","external_id":"CVE-2026-13896","title":"CVE-2026-13896: Chromium: CVE-2026-13896 Insufficient policy enforcement in Glic","severity":"unknown","cvss":null,"cves":["CVE-2026-13896"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13896","csirts_url":"https://www.csirts.com/advisory/cve-2026-13896-942"},{"num":2523,"source_id":"msrc","external_id":"CVE-2026-13906","title":"CVE-2026-13906: Chromium: CVE-2026-13906 Out of bounds read in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-13906"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13906","csirts_url":"https://www.csirts.com/advisory/cve-2026-13906-2523"},{"num":186448,"source_id":"msrc","external_id":"CVE-2026-56001","title":"CVE-2026-56001: libXfont2 BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow","severity":"high","cvss":8.5,"cves":["CVE-2026-56001"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56001","csirts_url":"https://www.csirts.com/advisory/cve-2026-56001-186448"},{"num":930,"source_id":"msrc","external_id":"CVE-2026-13895","title":"CVE-2026-13895: Chromium: CVE-2026-13895 Inappropriate implementation in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-13895"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13895","csirts_url":"https://www.csirts.com/advisory/cve-2026-13895-930"},{"num":6079,"source_id":"msrc","external_id":"CVE-2026-13900","title":"CVE-2026-13900: Chromium: CVE-2026-13900 Insufficient validation of untrusted input in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13900"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13900","csirts_url":"https://www.csirts.com/advisory/cve-2026-13900-6079"},{"num":6035,"source_id":"msrc","external_id":"CVE-2026-14084","title":"CVE-2026-14084: Chromium: CVE-2026-14084 Insufficient validation of untrusted input in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-14084"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14084","csirts_url":"https://www.csirts.com/advisory/cve-2026-14084-6035"},{"num":3916,"source_id":"msrc","external_id":"CVE-2026-13881","title":"CVE-2026-13881: Chromium: CVE-2026-13881 Insufficient data validation in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-13881"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13881","csirts_url":"https://www.csirts.com/advisory/cve-2026-13881-3916"},{"num":6076,"source_id":"msrc","external_id":"CVE-2026-13893","title":"CVE-2026-13893: Chromium: CVE-2026-13893 Insufficient validation of untrusted input in WebUI","severity":"unknown","cvss":null,"cves":["CVE-2026-13893"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13893","csirts_url":"https://www.csirts.com/advisory/cve-2026-13893-6076"},{"num":6078,"source_id":"msrc","external_id":"CVE-2026-13899","title":"CVE-2026-13899: Chromium: CVE-2026-13899 Use after free in HTML","severity":"unknown","cvss":null,"cves":["CVE-2026-13899"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13899","csirts_url":"https://www.csirts.com/advisory/cve-2026-13899-6078"},{"num":6087,"source_id":"msrc","external_id":"CVE-2026-13931","title":"CVE-2026-13931: Chromium: CVE-2026-13931 Inappropriate implementation in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-13931"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13931","csirts_url":"https://www.csirts.com/advisory/cve-2026-13931-6087"},{"num":186429,"source_id":"msrc","external_id":"CVE-2026-38968","title":"CVE-2026-38968: ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding session cookies under attacker-controlled timing.","severity":"critical","cvss":9.8,"cves":["CVE-2026-38968"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-38968","csirts_url":"https://www.csirts.com/advisory/cve-2026-38968-186429"},{"num":1123,"source_id":"msrc","external_id":"CVE-2026-14008","title":"CVE-2026-14008: Chromium: CVE-2026-14008 Uninitialized Use in WebXR","severity":"unknown","cvss":null,"cves":["CVE-2026-14008"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14008","csirts_url":"https://www.csirts.com/advisory/cve-2026-14008-1123"},{"num":6086,"source_id":"msrc","external_id":"CVE-2026-13921","title":"CVE-2026-13921: Chromium: CVE-2026-13921 Insufficient validation of untrusted input in DeviceBoundSessionCredentials","severity":"unknown","cvss":null,"cves":["CVE-2026-13921"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13921","csirts_url":"https://www.csirts.com/advisory/cve-2026-13921-6086"},{"num":3555,"source_id":"msrc","external_id":"CVE-2026-14138","title":"CVE-2026-14138: Chromium: CVE-2026-14138 Inappropriate implementation in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-14138"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14138","csirts_url":"https://www.csirts.com/advisory/cve-2026-14138-3555"},{"num":3856,"source_id":"msrc","external_id":"CVE-2026-13876","title":"CVE-2026-13876: Chromium: CVE-2026-13876 Inappropriate implementation in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-13876"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13876","csirts_url":"https://www.csirts.com/advisory/cve-2026-13876-3856"},{"num":6106,"source_id":"msrc","external_id":"CVE-2026-14071","title":"CVE-2026-14071: Chromium: CVE-2026-14071 Side-channel information leakage in WebAudio","severity":"unknown","cvss":null,"cves":["CVE-2026-14071"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14071","csirts_url":"https://www.csirts.com/advisory/cve-2026-14071-6106"},{"num":6165,"source_id":"msrc","external_id":"CVE-2026-13999","title":"CVE-2026-13999: Chromium: CVE-2026-13999 Inappropriate implementation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13999"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13999","csirts_url":"https://www.csirts.com/advisory/cve-2026-13999-6165"},{"num":3567,"source_id":"msrc","external_id":"CVE-2026-14113","title":"CVE-2026-14113: Chromium: CVE-2026-14113 Use after free in Updater","severity":"unknown","cvss":null,"cves":["CVE-2026-14113"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14113","csirts_url":"https://www.csirts.com/advisory/cve-2026-14113-3567"},{"num":6144,"source_id":"msrc","external_id":"CVE-2026-14080","title":"CVE-2026-14080: Chromium: CVE-2026-14080 Insufficient validation of untrusted input in TabSwitcher","severity":"unknown","cvss":null,"cves":["CVE-2026-14080"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14080","csirts_url":"https://www.csirts.com/advisory/cve-2026-14080-6144"},{"num":186422,"source_id":"msrc","external_id":"CVE-2026-59995","title":"CVE-2026-59995: sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when \"sftp server:/path .\" is used with an attacker-controlled server.","severity":"medium","cvss":4.2,"cves":["CVE-2026-59995"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59995","csirts_url":"https://www.csirts.com/advisory/cve-2026-59995-186422"},{"num":914,"source_id":"msrc","external_id":"CVE-2026-13867","title":"CVE-2026-13867: Chromium: CVE-2026-13867 Inappropriate implementation in Geolocation","severity":"unknown","cvss":null,"cves":["CVE-2026-13867"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13867","csirts_url":"https://www.csirts.com/advisory/cve-2026-13867-914"},{"num":85928,"source_id":"msrc","external_id":"CVE-2026-8924","title":"CVE-2026-8924: trailing dot domain super cookie","severity":"critical","cvss":9.1,"cves":["CVE-2026-8924"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8924","csirts_url":"https://www.csirts.com/advisory/cve-2026-8924-85928"},{"num":3738,"source_id":"msrc","external_id":"CVE-2026-13869","title":"CVE-2026-13869: Chromium: CVE-2026-13869 Use after free in Device","severity":"unknown","cvss":null,"cves":["CVE-2026-13869"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13869","csirts_url":"https://www.csirts.com/advisory/cve-2026-13869-3738"},{"num":186425,"source_id":"msrc","external_id":"CVE-2026-59999","title":"CVE-2026-59999: In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.","severity":"medium","cvss":5.9,"cves":["CVE-2026-59999"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59999","csirts_url":"https://www.csirts.com/advisory/cve-2026-59999-186425"},{"num":3481,"source_id":"msrc","external_id":"CVE-2026-13780","title":"CVE-2026-13780: Chromium: CVE-2026-13780 Insufficient validation of untrusted input in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-13780"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13780","csirts_url":"https://www.csirts.com/advisory/cve-2026-13780-3481"},{"num":6131,"source_id":"msrc","external_id":"CVE-2026-14110","title":"CVE-2026-14110: Chromium: CVE-2026-14110 Inappropriate implementation in DarkMode","severity":"unknown","cvss":null,"cves":["CVE-2026-14110"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14110","csirts_url":"https://www.csirts.com/advisory/cve-2026-14110-6131"},{"num":2606,"source_id":"msrc","external_id":"CVE-2026-58297","title":"CVE-2026-58297: Microsoft Edge for Android Information Disclosure Vulnerability","severity":"high","cvss":7.1,"cves":["CVE-2026-58297"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58297","csirts_url":"https://www.csirts.com/advisory/cve-2026-58297-2606"},{"num":6056,"source_id":"msrc","external_id":"CVE-2026-13837","title":"CVE-2026-13837: Chromium: CVE-2026-13837 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-13837"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13837","csirts_url":"https://www.csirts.com/advisory/cve-2026-13837-6056"},{"num":3549,"source_id":"msrc","external_id":"CVE-2026-13865","title":"CVE-2026-13865: Chromium: CVE-2026-13865 Insufficient validation of untrusted input in Enterprise","severity":"unknown","cvss":null,"cves":["CVE-2026-13865"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13865","csirts_url":"https://www.csirts.com/advisory/cve-2026-13865-3549"},{"num":791,"source_id":"msrc","external_id":"CVE-2026-53345","title":"CVE-2026-53345: KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying","severity":"medium","cvss":6.5,"cves":["CVE-2026-53345"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53345","csirts_url":"https://www.csirts.com/advisory/cve-2026-53345-791"},{"num":3972,"source_id":"msrc","external_id":"CVE-2026-13879","title":"CVE-2026-13879: Chromium: CVE-2026-13879 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-13879"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13879","csirts_url":"https://www.csirts.com/advisory/cve-2026-13879-3972"},{"num":5847,"source_id":"msrc","external_id":"CVE-2026-14069","title":"CVE-2026-14069: Chromium: CVE-2026-14069 Integer overflow in WebNN","severity":"unknown","cvss":null,"cves":["CVE-2026-14069"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14069","csirts_url":"https://www.csirts.com/advisory/cve-2026-14069-5847"},{"num":6103,"source_id":"msrc","external_id":"CVE-2026-14116","title":"CVE-2026-14116: Chromium: CVE-2026-14116 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14116"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14116","csirts_url":"https://www.csirts.com/advisory/cve-2026-14116-6103"},{"num":1081,"source_id":"msrc","external_id":"CVE-2026-14081","title":"CVE-2026-14081: Chromium: CVE-2026-14081 Insufficient policy enforcement in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14081"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14081","csirts_url":"https://www.csirts.com/advisory/cve-2026-14081-1081"},{"num":6095,"source_id":"msrc","external_id":"CVE-2026-13956","title":"CVE-2026-13956: Chromium: CVE-2026-13956 Incorrect security UI in PageInfo","severity":"unknown","cvss":null,"cves":["CVE-2026-13956"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13956","csirts_url":"https://www.csirts.com/advisory/cve-2026-13956-6095"},{"num":183,"source_id":"msrc","external_id":"CVE-2026-13963","title":"CVE-2026-13963: Chromium: CVE-2026-13963 Inappropriate implementation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-13963"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13963","csirts_url":"https://www.csirts.com/advisory/cve-2026-13963-183"},{"num":2455,"source_id":"msrc","external_id":"CVE-2026-57100","title":"CVE-2026-57100: Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability","severity":"critical","cvss":9.9,"cves":["CVE-2026-57100"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57100","csirts_url":"https://www.csirts.com/advisory/cve-2026-57100-2455"},{"num":6143,"source_id":"msrc","external_id":"CVE-2026-14087","title":"CVE-2026-14087: Chromium: CVE-2026-14087 Insufficient validation of untrusted input in WebNN","severity":"unknown","cvss":null,"cves":["CVE-2026-14087"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14087","csirts_url":"https://www.csirts.com/advisory/cve-2026-14087-6143"},{"num":179,"source_id":"msrc","external_id":"CVE-2026-13990","title":"CVE-2026-13990: Chromium: CVE-2026-13990 Insufficient validation of untrusted input in DataTransfer","severity":"unknown","cvss":null,"cves":["CVE-2026-13990"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13990","csirts_url":"https://www.csirts.com/advisory/cve-2026-13990-179"},{"num":1053,"source_id":"msrc","external_id":"CVE-2026-14154","title":"CVE-2026-14154: Chromium: CVE-2026-14154 Inappropriate implementation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14154"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14154","csirts_url":"https://www.csirts.com/advisory/cve-2026-14154-1053"},{"num":6140,"source_id":"msrc","external_id":"CVE-2026-14091","title":"CVE-2026-14091: Chromium: CVE-2026-14091 Use after free in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14091"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14091","csirts_url":"https://www.csirts.com/advisory/cve-2026-14091-6140"},{"num":85934,"source_id":"msrc","external_id":"CVE-2026-8925","title":"CVE-2026-8925: SASL double-free","severity":"medium","cvss":5.9,"cves":["CVE-2026-8925"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8925","csirts_url":"https://www.csirts.com/advisory/cve-2026-8925-85934"},{"num":3568,"source_id":"msrc","external_id":"CVE-2026-14111","title":"CVE-2026-14111: Chromium: CVE-2026-14111 Use after free in WebProtect","severity":"unknown","cvss":null,"cves":["CVE-2026-14111"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14111","csirts_url":"https://www.csirts.com/advisory/cve-2026-14111-3568"},{"num":175,"source_id":"msrc","external_id":"CVE-2026-14053","title":"CVE-2026-14053: Chromium: CVE-2026-14053 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-14053"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14053","csirts_url":"https://www.csirts.com/advisory/cve-2026-14053-175"},{"num":6115,"source_id":"msrc","external_id":"CVE-2026-14150","title":"CVE-2026-14150: Chromium: CVE-2026-14150 Insufficient validation of untrusted input in Speech","severity":"unknown","cvss":null,"cves":["CVE-2026-14150"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14150","csirts_url":"https://www.csirts.com/advisory/cve-2026-14150-6115"},{"num":3273,"source_id":"msrc","external_id":"CVE-2026-13858","title":"CVE-2026-13858: Chromium: CVE-2026-13858 Out of bounds read in FFmpeg","severity":"unknown","cvss":null,"cves":["CVE-2026-13858"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13858","csirts_url":"https://www.csirts.com/advisory/cve-2026-13858-3273"},{"num":6179,"source_id":"msrc","external_id":"CVE-2026-58524","title":"CVE-2026-58524: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-58524"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58524","csirts_url":"https://www.csirts.com/advisory/cve-2026-58524-6179"},{"num":85951,"source_id":"msrc","external_id":"CVE-2026-9079","title":"CVE-2026-9079: stale proxy password leak","severity":"unknown","cvss":null,"cves":["CVE-2026-9079"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9079","csirts_url":"https://www.csirts.com/advisory/cve-2026-9079-85951"},{"num":85932,"source_id":"msrc","external_id":"CVE-2026-8926","title":"CVE-2026-8926: password leak with netrc and user in URL","severity":"critical","cvss":9.1,"cves":["CVE-2026-8926"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8926","csirts_url":"https://www.csirts.com/advisory/cve-2026-8926-85932"},{"num":85933,"source_id":"msrc","external_id":"CVE-2026-9080","title":"CVE-2026-9080: UAF after pause in socket callback","severity":"low","cvss":3.7,"cves":["CVE-2026-9080"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9080","csirts_url":"https://www.csirts.com/advisory/cve-2026-9080-85933"},{"num":6150,"source_id":"msrc","external_id":"CVE-2026-14037","title":"CVE-2026-14037: Chromium: CVE-2026-14037 Insufficient policy enforcement in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-14037"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14037","csirts_url":"https://www.csirts.com/advisory/cve-2026-14037-6150"},{"num":2502,"source_id":"msrc","external_id":"CVE-2026-58523","title":"CVE-2026-58523: Microsoft Edge for Android Security Feature Bypass Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-58523"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58523","csirts_url":"https://www.csirts.com/advisory/cve-2026-58523-2502"},{"num":6147,"source_id":"msrc","external_id":"CVE-2026-14047","title":"CVE-2026-14047: Chromium: CVE-2026-14047 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-14047"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14047","csirts_url":"https://www.csirts.com/advisory/cve-2026-14047-6147"},{"num":3480,"source_id":"msrc","external_id":"CVE-2026-58287","title":"CVE-2026-58287: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.3,"cves":["CVE-2026-58287"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58287","csirts_url":"https://www.csirts.com/advisory/cve-2026-58287-3480"},{"num":6063,"source_id":"msrc","external_id":"CVE-2026-13871","title":"CVE-2026-13871: Chromium: CVE-2026-13871 Insufficient data validation in GuestView","severity":"unknown","cvss":null,"cves":["CVE-2026-13871"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13871","csirts_url":"https://www.csirts.com/advisory/cve-2026-13871-6063"},{"num":3053,"source_id":"msrc","external_id":"CVE-2026-13848","title":"CVE-2026-13848: Chromium: CVE-2026-13848 Use after free in Forms","severity":"unknown","cvss":null,"cves":["CVE-2026-13848"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13848","csirts_url":"https://www.csirts.com/advisory/cve-2026-13848-3053"},{"num":6139,"source_id":"msrc","external_id":"CVE-2026-14093","title":"CVE-2026-14093: Chromium: CVE-2026-14093 Use after free in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-14093"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14093","csirts_url":"https://www.csirts.com/advisory/cve-2026-14093-6139"},{"num":85931,"source_id":"msrc","external_id":"CVE-2026-8286","title":"CVE-2026-8286: wrong STARTTLS connection reuse","severity":"high","cvss":8.1,"cves":["CVE-2026-8286"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8286","csirts_url":"https://www.csirts.com/advisory/cve-2026-8286-85931"},{"num":6061,"source_id":"msrc","external_id":"CVE-2026-13854","title":"CVE-2026-13854: Chromium: CVE-2026-13854 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-13854"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13854","csirts_url":"https://www.csirts.com/advisory/cve-2026-13854-6061"},{"num":174,"source_id":"msrc","external_id":"CVE-2026-14058","title":"CVE-2026-14058: Chromium: CVE-2026-14058 Policy bypass in Parser","severity":"unknown","cvss":null,"cves":["CVE-2026-14058"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14058","csirts_url":"https://www.csirts.com/advisory/cve-2026-14058-174"},{"num":6067,"source_id":"msrc","external_id":"CVE-2026-13877","title":"CVE-2026-13877: Chromium: CVE-2026-13877 Insufficient validation of untrusted input in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-13877"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13877","csirts_url":"https://www.csirts.com/advisory/cve-2026-13877-6067"},{"num":2177,"source_id":"msrc","external_id":"CVE-2026-14010","title":"CVE-2026-14010: Chromium: CVE-2026-14010 Uninitialized Use in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-14010"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14010","csirts_url":"https://www.csirts.com/advisory/cve-2026-14010-2177"},{"num":5853,"source_id":"msrc","external_id":"CVE-2026-14051","title":"CVE-2026-14051: Chromium: CVE-2026-14051 Uninitialized Use in GamepadAPI","severity":"unknown","cvss":null,"cves":["CVE-2026-14051"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14051","csirts_url":"https://www.csirts.com/advisory/cve-2026-14051-5853"},{"num":994,"source_id":"msrc","external_id":"CVE-2026-13919","title":"CVE-2026-13919: Chromium: CVE-2026-13919 Insufficient data validation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13919"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13919","csirts_url":"https://www.csirts.com/advisory/cve-2026-13919-994"},{"num":6067,"source_id":"msrc","external_id":"CVE-2026-13877","title":"CVE-2026-13877: Chromium: CVE-2026-13877 Insufficient validation of untrusted input in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-13877"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13877","csirts_url":"https://www.csirts.com/advisory/cve-2026-13877-6067"},{"num":5223,"source_id":"msrc","external_id":"CVE-2026-13883","title":"CVE-2026-13883: Chromium: CVE-2026-13883 Type Confusion in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-13883"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13883","csirts_url":"https://www.csirts.com/advisory/cve-2026-13883-5223"},{"num":6071,"source_id":"msrc","external_id":"CVE-2026-13884","title":"CVE-2026-13884: Chromium: CVE-2026-13884 Heap buffer overflow in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13884"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13884","csirts_url":"https://www.csirts.com/advisory/cve-2026-13884-6071"},{"num":178,"source_id":"msrc","external_id":"CVE-2026-13993","title":"CVE-2026-13993: Chromium: CVE-2026-13993 Incorrect security UI in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-13993"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13993","csirts_url":"https://www.csirts.com/advisory/cve-2026-13993-178"},{"num":1098,"source_id":"msrc","external_id":"CVE-2026-14032","title":"CVE-2026-14032: Chromium: CVE-2026-14032 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-14032"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14032","csirts_url":"https://www.csirts.com/advisory/cve-2026-14032-1098"},{"num":6079,"source_id":"msrc","external_id":"CVE-2026-13900","title":"CVE-2026-13900: Chromium: CVE-2026-13900 Insufficient validation of untrusted input in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13900"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13900","csirts_url":"https://www.csirts.com/advisory/cve-2026-13900-6079"},{"num":175,"source_id":"msrc","external_id":"CVE-2026-14053","title":"CVE-2026-14053: Chromium: CVE-2026-14053 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-14053"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14053","csirts_url":"https://www.csirts.com/advisory/cve-2026-14053-175"},{"num":1151,"source_id":"msrc","external_id":"CVE-2026-58290","title":"CVE-2026-58290: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-58290"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58290","csirts_url":"https://www.csirts.com/advisory/cve-2026-58290-1151"},{"num":2606,"source_id":"msrc","external_id":"CVE-2026-58297","title":"CVE-2026-58297: Microsoft Edge for Android Information Disclosure Vulnerability","severity":"high","cvss":7.1,"cves":["CVE-2026-58297"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58297","csirts_url":"https://www.csirts.com/advisory/cve-2026-58297-2606"},{"num":174,"source_id":"msrc","external_id":"CVE-2026-14058","title":"CVE-2026-14058: Chromium: CVE-2026-14058 Policy bypass in Parser","severity":"unknown","cvss":null,"cves":["CVE-2026-14058"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14058","csirts_url":"https://www.csirts.com/advisory/cve-2026-14058-174"},{"num":6062,"source_id":"msrc","external_id":"CVE-2026-13857","title":"CVE-2026-13857: Chromium: CVE-2026-13857 Inappropriate implementation in Geometry","severity":"unknown","cvss":null,"cves":["CVE-2026-13857"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13857","csirts_url":"https://www.csirts.com/advisory/cve-2026-13857-6062"},{"num":1123,"source_id":"msrc","external_id":"CVE-2026-14008","title":"CVE-2026-14008: Chromium: CVE-2026-14008 Uninitialized Use in WebXR","severity":"unknown","cvss":null,"cves":["CVE-2026-14008"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14008","csirts_url":"https://www.csirts.com/advisory/cve-2026-14008-1123"},{"num":124148,"source_id":"msrc","external_id":"CVE-2026-55952","title":"CVE-2026-55952: TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension","severity":"unknown","cvss":null,"cves":["CVE-2026-55952"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55952","csirts_url":"https://www.csirts.com/advisory/cve-2026-55952-124148"},{"num":2004,"source_id":"msrc","external_id":"CVE-2026-53354","title":"CVE-2026-53354: arm64: errata: Mitigate TLBI errata on various Arm CPUs","severity":"high","cvss":7.1,"cves":["CVE-2026-53354"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53354","csirts_url":"https://www.csirts.com/advisory/cve-2026-53354-2004"},{"num":85928,"source_id":"msrc","external_id":"CVE-2026-8924","title":"CVE-2026-8924: trailing dot domain super cookie","severity":"critical","cvss":9.1,"cves":["CVE-2026-8924"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8924","csirts_url":"https://www.csirts.com/advisory/cve-2026-8924-85928"},{"num":85921,"source_id":"msrc","external_id":"CVE-2026-50721","title":"CVE-2026-50721: IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload","severity":"high","cvss":8.1,"cves":["CVE-2026-50721"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50721","csirts_url":"https://www.csirts.com/advisory/cve-2026-50721-85921"},{"num":6156,"source_id":"msrc","external_id":"CVE-2026-14018","title":"CVE-2026-14018: Chromium: CVE-2026-14018 Use after free in Updater","severity":"unknown","cvss":null,"cves":["CVE-2026-14018"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14018","csirts_url":"https://www.csirts.com/advisory/cve-2026-14018-6156"},{"num":976,"source_id":"msrc","external_id":"CVE-2026-13898","title":"CVE-2026-13898: Chromium: CVE-2026-13898 Use after free in Cast Receiver","severity":"unknown","cvss":null,"cves":["CVE-2026-13898"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13898","csirts_url":"https://www.csirts.com/advisory/cve-2026-13898-976"},{"num":2543,"source_id":"msrc","external_id":"CVE-2026-14095","title":"CVE-2026-14095: Chromium: CVE-2026-14095 Insufficient validation of untrusted input in Browser","severity":"unknown","cvss":null,"cves":["CVE-2026-14095"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14095","csirts_url":"https://www.csirts.com/advisory/cve-2026-14095-2543"},{"num":6075,"source_id":"msrc","external_id":"CVE-2026-13891","title":"CVE-2026-13891: Chromium: CVE-2026-13891 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-13891"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13891","csirts_url":"https://www.csirts.com/advisory/cve-2026-13891-6075"},{"num":889,"source_id":"msrc","external_id":"CVE-2026-13776","title":"CVE-2026-13776: Chromium: CVE-2026-13776 Type Confusion in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-13776"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13776","csirts_url":"https://www.csirts.com/advisory/cve-2026-13776-889"},{"num":1059,"source_id":"msrc","external_id":"CVE-2026-14152","title":"CVE-2026-14152: Chromium: CVE-2026-14152 Out of bounds write in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-14152"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14152","csirts_url":"https://www.csirts.com/advisory/cve-2026-14152-1059"},{"num":6108,"source_id":"msrc","external_id":"CVE-2026-14039","title":"CVE-2026-14039: Chromium: CVE-2026-14039 Insufficient policy enforcement in GetUserMedia","severity":"unknown","cvss":null,"cves":["CVE-2026-14039"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14039","csirts_url":"https://www.csirts.com/advisory/cve-2026-14039-6108"},{"num":6057,"source_id":"msrc","external_id":"CVE-2026-13836","title":"CVE-2026-13836: Chromium: CVE-2026-13836 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-13836"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13836","csirts_url":"https://www.csirts.com/advisory/cve-2026-13836-6057"},{"num":5852,"source_id":"msrc","external_id":"CVE-2026-14056","title":"CVE-2026-14056: Chromium: CVE-2026-14056 Insufficient validation of untrusted input in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-14056"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14056","csirts_url":"https://www.csirts.com/advisory/cve-2026-14056-5852"},{"num":6058,"source_id":"msrc","external_id":"CVE-2026-13835","title":"CVE-2026-13835: Chromium: CVE-2026-13835 Inappropriate implementation in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-13835"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13835","csirts_url":"https://www.csirts.com/advisory/cve-2026-13835-6058"},{"num":6088,"source_id":"msrc","external_id":"CVE-2026-13940","title":"CVE-2026-13940: Chromium: CVE-2026-13940 Uninitialized Use in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-13940"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13940","csirts_url":"https://www.csirts.com/advisory/cve-2026-13940-6088"},{"num":3486,"source_id":"msrc","external_id":"CVE-2026-13830","title":"CVE-2026-13830: Chromium: CVE-2026-13830 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-13830"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13830","csirts_url":"https://www.csirts.com/advisory/cve-2026-13830-3486"},{"num":3551,"source_id":"msrc","external_id":"CVE-2026-13796","title":"CVE-2026-13796: Chromium: CVE-2026-13796 Integer overflow in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13796"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13796","csirts_url":"https://www.csirts.com/advisory/cve-2026-13796-3551"},{"num":6052,"source_id":"msrc","external_id":"CVE-2026-13829","title":"CVE-2026-13829: Chromium: CVE-2026-13829 Insufficient validation of untrusted input in Settings","severity":"unknown","cvss":null,"cves":["CVE-2026-13829"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13829","csirts_url":"https://www.csirts.com/advisory/cve-2026-13829-6052"},{"num":5727,"source_id":"msrc","external_id":"CVE-2026-13815","title":"CVE-2026-13815: Chromium: CVE-2026-13815 Use after free in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-13815"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13815","csirts_url":"https://www.csirts.com/advisory/cve-2026-13815-5727"},{"num":3523,"source_id":"msrc","external_id":"CVE-2026-13860","title":"CVE-2026-13860: Chromium: CVE-2026-13860 Incorrect security UI in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-13860"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13860","csirts_url":"https://www.csirts.com/advisory/cve-2026-13860-3523"},{"num":1784,"source_id":"msrc","external_id":"CVE-2026-57992","title":"CVE-2026-57992: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-57992"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57992","csirts_url":"https://www.csirts.com/advisory/cve-2026-57992-1784"},{"num":3483,"source_id":"msrc","external_id":"CVE-2026-13783","title":"CVE-2026-13783: Chromium: CVE-2026-13783 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-13783"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13783","csirts_url":"https://www.csirts.com/advisory/cve-2026-13783-3483"},{"num":2101,"source_id":"msrc","external_id":"CVE-2026-13793","title":"CVE-2026-13793: Chromium: CVE-2026-13793 Insufficient policy enforcement in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-13793"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13793","csirts_url":"https://www.csirts.com/advisory/cve-2026-13793-2101"},{"num":2044,"source_id":"msrc","external_id":"CVE-2026-41106","title":"CVE-2026-41106: Microsoft 365 Copilot Elevation of Privilege Vulnerability","severity":"critical","cvss":9.3,"cves":["CVE-2026-41106"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41106","csirts_url":"https://www.csirts.com/advisory/cve-2026-41106-2044"},{"num":85925,"source_id":"msrc","external_id":"CVE-2026-8932","title":"CVE-2026-8932: incomplete mTLS config matching in conn reuse","severity":"high","cvss":7.5,"cves":["CVE-2026-8932"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8932","csirts_url":"https://www.csirts.com/advisory/cve-2026-8932-85925"},{"num":186423,"source_id":"msrc","external_id":"CVE-2026-60001","title":"CVE-2026-60001: sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.","severity":"medium","cvss":6.5,"cves":["CVE-2026-60001"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-60001","csirts_url":"https://www.csirts.com/advisory/cve-2026-60001-186423"},{"num":184,"source_id":"msrc","external_id":"CVE-2026-53339","title":"CVE-2026-53339: i2c: qcom-cci: Fix NULL pointer dereference in cci_remove()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53339"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53339","csirts_url":"https://www.csirts.com/advisory/cve-2026-53339-184"},{"num":85952,"source_id":"msrc","external_id":"CVE-2026-8927","title":"CVE-2026-8927: env-set cross-proxy Digest auth state leak","severity":"medium","cvss":5.3,"cves":["CVE-2026-8927"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-8927","csirts_url":"https://www.csirts.com/advisory/cve-2026-8927-85952"},{"num":6051,"source_id":"msrc","external_id":"CVE-2026-13818","title":"CVE-2026-13818: Chromium: CVE-2026-13818 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13818"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13818","csirts_url":"https://www.csirts.com/advisory/cve-2026-13818-6051"},{"num":5978,"source_id":"msrc","external_id":"CVE-2026-57983","title":"CVE-2026-57983: Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability","severity":"high","cvss":8.7,"cves":["CVE-2026-57983"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57983","csirts_url":"https://www.csirts.com/advisory/cve-2026-57983-5978"},{"num":6135,"source_id":"msrc","external_id":"CVE-2026-14102","title":"CVE-2026-14102: Chromium: CVE-2026-14102 Use after free in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-14102"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14102","csirts_url":"https://www.csirts.com/advisory/cve-2026-14102-6135"},{"num":3541,"source_id":"msrc","external_id":"CVE-2026-14019","title":"CVE-2026-14019: Chromium: CVE-2026-14019 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-14019"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14019","csirts_url":"https://www.csirts.com/advisory/cve-2026-14019-3541"},{"num":1774,"source_id":"msrc","external_id":"CVE-2026-56149","title":"CVE-2026-56149: Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service","severity":"medium","cvss":4.9,"cves":["CVE-2026-56149"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56149","csirts_url":"https://www.csirts.com/advisory/cve-2026-56149-1774"},{"num":3195,"source_id":"msrc","external_id":"CVE-2026-13855","title":"CVE-2026-13855: Chromium: CVE-2026-13855 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-13855"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13855","csirts_url":"https://www.csirts.com/advisory/cve-2026-13855-3195"},{"num":6150,"source_id":"msrc","external_id":"CVE-2026-14037","title":"CVE-2026-14037: Chromium: CVE-2026-14037 Insufficient policy enforcement in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-14037"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14037","csirts_url":"https://www.csirts.com/advisory/cve-2026-14037-6150"},{"num":150,"source_id":"msrc","external_id":"CVE-2026-14106","title":"CVE-2026-14106: Chromium: CVE-2026-14106 Insufficient validation of untrusted input in Text","severity":"unknown","cvss":null,"cves":["CVE-2026-14106"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14106","csirts_url":"https://www.csirts.com/advisory/cve-2026-14106-150"},{"num":1089,"source_id":"msrc","external_id":"CVE-2026-14044","title":"CVE-2026-14044: Chromium: CVE-2026-14044 Use after free in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-14044"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14044","csirts_url":"https://www.csirts.com/advisory/cve-2026-14044-1089"},{"num":6100,"source_id":"msrc","external_id":"CVE-2026-13962","title":"CVE-2026-13962: Chromium: CVE-2026-13962 Insufficient data validation in PDF","severity":"unknown","cvss":null,"cves":["CVE-2026-13962"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13962","csirts_url":"https://www.csirts.com/advisory/cve-2026-13962-6100"},{"num":3478,"source_id":"msrc","external_id":"CVE-2026-56646","title":"CVE-2026-56646: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-56646"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56646","csirts_url":"https://www.csirts.com/advisory/cve-2026-56646-3478"},{"num":1785,"source_id":"msrc","external_id":"CVE-2026-58282","title":"CVE-2026-58282: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-58282"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58282","csirts_url":"https://www.csirts.com/advisory/cve-2026-58282-1785"},{"num":5845,"source_id":"msrc","external_id":"CVE-2026-14072","title":"CVE-2026-14072: Chromium: CVE-2026-14072 Incorrect security UI in SplitView","severity":"unknown","cvss":null,"cves":["CVE-2026-14072"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14072","csirts_url":"https://www.csirts.com/advisory/cve-2026-14072-5845"},{"num":2561,"source_id":"msrc","external_id":"CVE-2026-14040","title":"CVE-2026-14040: Chromium: CVE-2026-14040 Use after free in BrowserTag","severity":"unknown","cvss":null,"cves":["CVE-2026-14040"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14040","csirts_url":"https://www.csirts.com/advisory/cve-2026-14040-2561"},{"num":5851,"source_id":"msrc","external_id":"CVE-2026-14061","title":"CVE-2026-14061: Chromium: CVE-2026-14061 Inappropriate implementation in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-14061"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14061","csirts_url":"https://www.csirts.com/advisory/cve-2026-14061-5851"},{"num":2978,"source_id":"msrc","external_id":"CVE-2026-13844","title":"CVE-2026-13844: Chromium: CVE-2026-13844 Use after free in Updater","severity":"unknown","cvss":null,"cves":["CVE-2026-13844"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13844","csirts_url":"https://www.csirts.com/advisory/cve-2026-13844-2978"},{"num":6034,"source_id":"msrc","external_id":"CVE-2026-14086","title":"CVE-2026-14086: Chromium: CVE-2026-14086 Insufficient policy enforcement in HID","severity":"unknown","cvss":null,"cves":["CVE-2026-14086"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14086","csirts_url":"https://www.csirts.com/advisory/cve-2026-14086-6034"},{"num":6099,"source_id":"msrc","external_id":"CVE-2026-13960","title":"CVE-2026-13960: Chromium: CVE-2026-13960 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13960"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13960","csirts_url":"https://www.csirts.com/advisory/cve-2026-13960-6099"},{"num":6123,"source_id":"msrc","external_id":"CVE-2026-14141","title":"CVE-2026-14141: Chromium: CVE-2026-14141 Incorrect security UI in Document Picture-in-Picture","severity":"unknown","cvss":null,"cves":["CVE-2026-14141"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14141","csirts_url":"https://www.csirts.com/advisory/cve-2026-14141-6123"},{"num":2279,"source_id":"msrc","external_id":"CVE-2026-13976","title":"CVE-2026-13976: Chromium: CVE-2026-13976 Heap buffer overflow in Storage","severity":"unknown","cvss":null,"cves":["CVE-2026-13976"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13976","csirts_url":"https://www.csirts.com/advisory/cve-2026-13976-2279"},{"num":2490,"source_id":"msrc","external_id":"CVE-2026-14049","title":"CVE-2026-14049: Chromium: CVE-2026-14049 Inappropriate implementation in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-14049"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14049","csirts_url":"https://www.csirts.com/advisory/cve-2026-14049-2490"},{"num":5854,"source_id":"msrc","external_id":"CVE-2026-14050","title":"CVE-2026-14050: Chromium: CVE-2026-14050 Insufficient policy enforcement in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-14050"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14050","csirts_url":"https://www.csirts.com/advisory/cve-2026-14050-5854"},{"num":3547,"source_id":"msrc","external_id":"CVE-2026-58286","title":"CVE-2026-58286: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-58286"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58286","csirts_url":"https://www.csirts.com/advisory/cve-2026-58286-3547"},{"num":798,"source_id":"msrc","external_id":"CVE-2026-53336","title":"CVE-2026-53336: nvmem: layouts: onie-tlv: fix hang on unknown types","severity":"medium","cvss":5.5,"cves":["CVE-2026-53336"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53336","csirts_url":"https://www.csirts.com/advisory/cve-2026-53336-798"},{"num":186425,"source_id":"msrc","external_id":"CVE-2026-59999","title":"CVE-2026-59999: In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.","severity":"medium","cvss":5.9,"cves":["CVE-2026-59999"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-59999","csirts_url":"https://www.csirts.com/advisory/cve-2026-59999-186425"},{"num":1183,"source_id":"msrc","external_id":"CVE-2026-14120","title":"CVE-2026-14120: Chromium: CVE-2026-14120 Inappropriate implementation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14120"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14120","csirts_url":"https://www.csirts.com/advisory/cve-2026-14120-1183"},{"num":186431,"source_id":"msrc","external_id":"CVE-2026-54908","title":"CVE-2026-54908: Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message","severity":"unknown","cvss":null,"cves":["CVE-2026-54908"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54908","csirts_url":"https://www.csirts.com/advisory/cve-2026-54908-186431"},{"num":6169,"source_id":"msrc","external_id":"CVE-2026-57981","title":"CVE-2026-57981: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-57981"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57981","csirts_url":"https://www.csirts.com/advisory/cve-2026-57981-6169"},{"num":185,"source_id":"msrc","external_id":"CVE-2026-49090","title":"CVE-2026-49090: Uncontrolled Resource Consumption in Elasticsearch Leading to Denial of Service","severity":"medium","cvss":6.5,"cves":["CVE-2026-49090"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49090","csirts_url":"https://www.csirts.com/advisory/cve-2026-49090-185"},{"num":3537,"source_id":"msrc","external_id":"CVE-2026-14031","title":"CVE-2026-14031: Chromium: CVE-2026-14031 Incorrect security UI in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-14031"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14031","csirts_url":"https://www.csirts.com/advisory/cve-2026-14031-3537"},{"num":3484,"source_id":"msrc","external_id":"CVE-2026-13784","title":"CVE-2026-13784: Chromium: CVE-2026-13784 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-13784"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13784","csirts_url":"https://www.csirts.com/advisory/cve-2026-13784-3484"},{"num":1971,"source_id":"msrc","external_id":"CVE-2026-14054","title":"CVE-2026-14054: Chromium: CVE-2026-14054 Insufficient policy enforcement in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-14054"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14054","csirts_url":"https://www.csirts.com/advisory/cve-2026-14054-1971"},{"num":6053,"source_id":"msrc","external_id":"CVE-2026-13828","title":"CVE-2026-13828: Chromium: CVE-2026-13828 Inappropriate implementation in Enterprise","severity":"unknown","cvss":null,"cves":["CVE-2026-13828"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13828","csirts_url":"https://www.csirts.com/advisory/cve-2026-13828-6053"},{"num":6090,"source_id":"msrc","external_id":"CVE-2026-13942","title":"CVE-2026-13942: Chromium: CVE-2026-13942 Insufficient validation of untrusted input in Video Capture","severity":"unknown","cvss":null,"cves":["CVE-2026-13942"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13942","csirts_url":"https://www.csirts.com/advisory/cve-2026-13942-6090"},{"num":1121,"source_id":"msrc","external_id":"CVE-2026-14013","title":"CVE-2026-14013: Chromium: CVE-2026-14013 Inappropriate implementation in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-14013"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14013","csirts_url":"https://www.csirts.com/advisory/cve-2026-14013-1121"},{"num":2221,"source_id":"msrc","external_id":"CVE-2026-13984","title":"CVE-2026-13984: Chromium: CVE-2026-13984 Incorrect security UI in TabStrip","severity":"unknown","cvss":null,"cves":["CVE-2026-13984"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13984","csirts_url":"https://www.csirts.com/advisory/cve-2026-13984-2221"},{"num":3550,"source_id":"msrc","external_id":"CVE-2026-58597","title":"CVE-2026-58597: Microsoft Edge (Chromium-based) Spoofing Vulnerability","severity":"medium","cvss":4.3,"cves":["CVE-2026-58597"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58597","csirts_url":"https://www.csirts.com/advisory/cve-2026-58597-3550"},{"num":70,"source_id":"msrc","external_id":"CVE-2026-14118","title":"CVE-2026-14118: Chromium: CVE-2026-14118 Insufficient data validation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-14118"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14118","csirts_url":"https://www.csirts.com/advisory/cve-2026-14118-70"},{"num":6054,"source_id":"msrc","external_id":"CVE-2026-13832","title":"CVE-2026-13832: Chromium: CVE-2026-13832 Use after free in Headless","severity":"unknown","cvss":null,"cves":["CVE-2026-13832"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13832","csirts_url":"https://www.csirts.com/advisory/cve-2026-13832-6054"},{"num":133,"source_id":"msrc","external_id":"CVE-2026-14107","title":"CVE-2026-14107: Chromium: CVE-2026-14107 Use after free in Scheduling","severity":"unknown","cvss":null,"cves":["CVE-2026-14107"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14107","csirts_url":"https://www.csirts.com/advisory/cve-2026-14107-133"},{"num":6132,"source_id":"msrc","external_id":"CVE-2026-14109","title":"CVE-2026-14109: Chromium: CVE-2026-14109 Insufficient policy enforcement in Mojo","severity":"unknown","cvss":null,"cves":["CVE-2026-14109"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14109","csirts_url":"https://www.csirts.com/advisory/cve-2026-14109-6132"},{"num":2223,"source_id":"msrc","external_id":"CVE-2026-13982","title":"CVE-2026-13982: Chromium: CVE-2026-13982 Incorrect security UI in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13982"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13982","csirts_url":"https://www.csirts.com/advisory/cve-2026-13982-2223"},{"num":6134,"source_id":"msrc","external_id":"CVE-2026-14103","title":"CVE-2026-14103: Chromium: CVE-2026-14103 Use after free in SSL","severity":"unknown","cvss":null,"cves":["CVE-2026-14103"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14103","csirts_url":"https://www.csirts.com/advisory/cve-2026-14103-6134"},{"num":169,"source_id":"msrc","external_id":"CVE-2026-14085","title":"CVE-2026-14085: Chromium: CVE-2026-14085 Side-channel information leakage in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-14085"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-14085","csirts_url":"https://www.csirts.com/advisory/cve-2026-14085-169"},{"num":3552,"source_id":"msrc","external_id":"CVE-2026-13798","title":"CVE-2026-13798: Chromium: CVE-2026-13798 Heap buffer overflow in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-13798"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13798","csirts_url":"https://www.csirts.com/advisory/cve-2026-13798-3552"},{"num":2613,"source_id":"msrc","external_id":"CVE-2026-13806","title":"CVE-2026-13806: Chromium: CVE-2026-13806 Insufficient validation of untrusted input in Accessibility","severity":"unknown","cvss":null,"cves":["CVE-2026-13806"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13806","csirts_url":"https://www.csirts.com/advisory/cve-2026-13806-2613"},{"num":2587,"source_id":"msrc","external_id":"CVE-2026-13977","title":"CVE-2026-13977: Chromium: CVE-2026-13977 Inappropriate implementation in HTMLParser","severity":"unknown","cvss":null,"cves":["CVE-2026-13977"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13977","csirts_url":"https://www.csirts.com/advisory/cve-2026-13977-2587"},{"num":19660,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities_20260702","title":"Mozilla Products Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-14241","CVE-2026-57962","CVE-2026-57963"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T03:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities_20260702","csirts_url":"https://www.csirts.com/advisory/mozilla-products-multiple-vulnerabilities-19660"},{"num":19658,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260702","title":"Google Chrome Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-13774","CVE-2026-13775","CVE-2026-13776","CVE-2026-13777","CVE-2026-13778","CVE-2026-13779","CVE-2026-13780","CVE-2026-13781","CVE-2026-13782","CVE-2026-13783","CVE-2026-13784","CVE-2026-13785","CVE-2026-13786","CVE-2026-13787","CVE-2026-13788","CVE-2026-13790","CVE-2026-13791","CVE-2026-13792","CVE-2026-13793","CVE-2026-13794","CVE-2026-13795","CVE-2026-13796","CVE-2026-13797","CVE-2026-13798","CVE-2026-13799","CVE-2026-13800","CVE-2026-13801","CVE-2026-13802","CVE-2026-13803","CVE-2026-13804","CVE-2026-13805","CVE-2026-13806","CVE-2026-13807","CVE-2026-13808","CVE-2026-13809","CVE-2026-13810","CVE-2026-13811","CVE-2026-13812","CVE-2026-13813","CVE-2026-13814","CVE-2026-13815","CVE-2026-13816","CVE-2026-13817","CVE-2026-13818","CVE-2026-13819","CVE-2026-13820","CVE-2026-13821","CVE-2026-13822","CVE-2026-13823","CVE-2026-13824","CVE-2026-13825","CVE-2026-13826","CVE-2026-13827","CVE-2026-13828","CVE-2026-13829","CVE-2026-13830","CVE-2026-13831","CVE-2026-13832","CVE-2026-13833","CVE-2026-13834"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T03:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260702","csirts_url":"https://www.csirts.com/advisory/google-chrome-multiple-vulnerabilities-19658"},{"num":19661,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260702","title":"SUSE Linux Kernel Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2025-10263","CVE-2025-38549","CVE-2025-68324","CVE-2025-68822","CVE-2026-3150","CVE-2026-23303","CVE-2026-23327","CVE-2026-23359","CVE-2026-23392","CVE-2026-23438","CVE-2026-23444","CVE-2026-31396","CVE-2026-31414","CVE-2026-31429","CVE-2026-31446","CVE-2026-31448","CVE-2026-31452","CVE-2026-31453","CVE-2026-31454","CVE-2026-31455","CVE-2026-31464","CVE-2026-31469","CVE-2026-31473","CVE-2026-31480","CVE-2026-31492","CVE-2026-31493","CVE-2026-31495","CVE-2026-31499","CVE-2026-31500","CVE-2026-31516","CVE-2026-31518","CVE-2026-31546","CVE-2026-31555","CVE-2026-31560","CVE-2026-31590","CVE-2026-31592","CVE-2026-31593","CVE-2026-31596","CVE-2026-31613","CVE-2026-31614","CVE-2026-31629","CVE-2026-31655","CVE-2026-31664","CVE-2026-31665","CVE-2026-31671","CVE-2026-31673","CVE-2026-31674","CVE-2026-31678","CVE-2026-31680","CVE-2026-31693","CVE-2026-31697","CVE-2026-31698","CVE-2026-31699","CVE-2026-31703","CVE-2026-31752","CVE-2026-31758","CVE-2026-31759","CVE-2026-31767","CVE-2026-31771","CVE-2026-43013"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T03:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities_20260702","csirts_url":"https://www.csirts.com/advisory/suse-linux-kernel-multiple-vulnerabilities-19661"},{"num":19659,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/ibm-websphere-products-multiple-vulnerabilities_20260702","title":"IBM WebSphere Products Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-9006","CVE-2026-9171","CVE-2026-9322","CVE-2026-11546","CVE-2026-11595","CVE-2026-11708","CVE-2026-11712","CVE-2026-11714","CVE-2026-50645"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T03:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/ibm-websphere-products-multiple-vulnerabilities_20260702","csirts_url":"https://www.csirts.com/advisory/ibm-websphere-products-multiple-19659"},{"num":19657,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/apache-tomcat-multiple-vulnerabilities_20260702","title":"Apache Tomcat Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-50229","CVE-2026-53404","CVE-2026-53434","CVE-2026-55276","CVE-2026-55955","CVE-2026-55956","CVE-2026-55957"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T03:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/apache-tomcat-multiple-vulnerabilities_20260702","csirts_url":"https://www.csirts.com/advisory/apache-tomcat-multiple-vulnerabilities-19657"},{"num":19663,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260702","title":"Ubuntu Linux Kernel Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2022-48816","CVE-2023-53673","CVE-2024-35896","CVE-2024-50004","CVE-2024-58096","CVE-2024-58097","CVE-2025-37778","CVE-2025-37822","CVE-2025-37924","CVE-2025-37926","CVE-2025-38201","CVE-2025-38591","CVE-2025-40005","CVE-2025-40039","CVE-2025-40082","CVE-2025-40149","CVE-2025-54505","CVE-2025-68214","CVE-2025-68263","CVE-2025-68351","CVE-2025-68358","CVE-2025-68365","CVE-2025-68725","CVE-2025-68749","CVE-2025-68803","CVE-2025-68823","CVE-2025-71089","CVE-2025-71160","CVE-2025-71162","CVE-2025-71163","CVE-2025-71180","CVE-2025-71182","CVE-2025-71183","CVE-2025-71184","CVE-2025-71185","CVE-2025-71186","CVE-2025-71188","CVE-2025-71189","CVE-2025-71190","CVE-2025-71191","CVE-2025-71192","CVE-2025-71193","CVE-2025-71194","CVE-2025-71195","CVE-2025-71196","CVE-2025-71197","CVE-2025-71198","CVE-2025-71199","CVE-2025-71200","CVE-2025-71220","CVE-2025-71222","CVE-2025-71224","CVE-2025-71225","CVE-2025-71229","CVE-2025-71231","CVE-2025-71232","CVE-2025-71233","CVE-2025-71235","CVE-2025-71236","CVE-2025-71237"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260702","csirts_url":"https://www.csirts.com/advisory/ubuntu-linux-kernel-multiple-19663"},{"num":19662,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/redhat-linux-kernel-multiple-vulnerabilities_20260702","title":"RedHat Linux Kernel Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2025-10263","CVE-2025-71116","CVE-2026-4878","CVE-2026-22984","CVE-2026-22990","CVE-2026-23216","CVE-2026-23455","CVE-2026-31431","CVE-2026-31669","CVE-2026-35385","CVE-2026-35535","CVE-2026-39979","CVE-2026-40164","CVE-2026-41035","CVE-2026-43037","CVE-2026-43112","CVE-2026-43125","CVE-2026-43128","CVE-2026-43279","CVE-2026-43284","CVE-2026-43329","CVE-2026-43501","CVE-2026-43503","CVE-2026-45852","CVE-2026-45984","CVE-2026-45998","CVE-2026-46090","CVE-2026-46173","CVE-2026-46176","CVE-2026-46181","CVE-2026-46189","CVE-2026-46209","CVE-2026-46227","CVE-2026-46243","CVE-2026-46244","CVE-2026-46300","CVE-2026-46316","CVE-2026-46331","CVE-2026-46333"],"exploited":false,"has_exploit":true,"published_at":"2026-07-02T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/redhat-linux-kernel-multiple-vulnerabilities_20260702","csirts_url":"https://www.csirts.com/advisory/redhat-linux-kernel-multiple-19662"},{"num":996,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0826/","title":"Multiple vulnerabilities in Elastic products (July 2, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-49091","CVE-2026-56150","CVE-2026-56151","CVE-2026-49090","CVE-2026-32283","CVE-2026-56149","CVE-2026-56152","CVE-2026-56148","CVE-2026-49089","CVE-2026-49088","CVE-2026-49087"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0826/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-elastic-996"},{"num":1864,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0823/","title":"Multiple vulnerabilities in Traefik (July 2, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-54763","CVE-2026-54764","CVE-2026-54765"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0823/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-traefik-july-1864"},{"num":1868,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0824/","title":"Multiple vulnerabilities in ClamAV (July 2, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-20216","CVE-2026-20243","CVE-2026-20215","CVE-2026-20213","CVE-2026-20214","CVE-2026-20217","CVE-2026-20244","CVE-2026-41676"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0824/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-clamav-july-2-1868"},{"num":995,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0825/","title":"Multiple vulnerabilities in Cisco products (July 2, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-20216","CVE-2026-20243","CVE-2026-20215","CVE-2026-20213","CVE-2026-20214","CVE-2026-20217","CVE-2026-20244","CVE-2026-20191"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0825/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-cisco-995"},{"num":170046,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00286.html","title":"DSA-6375-1 fastnetmon - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-48683","CVE-2026-48684","CVE-2026-48685","CVE-2026-48686","CVE-2026-48687","CVE-2026-48688","CVE-2026-48689","CVE-2026-48690","CVE-2026-48691","CVE-2026-48694","CVE-2026-48695","CVE-2026-48696"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00286.html","csirts_url":"https://www.csirts.com/advisory/dsa-6375-1-fastnetmon-security-update-170046"},{"num":534,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0829/","title":"Multiple vulnerabilities in Google Chrome (July 2, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-13848","CVE-2026-14098","CVE-2026-13791","CVE-2026-14104","CVE-2026-13934","CVE-2026-14080","CVE-2026-13806","CVE-2026-14100","CVE-2026-13933","CVE-2026-14392","CVE-2026-14002","CVE-2026-14409","CVE-2026-13774","CVE-2026-13893","CVE-2026-13834","CVE-2026-13974","CVE-2026-14143","CVE-2026-14077","CVE-2026-14083","CVE-2026-13888","CVE-2026-13838","CVE-2026-13914","CVE-2026-14101","CVE-2026-13822","CVE-2026-14385","CVE-2026-13949","CVE-2026-14134","CVE-2026-14055","CVE-2026-14131","CVE-2026-13930","CVE-2026-13840","CVE-2026-13904","CVE-2026-14093","CVE-2026-14072","CVE-2026-13906","CVE-2026-14061","CVE-2026-14106","CVE-2026-14395","CVE-2026-14428","CVE-2026-13839","CVE-2026-13830","CVE-2026-14000","CVE-2026-14156","CVE-2026-14147","CVE-2026-14063","CVE-2026-14401","CVE-2026-14406","CVE-2026-14152","CVE-2026-13946","CVE-2026-14030","CVE-2026-14141","CVE-2026-14410","CVE-2026-13853","CVE-2026-13980","CVE-2026-13970","CVE-2026-13857","CVE-2026-14010","CVE-2026-14381","CVE-2026-13962","CVE-2026-13977"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0829/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-google-chrome-534"},{"num":533,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0828/","title":"Vulnerability in CPython (July 2, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-4360"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0828/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-cpython-july-2-2026-533"},{"num":1940,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0827/","title":"Multiple vulnerabilities in Mozilla Thunderbird (July 2, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-57963","CVE-2026-57962"],"exploited":false,"has_exploit":false,"published_at":"2026-07-02T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0827/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-mozilla-1940"},{"num":170104,"source_id":"aws","external_id":"49d6733217ac515765364c34b108e5ae6d6c24eb","title":"CVE-2026-14265- Deserialization of Untrusted Data in AWS Advanced JDBC Wrapper RemoteQueryCachePlugin","severity":"unknown","cvss":null,"cves":["CVE-2026-14265"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T19:40:00+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-051-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-14265-170104"},{"num":170096,"source_id":"aws","external_id":"d58fecee6b38a183b80251dccd4c11c85db2b3ca","title":"CVE-2026-13760 - OS Command Injection in NodejsFunction Docker Bundling in aws-cdk-lib","severity":"unknown","cvss":null,"cves":["CVE-2026-13760"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T19:09:41+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-050-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-13760-170096"},{"num":170071,"source_id":"aws","external_id":"b45733c9486599cf4534d3023945b89e54f31012","title":"CVE-2026-13769 – Insecure file permissions in AWS CLI","severity":"unknown","cvss":null,"cves":["CVE-2026-13769"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T18:45:24+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-049-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-13769-170071"},{"num":916,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-notice-vwL7b0S7","title":"Cisco Advance Notification for Publication of July 1, 2026, Security Advisories","severity":"high","cvss":null,"cves":["CVE-2026-20191","CVE-2026-20216","CVE-2026-20213","CVE-2026-20214","CVE-2026-20215","CVE-2026-20217","CVE-2026-20243","CVE-2026-20244"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T16:01:07+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-notice-vwL7b0S7?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Advance%20Notification%20for%20Publication%20of%20July%201,%202026,%20Security%20Advisories%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-advance-notification-for-916"},{"num":2084,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW","title":"Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20230"],"exploited":true,"has_exploit":true,"published_at":"2026-07-01T15:10:08+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unified%20Communications%20Manager%20Server-Side%20Request%20Forgery%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-unified-communications-manager-2084"},{"num":1197,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/building-more-resilient-cni-what-industry-pen-testers-told-us","title":"Building more resilient CNI: what industry pen testers told us","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/building-more-resilient-cni-what-industry-pen-testers-told-us","csirts_url":"https://www.csirts.com/advisory/building-more-resilient-cni-what-industry-1197"},{"num":226,"source_id":"cisa","external_id":"/node/25105","title":"CISA Adds One Known Exploited Vulnerability to Catalog","severity":"high","cvss":null,"cves":["CVE-2026-45659"],"exploited":true,"has_exploit":true,"published_at":"2026-07-01T12:00:00+00:00","link":"https://www.cisa.gov/news-events/alerts/2026/07/01/cisa-adds-one-known-exploited-vulnerability-catalog","csirts_url":"https://www.csirts.com/advisory/cisa-adds-one-known-exploited-226"},{"num":1738,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0860","title":"[UPDATE] [high] NGINX and NGINX Plus: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-27654","CVE-2026-27651","CVE-2026-27784","CVE-2026-32647","CVE-2026-28755","CVE-2026-28753"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:56:23+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0860","csirts_url":"https://www.csirts.com/advisory/update-high-nginx-and-nginx-plus-multiple-1738"},{"num":1938,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1665","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2025-38468","CVE-2025-38469","CVE-2025-38470","CVE-2025-38471","CVE-2025-38472","CVE-2025-38473","CVE-2025-38474","CVE-2025-38475","CVE-2025-38476","CVE-2025-38477","CVE-2025-38478","CVE-2025-38480","CVE-2025-38481","CVE-2025-38482","CVE-2025-38483","CVE-2025-38484","CVE-2025-38485","CVE-2025-38486","CVE-2025-38487","CVE-2025-38488","CVE-2025-38489","CVE-2025-38490","CVE-2025-38491","CVE-2025-38492","CVE-2025-38493","CVE-2025-38494","CVE-2025-38495","CVE-2025-38496","CVE-2025-38497","CVE-2024-50047"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:55:55+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1665","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1938"},{"num":1744,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1522","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities allow denial of service","severity":"high","cvss":null,"cves":["CVE-2025-38265","CVE-2025-38266","CVE-2025-38267","CVE-2025-38268","CVE-2025-38269","CVE-2025-38270","CVE-2025-38271","CVE-2025-38272","CVE-2025-38273","CVE-2025-38274","CVE-2025-38275","CVE-2025-38276","CVE-2025-38277","CVE-2025-38278","CVE-2025-38279","CVE-2025-38280","CVE-2025-38281","CVE-2025-38282","CVE-2025-38283","CVE-2025-38284","CVE-2025-38285","CVE-2025-38286","CVE-2025-38287","CVE-2025-38288","CVE-2025-38289","CVE-2025-38290","CVE-2025-38291","CVE-2025-38292","CVE-2025-38293","CVE-2025-38294","CVE-2025-38295","CVE-2025-38296","CVE-2025-38297","CVE-2025-38298","CVE-2025-38299","CVE-2025-38300","CVE-2025-38301","CVE-2025-38302","CVE-2025-38303","CVE-2025-38304","CVE-2025-38305","CVE-2025-38306","CVE-2025-38307","CVE-2025-38308","CVE-2025-38309","CVE-2025-38310","CVE-2025-38311","CVE-2025-38312","CVE-2025-38313","CVE-2025-38314","CVE-2025-38315","CVE-2025-38316","CVE-2025-38317","CVE-2025-38318","CVE-2025-38319","CVE-2025-38320","CVE-2025-38321","CVE-2025-38322","CVE-2025-38323","CVE-2025-38324"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:55:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1522","csirts_url":"https://www.csirts.com/advisory/update-high-linux-kernel-multiple-1744"},{"num":1749,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2165","title":"[NEW] [medium] FreeBSD Project FreeBSD OS: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-49415","CVE-2026-49418","CVE-2026-49419","CVE-2026-49420","CVE-2026-49421","CVE-2026-49422","CVE-2026-49423","CVE-2026-49424","CVE-2026-49425","CVE-2026-49426","CVE-2026-49427","CVE-2026-49428","CVE-2026-49429","CVE-2026-49430","CVE-2026-49431","CVE-2026-58081","CVE-2026-58082"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:35:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2165","csirts_url":"https://www.csirts.com/advisory/new-medium-freebsd-project-freebsd-os-1749"},{"num":1752,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2164","title":"[NEW] [medium] Microsoft GitHub Enterprise Server: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-10585","CVE-2026-9106","CVE-2026-9132"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:35:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2164","csirts_url":"https://www.csirts.com/advisory/new-medium-microsoft-github-enterprise-1752"},{"num":1753,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1661","title":"[UPDATE] [high] NGINX Open Source and NGINX Plus: Vulnerability allows denial of service and potentially code execution","severity":"high","cvss":null,"cves":["CVE-2026-9256"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:30:55+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1661","csirts_url":"https://www.csirts.com/advisory/update-high-nginx-open-source-and-nginx-1753"},{"num":1754,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2162","title":"[NEW] [high] UltraVNC: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-44040","CVE-2026-44041","CVE-2026-44042","CVE-2026-7828","CVE-2026-7829","CVE-2026-7830","CVE-2026-7831","CVE-2026-7838","CVE-2026-7839","CVE-2026-7840"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:30:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2162","csirts_url":"https://www.csirts.com/advisory/new-high-ultravnc-multiple-vulnerabilities-1754"},{"num":1755,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1598","title":"[UPDATE] [medium] libvirt: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2025-12748"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:30:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1598","csirts_url":"https://www.csirts.com/advisory/update-medium-libvirt-vulnerability-1755"},{"num":1756,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2161","title":"[NEW] [high] LiteLLM: Multiple vulnerabilities","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:30:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2161","csirts_url":"https://www.csirts.com/advisory/new-high-litellm-multiple-vulnerabilities-1756"},{"num":1758,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1527","title":"[UPDATE] [high] NGINX Open Source and NGINX Plus: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-42945","CVE-2026-40460","CVE-2026-40701","CVE-2026-42926","CVE-2026-42934","CVE-2026-42946"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:30:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1527","csirts_url":"https://www.csirts.com/advisory/update-high-nginx-open-source-and-nginx-1758"},{"num":1757,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2160","title":"[NEW] [medium] Dell PowerScale OneFS: Multiple vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-40633","CVE-2026-49501"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:30:52+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2160","csirts_url":"https://www.csirts.com/advisory/new-medium-dell-powerscale-onefs-multiple-1757"},{"num":1762,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2157","title":"[NEW] [low] IBM InfoSphere Information Server: Vulnerability allows information disclosure","severity":"low","cvss":null,"cves":["CVE-2026-9836"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:20:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2157","csirts_url":"https://www.csirts.com/advisory/new-low-ibm-infosphere-information-server-1762"},{"num":1764,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2156","title":"[NEW] [high] IBM WebSphere Application Server Liberty: Multiple vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-11546","CVE-2026-11714"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:20:51+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2156","csirts_url":"https://www.csirts.com/advisory/new-high-ibm-websphere-application-server-1764"},{"num":1766,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2154","title":"[NEW] [medium] hostapd: Vulnerability allows denial of service","severity":"medium","cvss":null,"cves":["CVE-2026-58374"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T11:15:54+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2154","csirts_url":"https://www.csirts.com/advisory/new-medium-hostapd-vulnerability-allows-1766"},{"num":1767,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2152","title":"[NEW] [medium] win.rar WinRAR: Vulnerability allows code execution","severity":"medium","cvss":null,"cves":["CVE-2026-14191"],"exploited":false,"has_exploit":true,"published_at":"2026-07-01T11:15:53+00:00","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2152","csirts_url":"https://www.csirts.com/advisory/new-medium-win-rar-winrar-vulnerability-1767"},{"num":1001,"source_id":"ncsc-nl","external_id":"NCSC-2026-0217 [1.00]","title":"NCSC-2026-0217 [1.00] [M/H] Vulnerabilities fixed in Adobe ColdFusion","severity":"unknown","cvss":null,"cves":["CVE-2026-48276","CVE-2026-48277","CVE-2026-48281","CVE-2026-48282","CVE-2026-48283","CVE-2026-48313","CVE-2026-48315","CVE-2026-48307","CVE-2026-48285","CVE-2026-48314","CVE-2026-48316"],"exploited":false,"has_exploit":true,"published_at":"2026-07-01T08:52:48+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0217","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0217-1-00-m-h-vulnerabilities-1001"},{"num":19636,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN20721579/","title":"Seiko Solutions SkyBridge MB-A100/MB-A110 vulnerable to OS command injection","severity":"unknown","cvss":null,"cves":["CVE-2026-50043"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T05:00:00+00:00","link":"https://jvn.jp/en/jp/JVN20721579/","csirts_url":"https://www.csirts.com/advisory/seiko-solutions-skybridge-mb-a100-mb-a110-19636"},{"num":1935,"source_id":"cisa-kev","external_id":"CVE-2026-45659","title":"CVE-2026-45659: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-45659"],"exploited":true,"has_exploit":true,"published_at":"2026-07-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-45659","csirts_url":"https://www.csirts.com/advisory/cve-2026-45659-1935"},{"num":238,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0822/","title":"Multiple vulnerabilities in Citrix products (July 1, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-8452","CVE-2026-8451","CVE-2026-10817","CVE-2026-10816","CVE-2026-8655","CVE-2026-13474"],"exploited":false,"has_exploit":true,"published_at":"2026-07-01T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0822/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-citrix-238"},{"num":86924,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-11-released/","title":"GitLab Patch Release: 18.8.11","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-11-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-8-11-86924"},{"num":86923,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/","title":"GitLab patch release notes","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-notes-86923"},{"num":1850,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0820/","title":"Vulnerability in Mozilla Firefox (July 1, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-14241"],"exploited":false,"has_exploit":false,"published_at":"2026-07-01T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0820/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-mozilla-firefox-july-1-1850"},{"num":1856,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0821/","title":"Multiple vulnerabilities in Adobe ColdFusion (July 1, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-48307","CVE-2026-48281","CVE-2026-48315","CVE-2026-48283","CVE-2026-48276","CVE-2026-48282","CVE-2026-48314","CVE-2026-48316","CVE-2026-48313","CVE-2026-48285","CVE-2026-48277"],"exploited":false,"has_exploit":true,"published_at":"2026-07-01T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0821/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-adobe-1856"},{"num":714,"source_id":"ncsc-nl","external_id":"NCSC-2026-0216 [1.00]","title":"NCSC-2026-0216 [1.00] [M/H] Vulnerabilities fixed in Citrix Netscaler ADC and Netscaler Gateway","severity":"unknown","cvss":null,"cves":["CVE-2026-8451","CVE-2026-10817","CVE-2026-8452","CVE-2026-8655","CVE-2026-13474","CVE-2026-10816"],"exploited":false,"has_exploit":true,"published_at":"2026-06-30T20:43:47+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0216","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0216-1-00-m-h-vulnerabilities-714"},{"num":19589,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/citrix-security-advisory-av26-645","title":"Citrix security advisory (AV26-645) – Update 1","severity":"critical","cvss":null,"cves":["CVE-2026-8451","CVE-2026-8452","CVE-2026-8655","CVE-2026-10816","CVE-2026-10817","CVE-2026-13474"],"exploited":false,"has_exploit":true,"published_at":"2026-06-30T17:55:16+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/citrix-security-advisory-av26-645","csirts_url":"https://www.csirts.com/advisory/citrix-security-advisory-av26-645-update-1-19589"},{"num":19590,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/mozilla-security-advisory-av26-644","title":"Mozilla security advisory (AV26-644)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T17:38:29+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/mozilla-security-advisory-av26-644","csirts_url":"https://www.csirts.com/advisory/mozilla-security-advisory-av26-644-19590"},{"num":19591,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/wolfssl-security-advisory-av26-643","title":"wolfSSL security advisory (AV26-643)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T14:24:25+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/wolfssl-security-advisory-av26-643","csirts_url":"https://www.csirts.com/advisory/wolfssl-security-advisory-av26-643-19591"},{"num":19592,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/simplehelp-security-advisory-av26-642","title":"SimpleHelp security advisory (AV26-642)","severity":"unknown","cvss":null,"cves":["CVE-2026-48558"],"exploited":true,"has_exploit":true,"published_at":"2026-06-30T12:28:47+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/simplehelp-security-advisory-av26-642","csirts_url":"https://www.csirts.com/advisory/simplehelp-security-advisory-av26-642-19592"},{"num":371,"source_id":"cisa","external_id":"/node/25095","title":"Schneider Electric EcoStruxure IT Data Center Expert","severity":"critical","cvss":null,"cves":["CVE-2026-8045"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-03","csirts_url":"https://www.csirts.com/advisory/schneider-electric-ecostruxure-it-data-371"},{"num":407,"source_id":"cisa","external_id":"/node/25098","title":"StoneFly Storage Concentrator","severity":"critical","cvss":null,"cves":["CVE-2026-56415","CVE-2026-55721","CVE-2026-50040","CVE-2026-50110","CVE-2026-56413"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-06","csirts_url":"https://www.csirts.com/advisory/stonefly-storage-concentrator-407"},{"num":265,"source_id":"cisa","external_id":"/node/25093","title":"Mitsubishi Electric MELSOFT Update Manager SW1DND-UDM-M","severity":"critical","cvss":null,"cves":["CVE-2025-53816","CVE-2025-53817","CVE-2025-55188","CVE-2025-11001"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-01","csirts_url":"https://www.csirts.com/advisory/mitsubishi-electric-melsoft-update-265"},{"num":328,"source_id":"cisa","external_id":"/node/25092","title":"OFFIS DCMTK Toolkit","severity":"critical","cvss":null,"cves":["CVE-2026-50003","CVE-2026-50254","CVE-2026-35505","CVE-2026-52868","CVE-2026-44628"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-181-01","csirts_url":"https://www.csirts.com/advisory/offis-dcmtk-toolkit-328"},{"num":272,"source_id":"cisa","external_id":"/node/25094","title":"Frangoteam FUXA SCADA/HMI","severity":"critical","cvss":null,"cves":["CVE-2026-13207"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-02","csirts_url":"https://www.csirts.com/advisory/frangoteam-fuxa-scada-hmi-272"},{"num":1543,"source_id":"cisa","external_id":"/node/25099","title":"Delta Electronics DVP12SE PLC","severity":"critical","cvss":null,"cves":["CVE-2026-12819","CVE-2026-12818"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-07","csirts_url":"https://www.csirts.com/advisory/delta-electronics-dvp12se-plc-1543"},{"num":248,"source_id":"cisa","external_id":"/node/25096","title":"Schneider Electric EasyLogic T150 and Saitel DP RTU","severity":"critical","cvss":null,"cves":["CVE-2026-9650","CVE-2026-9651"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-04","csirts_url":"https://www.csirts.com/advisory/schneider-electric-easylogic-t150-and-248"},{"num":266,"source_id":"cisa","external_id":"/node/25097","title":"XZ Utils vulnerability impacting B&R Products","severity":"critical","cvss":null,"cves":["CVE-2025-31115"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-181-05","csirts_url":"https://www.csirts.com/advisory/xz-utils-vulnerability-impacting-b-r-266"},{"num":1013,"source_id":"ncsc-nl","external_id":"NCSC-2026-0215 [1.00]","title":"NCSC-2026-0215 [1.00] [M/H] Vulnerabilities fixed in Apple iOS and iPadOS","severity":"unknown","cvss":null,"cves":["CVE-2026-28979","CVE-2026-39868","CVE-2026-39872","CVE-2026-43663","CVE-2026-43676","CVE-2026-43699","CVE-2026-43700","CVE-2026-43701","CVE-2026-43703","CVE-2026-43704","CVE-2026-43705","CVE-2026-43706","CVE-2026-43707","CVE-2026-43708","CVE-2026-43709","CVE-2026-43712","CVE-2026-43713","CVE-2026-43715","CVE-2026-43716","CVE-2026-43717","CVE-2026-43718","CVE-2026-43720","CVE-2026-43721","CVE-2026-43722","CVE-2026-43724","CVE-2026-43725","CVE-2026-43726","CVE-2026-43727","CVE-2026-43731","CVE-2026-43732","CVE-2026-43734","CVE-2026-43735","CVE-2026-43740","CVE-2026-43742","CVE-2026-43743","CVE-2026-43745","CVE-2026-43746"],"exploited":false,"has_exploit":true,"published_at":"2026-06-30T11:48:34+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0215","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0215-1-00-m-h-vulnerabilities-1013"},{"num":763,"source_id":"ncsc-nl","external_id":"NCSC-2026-0214 [1.00]","title":"NCSC-2026-0214 [1.00] [M/H] Vulnerabilities fixed in Apple MacOS","severity":"unknown","cvss":null,"cves":["CVE-2026-28979","CVE-2026-39868","CVE-2026-39872","CVE-2026-43663","CVE-2026-43676","CVE-2026-43699","CVE-2026-43700","CVE-2026-43701","CVE-2026-43703","CVE-2026-43704","CVE-2026-43705","CVE-2026-43706","CVE-2026-43707","CVE-2026-43708","CVE-2026-43709","CVE-2026-43712","CVE-2026-43713","CVE-2026-43715","CVE-2026-43716","CVE-2026-43717","CVE-2026-43718","CVE-2026-43720","CVE-2026-43721","CVE-2026-43722","CVE-2026-43724","CVE-2026-43725","CVE-2026-43726","CVE-2026-43727","CVE-2026-43731","CVE-2026-43732","CVE-2026-43734","CVE-2026-43735","CVE-2026-43740","CVE-2026-43742","CVE-2026-43743","CVE-2026-43745","CVE-2026-43746"],"exploited":false,"has_exploit":true,"published_at":"2026-06-30T11:47:30+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0214","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0214-1-00-m-h-vulnerabilities-763"},{"num":19638,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN69681784/","title":"RPG MAKER MV and MZ vulnerable to OS command injection","severity":"unknown","cvss":null,"cves":["CVE-2026-56137"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T05:00:00+00:00","link":"https://jvn.jp/en/jp/JVN69681784/","csirts_url":"https://www.csirts.com/advisory/rpg-maker-mv-and-mz-vulnerable-to-os-19638"},{"num":19664,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260630","title":"Debian Linux Kernel Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2025-22069","CVE-2025-68251","CVE-2025-68768","CVE-2025-71289","CVE-2026-23247","CVE-2026-23272","CVE-2026-23346","CVE-2026-23394","CVE-2026-23469","CVE-2026-31420","CVE-2026-31486","CVE-2026-31560","CVE-2026-31613","CVE-2026-31663","CVE-2026-31717","CVE-2026-43116","CVE-2026-43219","CVE-2026-43245","CVE-2026-43303","CVE-2026-43331","CVE-2026-45838","CVE-2026-45839","CVE-2026-45840","CVE-2026-45841","CVE-2026-45842","CVE-2026-45843","CVE-2026-45844","CVE-2026-45845","CVE-2026-45846","CVE-2026-45850","CVE-2026-45930","CVE-2026-46117","CVE-2026-46137","CVE-2026-46158","CVE-2026-46160","CVE-2026-46170","CVE-2026-46203","CVE-2026-46216","CVE-2026-46244","CVE-2026-46274","CVE-2026-46275","CVE-2026-46315","CVE-2026-46316","CVE-2026-46319","CVE-2026-46320","CVE-2026-46321","CVE-2026-46322","CVE-2026-46323","CVE-2026-46331","CVE-2026-52908","CVE-2026-52909","CVE-2026-52910","CVE-2026-52911"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T03:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260630","csirts_url":"https://www.csirts.com/advisory/debian-linux-kernel-multiple-19664"},{"num":19639,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN28979424/","title":"DGM3103SCT vulnerable to OS command injection","severity":"unknown","cvss":null,"cves":["CVE-2026-56808"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN28979424/","csirts_url":"https://www.csirts.com/advisory/dgm3103sct-vulnerable-to-os-command-19639"},{"num":170047,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00285.html","title":"DSA-6374-1 nginx - security update","severity":"high","cvss":null,"cves":["CVE-2026-42055","CVE-2026-48142"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00285.html","csirts_url":"https://www.csirts.com/advisory/dsa-6374-1-nginx-security-update-170047"},{"num":531,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0819/","title":"Multiple vulnerabilities in Synology MailPlus Server (June 30, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-13135","CVE-2025-15660","CVE-2026-13136"],"exploited":false,"has_exploit":false,"published_at":"2026-06-30T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0819/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-synology-531"},{"num":1840,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0818/","title":"Multiple vulnerabilities in Apple products (June 30, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-43746","CVE-2026-43718","CVE-2026-43735","CVE-2026-43740","CVE-2026-43727","CVE-2026-39868","CVE-2026-43705","CVE-2026-28979","CVE-2026-43707","CVE-2026-43717","CVE-2026-43734","CVE-2026-43722","CVE-2026-43703","CVE-2026-43712","CVE-2026-43732","CVE-2026-43742","CVE-2026-43745","CVE-2026-43706","CVE-2026-43716","CVE-2026-43701","CVE-2026-43708","CVE-2026-39872","CVE-2026-43721","CVE-2026-43704","CVE-2026-43709","CVE-2026-43720","CVE-2026-43676","CVE-2026-43699","CVE-2026-43725","CVE-2026-43731","CVE-2026-43726","CVE-2026-43743","CVE-2026-43663","CVE-2026-43715","CVE-2026-43713","CVE-2026-43700","CVE-2026-43724"],"exploited":false,"has_exploit":true,"published_at":"2026-06-30T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0818/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-apple-1840"},{"num":979,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0817/","title":"Multiple vulnerabilities in Apache Tomcat (June 30, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-55276","CVE-2026-50229","CVE-2026-55956","CVE-2026-55955","CVE-2026-53434","CVE-2026-53404"],"exploited":false,"has_exploit":true,"published_at":"2026-06-30T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0817/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-apache-tomcat-979"},{"num":170067,"source_id":"aws","external_id":"f4124d5ef763ac66641d7a85dd28007cd8759e86","title":"CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF","severity":"unknown","cvss":null,"cves":["CVE-2026-13762","CVE-2026-13763"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T20:07:32+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-048-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-13762-170067"},{"num":19593,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/apple-security-advisory-av26-641","title":"Apple security advisory (AV26-641)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T19:08:08+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/apple-security-advisory-av26-641","csirts_url":"https://www.csirts.com/advisory/apple-security-advisory-av26-641-19593"},{"num":19594,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/oracle-security-advisory-av26-526","title":"Oracle security advisory (AV26-526) – Update 1","severity":"critical","cvss":null,"cves":["CVE-2026-46817"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T17:32:51+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/oracle-security-advisory-av26-526","csirts_url":"https://www.csirts.com/advisory/oracle-security-advisory-av26-526-update-1-19594"},{"num":19595,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-640","title":"Microsoft Edge security advisory (AV26-640)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T17:26:07+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-640","csirts_url":"https://www.csirts.com/advisory/microsoft-edge-security-advisory-av26-640-19595"},{"num":19596,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-639","title":"IBM security advisory (AV26-639)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T17:18:19+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-639","csirts_url":"https://www.csirts.com/advisory/ibm-security-advisory-av26-639-19596"},{"num":19597,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/dell-security-advisory-av26-638","title":"Dell security advisory (AV26-638)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T17:12:47+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/dell-security-advisory-av26-638","csirts_url":"https://www.csirts.com/advisory/dell-security-advisory-av26-638-19597"},{"num":19598,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-637","title":"[Control systems] CISA ICS security advisories (AV26-637)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T13:44:45+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-637","csirts_url":"https://www.csirts.com/advisory/control-systems-cisa-ics-security-19598"},{"num":19599,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/red-hat-security-advisory-av26-636","title":"Red Hat security advisory (AV26-636)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T13:34:52+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/red-hat-security-advisory-av26-636","csirts_url":"https://www.csirts.com/advisory/red-hat-security-advisory-av26-636-19599"},{"num":19600,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av26-635","title":"Ubuntu security advisory (AV26-635)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T13:30:52+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av26-635","csirts_url":"https://www.csirts.com/advisory/ubuntu-security-advisory-av26-635-19600"},{"num":275,"source_id":"cisa","external_id":"/node/25087","title":"CISA Adds One Known Exploited Vulnerability to Catalog","severity":"high","cvss":null,"cves":["CVE-2026-48558"],"exploited":true,"has_exploit":true,"published_at":"2026-06-29T12:00:00+00:00","link":"https://www.cisa.gov/news-events/alerts/2026/06/29/cisa-adds-one-known-exploited-vulnerability-catalog","csirts_url":"https://www.csirts.com/advisory/cisa-adds-one-known-exploited-275"},{"num":1991,"source_id":"ncsc-nl","external_id":"NCSC-2026-0213 [1.00]","title":"NCSC-2026-0213 [1.00] [M/H] Vulnerabilities fixed in MISP platform","severity":"unknown","cvss":null,"cves":["CVE-2026-56422","CVE-2026-56423","CVE-2026-56424","CVE-2026-56425","CVE-2026-56446","CVE-2026-56447"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T08:08:17+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0213","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0213-1-00-m-h-vulnerabilities-1991"},{"num":767,"source_id":"ncsc-nl","external_id":"NCSC-2026-0212 [1.00]","title":"NCSC-2026-0212 [1.00] [M/H] Vulnerabilities fixed in n8n workflow automation platform","severity":"unknown","cvss":null,"cves":["CVE-2026-54301","CVE-2026-54302","CVE-2026-54304","CVE-2026-54305","CVE-2026-54306","CVE-2026-54307","CVE-2026-54308","CVE-2026-54309","CVE-2026-54310","CVE-2026-54311","CVE-2026-54312","CVE-2026-54313","CVE-2026-54314","CVE-2026-54303"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T08:02:42+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0212","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0212-1-00-m-h-vulnerabilities-767"},{"num":19640,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN36011274/","title":"Multiple vulnerabilities in Fluentd","severity":"unknown","cvss":null,"cves":["CVE-2026-44024","CVE-2026-44025","CVE-2026-44160","CVE-2026-44161","CVE-2026-44162","CVE-2026-44163"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN36011274/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-fluentd-19640"},{"num":19665,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/microsoft-edge-remote-code-execution-vulnerability_20260629","title":"Microsoft Edge Remote Code Execution Vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2026-50521"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/microsoft-edge-remote-code-execution-vulnerability_20260629","csirts_url":"https://www.csirts.com/advisory/microsoft-edge-remote-code-execution-19665"},{"num":1846,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0816/","title":"Multiple vulnerabilities in Stormshield Management Center (June 29, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-6637","CVE-2026-6473","CVE-2026-6638","CVE-2026-6475","CVE-2026-6477"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0816/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-stormshield-1846"},{"num":1845,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0815/","title":"Multiple vulnerabilities in KeyCloak (June 29, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-9086","CVE-2026-9099","CVE-2026-9800","CVE-2026-9795","CVE-2026-9705","CVE-2026-9799","CVE-2026-9083","CVE-2026-11800"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0815/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-keycloak-june-1845"},{"num":2580,"source_id":"cisa-kev","external_id":"CVE-2026-48558","title":"CVE-2026-48558: SimpleHelp Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-48558"],"exploited":true,"has_exploit":true,"published_at":"2026-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48558","csirts_url":"https://www.csirts.com/advisory/cve-2026-48558-2580"},{"num":529,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0813/","title":"Multiple vulnerabilities in Mattermost Server (June 29, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0813/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-mattermost-529"},{"num":1916,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0811/","title":"Multiple vulnerabilities in Microsoft Edge (June 29, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-50521","CVE-2026-13034","CVE-2026-12442","CVE-2026-13027","CVE-2026-13024","CVE-2026-13025","CVE-2026-13023","CVE-2026-12469","CVE-2026-12028","CVE-2026-13022","CVE-2026-13021","CVE-2026-13033","CVE-2026-12032","CVE-2026-11647","CVE-2026-13031","CVE-2026-13029","CVE-2026-13038","CVE-2026-12438","CVE-2026-13026","CVE-2026-12448","CVE-2026-13036","CVE-2026-13035","CVE-2026-12030"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0811/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-1916"},{"num":1836,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0812/","title":"Multiple vulnerabilities in Microsoft Azure Linux (June 29, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-9697","CVE-2026-53230","CVE-2026-52934","CVE-2026-53214","CVE-2026-53274","CVE-2026-52947","CVE-2026-53218","CVE-2026-53143","CVE-2026-53161","CVE-2026-52924","CVE-2026-53227","CVE-2026-53239","CVE-2026-53181","CVE-2026-52943","CVE-2026-52915","CVE-2026-53146","CVE-2026-52913","CVE-2026-52941","CVE-2026-53150","CVE-2026-53147","CVE-2026-52942","CVE-2026-53183","CVE-2026-52931","CVE-2026-52919","CVE-2026-53266","CVE-2026-53149","CVE-2026-53176","CVE-2026-53158","CVE-2026-53219","CVE-2026-53249","CVE-2026-53217","CVE-2026-52916","CVE-2026-53236","CVE-2026-53225","CVE-2026-52922","CVE-2026-53209","CVE-2026-53135","CVE-2026-52927","CVE-2026-53237","CVE-2026-53186","CVE-2026-53182","CVE-2026-53177","CVE-2026-53255","CVE-2026-53207","CVE-2026-53160","CVE-2026-53245","CVE-2026-53148","CVE-2026-53133","CVE-2026-53263","CVE-2026-53228","CVE-2026-53194","CVE-2026-53242","CVE-2026-53199","CVE-2026-53247","CVE-2026-53268","CVE-2026-53159","CVE-2026-9675","CVE-2026-53080","CVE-2026-53267","CVE-2026-52912"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0812/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-1836"},{"num":530,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0814/","title":"Vulnerability in HAProxy (June 29, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-55204"],"exploited":false,"has_exploit":false,"published_at":"2026-06-29T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0814/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-haproxy-june-29-2026-530"},{"num":170049,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00283.html","title":"DSA-6372-1 tor - security update","severity":"low","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-28T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00283.html","csirts_url":"https://www.csirts.com/advisory/dsa-6372-1-tor-security-update-170049"},{"num":170048,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00284.html","title":"DSA-6373-1 lxd - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-9639","CVE-2026-9640","CVE-2026-48749","CVE-2026-48750","CVE-2026-48751","CVE-2026-48752","CVE-2026-48755","CVE-2026-48769","CVE-2026-55621","CVE-2026-55622"],"exploited":false,"has_exploit":false,"published_at":"2026-06-28T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00284.html","csirts_url":"https://www.csirts.com/advisory/dsa-6373-1-lxd-security-update-170048"},{"num":19601,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-634","title":"Google Chrome security advisory (AV26-634)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T12:47:53+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-634","csirts_url":"https://www.csirts.com/advisory/google-chrome-security-advisory-av26-634-19601"},{"num":298,"source_id":"cisa","external_id":"/node/25061","title":"Russian Intelligence Services Continue to Target Commercial Messaging Applications","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T12:00:00+00:00","link":"https://www.cisa.gov/resources-tools/resources/russian-intelligence-services-continue-target-commercial-messaging-applications","csirts_url":"https://www.csirts.com/advisory/russian-intelligence-services-continue-to-298"},{"num":19641,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN35146924/","title":"ExpressUpdate Agent for Windows improper access restriction on its named pipe","severity":"unknown","cvss":null,"cves":["CVE-2026-8797"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T05:00:00+00:00","link":"https://jvn.jp/en/jp/JVN35146924/","csirts_url":"https://www.csirts.com/advisory/expressupdate-agent-for-windows-improper-19641"},{"num":19666,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260626","title":"Google Chrome Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-13281","CVE-2026-13282","CVE-2026-13283"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260626","csirts_url":"https://www.csirts.com/advisory/google-chrome-multiple-vulnerabilities-19666"},{"num":233,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0806/","title":"Multiple vulnerabilities in the Ubuntu Linux kernel (June 26, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-43078","CVE-2026-47329","CVE-2026-47330","CVE-2026-43284","CVE-2026-31431","CVE-2026-43033","CVE-2026-43503","CVE-2026-43500","CVE-2026-47328","CVE-2026-31533","CVE-2026-46323","CVE-2026-47332","CVE-2026-46000","CVE-2026-47334","CVE-2026-43077","CVE-2026-46300","CVE-2026-45998","CVE-2026-31504","CVE-2026-47327","CVE-2026-47326","CVE-2026-31419","CVE-2026-47337","CVE-2026-46333","CVE-2026-47333","CVE-2026-46028","CVE-2026-43494"],"exploited":false,"has_exploit":true,"published_at":"2026-06-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0806/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-the-ubuntu-233"},{"num":1834,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0805/","title":"Multiple vulnerabilities in Asterisk (June 26, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-57200","CVE-2026-57184","CVE-2026-57202","CVE-2026-57187","CVE-2026-57186","CVE-2026-57194"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0805/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-asterisk-june-1834"},{"num":886,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0803/","title":"Multiple vulnerabilities in Google Chrome (June 26, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-13282","CVE-2026-13281","CVE-2026-13283"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0803/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-google-chrome-886"},{"num":170050,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00282.html","title":"DSA-6370-1 incus - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-50256","CVE-2026-50257","CVE-2026-50258","CVE-2026-50259","CVE-2026-50260","CVE-2026-50261","CVE-2026-50262","CVE-2026-50263","CVE-2026-50264"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00282.html","csirts_url":"https://www.csirts.com/advisory/dsa-6370-1-incus-security-update-170050"},{"num":1816,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0804/","title":"Multiple vulnerabilities in Tenable Nessus (June 26, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-57588","CVE-2026-57587"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0804/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-tenable-1816"},{"num":236,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0809/","title":"Multiple vulnerabilities in the Debian Linux kernel (June 26, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-45842","CVE-2026-45845","CVE-2025-22069","CVE-2026-46319","CVE-2026-31486","CVE-2026-23346","CVE-2026-23247","CVE-2026-46170","CVE-2026-46117","CVE-2025-71289","CVE-2026-31613","CVE-2026-43331","CVE-2026-46158","CVE-2026-46320","CVE-2026-46137","CVE-2026-45841","CVE-2026-46331","CVE-2026-23469","CVE-2026-31420","CVE-2026-46203","CVE-2026-31663","CVE-2026-45846","CVE-2026-46323","CVE-2025-68768","CVE-2026-46315","CVE-2025-68251","CVE-2026-46321","CVE-2026-52908","CVE-2026-45840","CVE-2026-45844","CVE-2026-52910","CVE-2026-45930","CVE-2026-46274","CVE-2026-46244","CVE-2026-31717","CVE-2026-52911","CVE-2026-45843","CVE-2026-46316","CVE-2026-46160","CVE-2026-43303","CVE-2026-43245","CVE-2026-52909","CVE-2026-23394","CVE-2026-45838","CVE-2026-23272","CVE-2026-31560","CVE-2026-46216","CVE-2026-46275","CVE-2026-45850","CVE-2026-43116","CVE-2026-46322","CVE-2026-45839","CVE-2026-43219"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0809/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-the-debian-236"},{"num":528,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0810/","title":"Multiple vulnerabilities in IBM products (June 26, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-5588","CVE-2025-36353","CVE-2025-66199","CVE-2026-33871","CVE-2025-2534","CVE-2026-11383","CVE-2026-42041","CVE-2025-13867","CVE-2026-42402","CVE-2025-2668","CVE-2025-36427","CVE-2025-15469","CVE-2025-36131","CVE-2025-12084","CVE-2024-47118","CVE-2025-36098","CVE-2025-69419","CVE-2026-33814","CVE-2025-36184","CVE-2026-1605","CVE-2026-22013","CVE-2026-22018","CVE-2026-42580","CVE-2025-36247","CVE-2025-36009","CVE-2025-7962","CVE-2025-15467","CVE-2026-33870","CVE-2025-36070","CVE-2026-0994","CVE-2025-36428","CVE-2025-41248","CVE-2026-42585","CVE-2026-11541","CVE-2026-34282","CVE-2026-11707","CVE-2025-36387","CVE-2026-42036","CVE-2026-39821","CVE-2025-58057","CVE-2026-11594","CVE-2026-42403","CVE-2026-22795","CVE-2026-10109","CVE-2026-27136","CVE-2023-47038","CVE-2025-62718","CVE-2025-36136","CVE-2026-42584","CVE-2025-36008","CVE-2026-23865","CVE-2026-5598","CVE-2026-42033","CVE-2026-42035","CVE-2026-11536","CVE-2025-69421","CVE-2026-34478","CVE-2026-42043","CVE-2025-11143","CVE-2025-36006"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0810/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-ibm-products-528"},{"num":235,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0808/","title":"Multiple vulnerabilities in the Red Hat Linux kernel (June 26, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-43198","CVE-2026-43414","CVE-2026-4878","CVE-2026-31641","CVE-2026-31787","CVE-2026-46117","CVE-2026-43284","CVE-2026-46173","CVE-2026-43279","CVE-2026-46331","CVE-2026-31786","CVE-2026-31772","CVE-2026-43260","CVE-2026-31669","CVE-2026-46090","CVE-2026-39979","CVE-2026-35385","CVE-2026-40164","CVE-2026-45984","CVE-2026-46145","CVE-2026-46125","CVE-2026-46152","CVE-2026-46135","CVE-2026-43056","CVE-2026-46054","CVE-2026-31636","CVE-2026-43330","CVE-2026-31419","CVE-2026-31488","CVE-2026-46056","CVE-2026-41035","CVE-2026-45898","CVE-2026-43037","CVE-2026-31474","CVE-2026-46166","CVE-2026-43038"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0808/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-the-red-hat-235"},{"num":234,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0807/","title":"Multiple vulnerabilities in the SUSE Linux kernel (June 26, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-43198","CVE-2026-45842","CVE-2025-68324","CVE-2026-43366","CVE-2026-43068","CVE-2026-43414","CVE-2026-31493","CVE-2026-43413","CVE-2026-31402","CVE-2026-45852","CVE-2026-43483","CVE-2026-31758","CVE-2026-45856","CVE-2026-43470","CVE-2026-46227","CVE-2026-43455","CVE-2026-23438","CVE-2026-45910","CVE-2026-31405","CVE-2026-43054","CVE-2026-31698","CVE-2026-31473","CVE-2026-31448","CVE-2026-23303","CVE-2026-31396","CVE-2026-31613","CVE-2026-46114","CVE-2026-43411","CVE-2026-43284","CVE-2026-43362","CVE-2026-43052","CVE-2026-31655","CVE-2026-31614","CVE-2026-46113","CVE-2026-3150","CVE-2026-46159","CVE-2026-31546","CVE-2026-46209","CVE-2026-31516","CVE-2026-43023","CVE-2026-43503","CVE-2026-46024","CVE-2026-43009","CVE-2026-31591","CVE-2026-46037","CVE-2026-46116","CVE-2026-46083","CVE-2026-43030","CVE-2026-43074","CVE-2026-31703","CVE-2026-46176","CVE-2026-45846","CVE-2026-43499","CVE-2026-43150","CVE-2026-31697","CVE-2026-23359","CVE-2026-46323","CVE-2026-46181","CVE-2026-46043","CVE-2026-46120"],"exploited":false,"has_exploit":false,"published_at":"2026-06-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0807/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-the-suse-234"},{"num":19602,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-547","title":"Cisco security advisory (AV26-547) – Update 1","severity":"critical","cvss":null,"cves":["CVE-2026-20230"],"exploited":true,"has_exploit":true,"published_at":"2026-06-25T19:37:20+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-547","csirts_url":"https://www.csirts.com/advisory/cisco-security-advisory-av26-547-update-1-19602"},{"num":19603,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-633","title":"HPE security advisory (AV26-633)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T15:31:48+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-633","csirts_url":"https://www.csirts.com/advisory/hpe-security-advisory-av26-633-19603"},{"num":1023,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89","title":"Cisco Finesse Remote File Inclusion Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20175"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T14:31:09+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Finesse%20Remote%20File%20Inclusion%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-finesse-remote-file-inclusion-1023"},{"num":567,"source_id":"cisa","external_id":"/node/25075","title":"Daktronics Controller Firmware","severity":"critical","cvss":null,"cves":["CVE-2026-28701","CVE-2026-33560","CVE-2026-31928"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-04","csirts_url":"https://www.csirts.com/advisory/daktronics-controller-firmware-567"},{"num":382,"source_id":"cisa","external_id":"/node/25074","title":"Horner Automation Cscape","severity":"critical","cvss":null,"cves":["CVE-2026-12897"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-03","csirts_url":"https://www.csirts.com/advisory/horner-automation-cscape-382"},{"num":408,"source_id":"cisa","external_id":"/node/25076","title":"H.VIEW HV-500S6 IP Camera","severity":"critical","cvss":null,"cves":["CVE-2026-55975","CVE-2026-56414"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-05","csirts_url":"https://www.csirts.com/advisory/h-view-hv-500s6-ip-camera-408"},{"num":299,"source_id":"cisa","external_id":"/node/25077","title":"Delta Electronics DTM Soft","severity":"critical","cvss":null,"cves":["CVE-2026-12578"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-06","csirts_url":"https://www.csirts.com/advisory/delta-electronics-dtm-soft-299"},{"num":847,"source_id":"cisa","external_id":"/node/25083","title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","severity":"high","cvss":null,"cves":["CVE-2026-12569","CVE-2026-20230"],"exploited":true,"has_exploit":true,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/alerts/2026/06/25/cisa-adds-two-known-exploited-vulnerabilities-catalog","csirts_url":"https://www.csirts.com/advisory/cisa-adds-two-known-exploited-847"},{"num":1017,"source_id":"cisa","external_id":"/node/25073","title":"EVoke Systems Charging Station Management System","severity":"critical","cvss":null,"cves":["CVE-2026-40702","CVE-2026-50176","CVE-2026-54479","CVE-2026-44622"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-02","csirts_url":"https://www.csirts.com/advisory/evoke-systems-charging-station-management-1017"},{"num":350,"source_id":"cisa","external_id":"/node/25079","title":"pydicom pynetdicom Library","severity":"critical","cvss":null,"cves":["CVE-2026-56445"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-176-01","csirts_url":"https://www.csirts.com/advisory/pydicom-pynetdicom-library-350"},{"num":303,"source_id":"cisa","external_id":"/node/25080","title":"OHIF Viewers DICOM","severity":"critical","cvss":null,"cves":["CVE-2026-12473"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-medical-advisories/icsma-26-176-02","csirts_url":"https://www.csirts.com/advisory/ohif-viewers-dicom-303"},{"num":920,"source_id":"cisa","external_id":"/node/25078","title":"Schneider Electric PowerLogic P7","severity":"critical","cvss":null,"cves":["CVE-2026-9716","CVE-2026-9717","CVE-2026-9718"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-07","csirts_url":"https://www.csirts.com/advisory/schneider-electric-powerlogic-p7-920"},{"num":875,"source_id":"cisa","external_id":"/node/25072","title":"Yokogawa FAST/TOOLS and CI Server","severity":"critical","cvss":null,"cves":["CVE-2026-11833"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-176-01","csirts_url":"https://www.csirts.com/advisory/yokogawa-fast-tools-and-ci-server-875"},{"num":19604,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-632","title":"HPE security advisory (AV26-632)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T11:47:51+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/hpe-security-advisory-av26-632","csirts_url":"https://www.csirts.com/advisory/hpe-security-advisory-av26-632-19604"},{"num":19605,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-631","title":"Drupal security advisory (AV26-631)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T11:46:41+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-631","csirts_url":"https://www.csirts.com/advisory/drupal-security-advisory-av26-631-19605"},{"num":832,"source_id":"ncsc-nl","external_id":"NCSC-2026-0211 [1.00]","title":"NCSC-2026-0211 [1.00] [M/H] Vulnerabilities fixed in GitLab Community Edition and Enterprise Edition","severity":"unknown","cvss":null,"cves":["CVE-2026-5796","CVE-2026-5952","CVE-2026-11379","CVE-2026-10712","CVE-2026-0934","CVE-2026-1606","CVE-2026-3176","CVE-2026-10086","CVE-2026-12053","CVE-2026-8330","CVE-2026-2238","CVE-2026-12635","CVE-2026-5309"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T11:26:42+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0211","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0211-1-00-m-h-vulnerabilities-832"},{"num":19642,"source_id":"jvn","external_id":"https://jvn.jp/en/vu/JVNVU91051826/","title":"Generic IO & Memory Access driver for TOSHIBA and Dynabook PCs exposes its IOCTL with insufficient access control","severity":"unknown","cvss":null,"cves":["CVE-2026-56129"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T06:00:00+00:00","link":"https://jvn.jp/en/vu/JVNVU91051826/","csirts_url":"https://www.csirts.com/advisory/generic-io-memory-access-driver-for-19642"},{"num":19668,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260625","title":"Google Chrome Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-13021","CVE-2026-13022","CVE-2026-13023","CVE-2026-13024","CVE-2026-13025","CVE-2026-13026","CVE-2026-13027","CVE-2026-13028","CVE-2026-13029","CVE-2026-13030","CVE-2026-13031","CVE-2026-13032","CVE-2026-13033","CVE-2026-13034","CVE-2026-13035","CVE-2026-13036","CVE-2026-13037","CVE-2026-13038"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities_20260625","csirts_url":"https://www.csirts.com/advisory/google-chrome-multiple-vulnerabilities-19668"},{"num":19667,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities_20260625","title":"GitLab Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-0934","CVE-2026-1606","CVE-2026-2238","CVE-2026-3176","CVE-2026-5309","CVE-2026-5796","CVE-2026-5952","CVE-2026-8330","CVE-2026-10086","CVE-2026-10712","CVE-2026-11379","CVE-2026-12053","CVE-2026-12635"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities_20260625","csirts_url":"https://www.csirts.com/advisory/gitlab-multiple-vulnerabilities-19667"},{"num":1800,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0801/","title":"Multiple vulnerabilities in Google Chrome (June 25, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-13034","CVE-2026-13027","CVE-2026-13024","CVE-2026-13025","CVE-2026-13037","CVE-2026-13023","CVE-2026-13022","CVE-2026-13030","CVE-2026-13032","CVE-2026-13021","CVE-2026-13033","CVE-2026-13031","CVE-2026-13028","CVE-2026-13029","CVE-2026-13038","CVE-2026-13026","CVE-2026-13036","CVE-2026-13035"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0801/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-google-chrome-1800"},{"num":1135,"source_id":"cisa-kev","external_id":"CVE-2026-20230","title":"CVE-2026-20230: Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20230"],"exploited":true,"has_exploit":true,"published_at":"2026-06-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20230","csirts_url":"https://www.csirts.com/advisory/cve-2026-20230-1135"},{"num":381,"source_id":"cisa-kev","external_id":"CVE-2026-12569","title":"CVE-2026-12569: PTC Windchill and FlexPLM Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-12569"],"exploited":true,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-12569","csirts_url":"https://www.csirts.com/advisory/cve-2026-12569-381"},{"num":170054,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00277.html","title":"DSA-6366-1 sogo - security update","severity":"unknown","cvss":null,"cves":["CVE-2025-71276","CVE-2026-3054","CVE-2026-8496","CVE-2026-8851","CVE-2026-33550","CVE-2026-46445","CVE-2026-46446"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00277.html","csirts_url":"https://www.csirts.com/advisory/dsa-6366-1-sogo-security-update-170054"},{"num":170053,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00278.html","title":"DSA-6367-1 dnsdist - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-40011","CVE-2026-40208","CVE-2026-40209","CVE-2026-40210","CVE-2026-40211","CVE-2026-42004","CVE-2026-42005"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00278.html","csirts_url":"https://www.csirts.com/advisory/dsa-6367-1-dnsdist-security-update-170053"},{"num":170051,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00280.html","title":"DSA-6369-1 pdns-recursor - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-33612","CVE-2026-40012","CVE-2026-42005","CVE-2026-42387","CVE-2026-42388","CVE-2026-42390","CVE-2026-52690"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00280.html","csirts_url":"https://www.csirts.com/advisory/dsa-6369-1-pdns-recursor-security-update-170051"},{"num":170056,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00275.html","title":"DSA-6364-1 chromium - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-13021","CVE-2026-13022","CVE-2026-13023","CVE-2026-13024","CVE-2026-13025","CVE-2026-13026","CVE-2026-13027","CVE-2026-13028","CVE-2026-13029","CVE-2026-13030","CVE-2026-13031","CVE-2026-13032","CVE-2026-13033","CVE-2026-13034","CVE-2026-13035","CVE-2026-13036","CVE-2026-13037","CVE-2026-13038"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00275.html","csirts_url":"https://www.csirts.com/advisory/dsa-6364-1-chromium-security-update-170056"},{"num":170055,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00276.html","title":"DSA-6365-1 libssh2 - security update","severity":"unknown","cvss":null,"cves":["CVE-2025-15661","CVE-2026-7598","CVE-2026-55199","CVE-2026-55200"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00276.html","csirts_url":"https://www.csirts.com/advisory/dsa-6365-1-libssh2-security-update-170055"},{"num":170052,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00279.html","title":"DSA-6368-1 pdns - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-42005"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00279.html","csirts_url":"https://www.csirts.com/advisory/dsa-6368-1-pdns-security-update-170052"},{"num":986,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0799/","title":"Multiple vulnerabilities in GitLab (June 25, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-0934","CVE-2026-11379","CVE-2026-5952","CVE-2026-5796","CVE-2026-10712","CVE-2026-5309","CVE-2026-1606","CVE-2026-10086","CVE-2026-3176","CVE-2026-2238","CVE-2026-12053","CVE-2026-8330","CVE-2026-12635"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0799/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-gitlab-june-986"},{"num":1815,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0802/","title":"Multiple vulnerabilities in Microsoft Azure Linux (June 25, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-46323","CVE-2026-46275"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0802/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-1815"},{"num":987,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0800/","title":"Multiple vulnerabilities in CPython (June 25, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-11940","CVE-2026-0864","CVE-2026-11972"],"exploited":false,"has_exploit":false,"published_at":"2026-06-25T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0800/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-cpython-june-987"},{"num":19606,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/gitlab-security-advisory-av26-630","title":"GitLab security advisory (AV26-630)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T18:33:22+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/gitlab-security-advisory-av26-630","csirts_url":"https://www.csirts.com/advisory/gitlab-security-advisory-av26-630-19606"},{"num":19607,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/jenkins-security-advisory-av26-629","title":"Jenkins security advisory (AV26-629)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T18:26:27+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/jenkins-security-advisory-av26-629","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-av26-629-19607"},{"num":19608,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/n8n-security-advisory-av26-628","title":"n8n security advisory (AV26-628)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T18:16:01+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/n8n-security-advisory-av26-628","csirts_url":"https://www.csirts.com/advisory/n8n-security-advisory-av26-628-19608"},{"num":19609,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/tenable-security-advisory-av26-627","title":"Tenable security advisory (AV26-627)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T13:23:35+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/tenable-security-advisory-av26-627","csirts_url":"https://www.csirts.com/advisory/tenable-security-advisory-av26-627-19609"},{"num":19610,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-626","title":"Google Chrome security advisory (AV26-626)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T13:16:58+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/google-chrome-security-advisory-av26-626","csirts_url":"https://www.csirts.com/advisory/google-chrome-security-advisory-av26-626-19610"},{"num":87021,"source_id":"jenkins","external_id":"jenkins-advisory-2026-06-24","title":"Jenkins Security Advisory 2026-06-24","severity":"unknown","cvss":null,"cves":["CVE-2026-57280","CVE-2026-57281","CVE-2026-57282","CVE-2026-57283","CVE-2026-57284","CVE-2026-57285","CVE-2026-57286","CVE-2026-57287","CVE-2026-57288","CVE-2026-57300","CVE-2026-57289","CVE-2026-57290","CVE-2026-57291","CVE-2026-57292","CVE-2026-57293","CVE-2026-57294","CVE-2026-57295","CVE-2026-57296","CVE-2026-57297","CVE-2026-57298","CVE-2026-57299","CVE-2026-57301","CVE-2026-57302","CVE-2026-57303","CVE-2026-57304","CVE-2026-57305","CVE-2026-57306","CVE-2026-57307"],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2026-06-24/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2026-06-24-87021"},{"num":409,"source_id":"cisa","external_id":"/node/25029","title":"Using SASE in a Modern TIC 3.0 Solution","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T12:00:00+00:00","link":"https://www.cisa.gov/resources-tools/resources/using-sase-modern-tic-30-solution","csirts_url":"https://www.csirts.com/advisory/using-sase-in-a-modern-tic-3-0-solution-409"},{"num":859,"source_id":"ncsc-nl","external_id":"NCSC-2026-0210 [1.01]","title":"NCSC-2026-0210 [1.01] [M/H] Vulnerabilities fixed in libssh2 by libssh","severity":"unknown","cvss":null,"cves":["CVE-2026-55199","CVE-2026-55200"],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T09:01:34+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0210","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0210-1-01-m-h-vulnerabilities-859"},{"num":19670,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/qnap-nas-multiple-vulnerabilities_20260624","title":"QNAP NAS Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2025-59382","CVE-2025-62858","CVE-2025-66273","CVE-2025-66279","CVE-2025-66280","CVE-2025-66281","CVE-2025-68405","CVE-2026-22893","CVE-2026-22899","CVE-2026-24720","CVE-2026-24724","CVE-2026-26239","CVE-2026-26240","CVE-2026-26241"],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/qnap-nas-multiple-vulnerabilities_20260624","csirts_url":"https://www.csirts.com/advisory/qnap-nas-multiple-vulnerabilities-19670"},{"num":19669,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/ibm-websphere-products-multiple-vulnerabilities_20260624","title":"IBM WebSphere Products Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-11383","CVE-2026-11536","CVE-2026-11541","CVE-2026-11594","CVE-2026-11707"],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/ibm-websphere-products-multiple-vulnerabilities_20260624","csirts_url":"https://www.csirts.com/advisory/ibm-websphere-products-multiple-19669"},{"num":1924,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0796/","title":"Multiple vulnerabilities in Tenable Identity Exposure (June 24, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2025-66199","CVE-2026-42789","CVE-2026-21637","CVE-2026-34180","CVE-2025-55248","CVE-2026-35188","CVE-2026-42766","CVE-2026-9076","CVE-2025-15469","CVE-2026-1965","CVE-2026-34181","CVE-2026-42790","CVE-2026-42770","CVE-2025-69419","CVE-2026-3783","CVE-2026-6429","CVE-2026-32167","CVE-2026-32175","CVE-2026-28386","CVE-2026-45445","CVE-2026-45591","CVE-2025-15467","CVE-2025-55130","CVE-2025-55131","CVE-2025-59465","CVE-2026-7383","CVE-2026-21715","CVE-2026-42771","CVE-2026-35433","CVE-2026-22795","CVE-2026-26130","CVE-2026-33120","CVE-2026-28389","CVE-2026-42765","CVE-2026-21717","CVE-2025-69421","CVE-2026-42769","CVE-2026-6253","CVE-2026-7009","CVE-2026-21716","CVE-2026-22796","CVE-2026-42899","CVE-2026-21262","CVE-2026-26171","CVE-2026-32203","CVE-2025-55132","CVE-2026-45447","CVE-2025-55247","CVE-2025-14017","CVE-2026-3805","CVE-2026-28387","CVE-2026-28388","CVE-2026-32177","CVE-2026-21714","CVE-2026-45446","CVE-2026-40370","CVE-2026-13007","CVE-2025-68160","CVE-2026-34183","CVE-2025-13034"],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0796/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-tenable-1924"},{"num":984,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0797/","title":"Multiple vulnerabilities in cURL and libcurl (June 24, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-8926","CVE-2026-11352","CVE-2026-8458","CVE-2026-9546","CVE-2022-27782","CVE-2026-10536","CVE-2026-8932","CVE-2026-11856","CVE-2026-11586","CVE-2026-12064","CVE-2026-8924","CVE-2026-9079","CVE-2026-9080","CVE-2026-9545","CVE-2026-8925","CVE-2026-8927","CVE-2026-11564","CVE-2026-9547","CVE-2026-7168","CVE-2026-8286","CVE-2026-5545"],"exploited":false,"has_exploit":true,"published_at":"2026-06-24T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0797/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-curl-and-984"},{"num":86925,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/","title":"GitLab Patch Release: 19.1.1, 19.0.3, 18.11.6","severity":"critical","cvss":null,"cves":["CVE-2026-10086","CVE-2026-10712","CVE-2026-12053","CVE-2026-5309","CVE-2026-2238","CVE-2026-11379","CVE-2026-8330","CVE-2026-1606","CVE-2026-5952","CVE-2026-5796","CVE-2026-0934","CVE-2026-3176","CVE-2026-12635"],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-19-1-1-19-0-3-18-11-6-86925"},{"num":985,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0798/","title":"Multiple vulnerabilities in Microsoft Azure Linux (June 24, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-53689","CVE-2026-43973"],"exploited":false,"has_exploit":false,"published_at":"2026-06-24T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0798/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-985"},{"num":19611,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-241","title":"[Control systems] CISA ICS security advisories (AV26–241) – Update 1","severity":"unknown","cvss":null,"cves":["CVE-2025-67038"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T20:23:46+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-241","csirts_url":"https://www.csirts.com/advisory/control-systems-cisa-ics-security-19611"},{"num":19612,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/ubiquiti-security-advisory-av26-498","title":"Ubiquiti security advisory (AV26-498) – Update 1","severity":"critical","cvss":null,"cves":["CVE-2026-34908","CVE-2026-34909","CVE-2026-34910"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T20:14:02+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/ubiquiti-security-advisory-av26-498","csirts_url":"https://www.csirts.com/advisory/ubiquiti-security-advisory-av26-498-19612"},{"num":170072,"source_id":"aws","external_id":"d33a216474b1f059f63b09ec5274d2b7cec37b56","title":"CVE-2026-12957 and CVE-2026-12958 - Issues in Language Servers for AWS and Amazon Q Developer Plugins","severity":"unknown","cvss":null,"cves":["CVE-2026-12957","CVE-2026-12958"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T16:11:40+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-047-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-12957-170072"},{"num":19613,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-625","title":"Broadcom VMware security advisory (AV26-625)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T15:00:13+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-625","csirts_url":"https://www.csirts.com/advisory/broadcom-vmware-security-advisory-av26-625-19613"},{"num":1112,"source_id":"cisa","external_id":"/node/25064","title":"Siemens Products using OpenSSL","severity":"unknown","cvss":null,"cves":["CVE-2025-15467"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-03","csirts_url":"https://www.csirts.com/advisory/siemens-products-using-openssl-1112"},{"num":1103,"source_id":"cisa","external_id":"/node/25067","title":"Impact of Linux Kernel vulnerabilities on B&R products","severity":"critical","cvss":null,"cves":["CVE-2026-31431","CVE-2026-43284","CVE-2026-46333","CVE-2026-46300","CVE-2026-43494"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-06","csirts_url":"https://www.csirts.com/advisory/impact-of-linux-kernel-vulnerabilities-on-1103"},{"num":410,"source_id":"cisa","external_id":"/node/25060","title":"CISA Adds Four Known Exploited Vulnerabilities to Catalog","severity":"high","cvss":null,"cves":["CVE-2025-67038","CVE-2026-34908","CVE-2026-34909","CVE-2026-34910"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T12:00:00+00:00","link":"https://www.cisa.gov/news-events/alerts/2026/06/23/cisa-adds-four-known-exploited-vulnerabilities-catalog","csirts_url":"https://www.csirts.com/advisory/cisa-adds-four-known-exploited-410"},{"num":1111,"source_id":"cisa","external_id":"/node/25063","title":"Siemens SIPROTEC 5 Using DIGSI5 Protocol","severity":"unknown","cvss":null,"cves":["CVE-2025-40808"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-02","csirts_url":"https://www.csirts.com/advisory/siemens-siprotec-5-using-digsi5-protocol-1111"},{"num":1132,"source_id":"cisa","external_id":"/node/25066","title":"ABB Freelance Security Lock","severity":"critical","cvss":null,"cves":["CVE-2025-7064"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T12:00:00+00:00","link":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-174-05","csirts_url":"https://www.csirts.com/advisory/abb-freelance-security-lock-1132"},{"num":2022,"source_id":"ncsc-nl","external_id":"NCSC-2026-0209 [1.00]","title":"NCSC-2026-0209 [1.00] [M/H] Vulnerabilities fixed in MongoDB Server","severity":"unknown","cvss":null,"cves":["CVE-2026-9735","CVE-2026-9740","CVE-2026-9741","CVE-2026-9742","CVE-2026-9743","CVE-2026-9746","CVE-2026-9747","CVE-2026-9748","CVE-2026-9749","CVE-2026-9750","CVE-2026-9751","CVE-2026-9752","CVE-2026-9753","CVE-2026-9754"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T09:52:48+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0209","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0209-1-00-m-h-vulnerabilities-2022"},{"num":19671,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/drupal-multiple-vulnerabilities_20260623","title":"Drupal Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-55803","CVE-2026-55804","CVE-2026-55806","CVE-2026-55807","CVE-2026-55808"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T03:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/drupal-multiple-vulnerabilities_20260623","csirts_url":"https://www.csirts.com/advisory/drupal-multiple-vulnerabilities-19671"},{"num":2145,"source_id":"cisa-kev","external_id":"CVE-2026-34909","title":"CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-34909"],"exploited":true,"has_exploit":false,"published_at":"2026-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34909","csirts_url":"https://www.csirts.com/advisory/cve-2026-34909-2145"},{"num":2140,"source_id":"cisa-kev","external_id":"CVE-2025-67038","title":"CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-67038"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-67038","csirts_url":"https://www.csirts.com/advisory/cve-2025-67038-2140"},{"num":946,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0794/","title":"Multiple Vulnerabilities in Moodle (June 23, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0794/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-moodle-june-946"},{"num":1136,"source_id":"cisa-kev","external_id":"CVE-2026-34910","title":"CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-34910"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34910","csirts_url":"https://www.csirts.com/advisory/cve-2026-34910-1136"},{"num":1101,"source_id":"cisa-kev","external_id":"CVE-2026-34908","title":"CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-34908"],"exploited":true,"has_exploit":true,"published_at":"2026-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34908","csirts_url":"https://www.csirts.com/advisory/cve-2026-34908-1101"},{"num":287,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0795/","title":"Multiple vulnerabilities in Squid (June 23, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-50012","CVE-2026-47729"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0795/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-squid-june-23-287"},{"num":170057,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00274.html","title":"DSA-6363-1 python-urllib3 - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-44431"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00274.html","csirts_url":"https://www.csirts.com/advisory/dsa-6363-1-python-urllib3-security-update-170057"},{"num":170058,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00273.html","title":"DSA-6362-1 gst-plugins-bad1.0 - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-52718","CVE-2026-52719","CVE-2026-53701"],"exploited":false,"has_exploit":false,"published_at":"2026-06-23T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00273.html","csirts_url":"https://www.csirts.com/advisory/dsa-6362-1-gst-plugins-bad1-0-security-170058"},{"num":19614,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/nodejs-security-advisory-av26-624","title":"Nodejs security advisory (AV26-624)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T17:50:22+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/nodejs-security-advisory-av26-624","csirts_url":"https://www.csirts.com/advisory/nodejs-security-advisory-av26-624-19614"},{"num":19615,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/jetbrains-security-advisory-av26-623","title":"JetBrains security advisory (AV26-623)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T17:41:48+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/jetbrains-security-advisory-av26-623","csirts_url":"https://www.csirts.com/advisory/jetbrains-security-advisory-av26-623-19615"},{"num":19616,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-622","title":"Microsoft Edge security advisory (AV26-622)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T17:33:19+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/microsoft-edge-security-advisory-av26-622","csirts_url":"https://www.csirts.com/advisory/microsoft-edge-security-advisory-av26-622-19616"},{"num":1025,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucce-pcce-xss-2JVyg3uD","title":"Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20055","CVE-2026-20109"],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T15:04:09+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucce-pcce-xss-2JVyg3uD?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Packaged%20Contact%20Center%20Enterprise%20and%20Cisco%20Unified%20Contact%20Center%20Enterprise%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-packaged-contact-center-enterprise-1025"},{"num":19617,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/red-hat-security-advisory-av26-621","title":"Red Hat security advisory (AV26-621)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T14:24:29+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/red-hat-security-advisory-av26-621","csirts_url":"https://www.csirts.com/advisory/red-hat-security-advisory-av26-621-19617"},{"num":19618,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-620","title":"[Control systems] CISA ICS security advisories (AV26–620)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T14:09:43+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/control-systems-cisa-ics-security-advisories-av26-620","csirts_url":"https://www.csirts.com/advisory/control-systems-cisa-ics-security-19618"},{"num":19619,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/dell-security-advisory-av26-619","title":"Dell security advisory (AV26-619)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T13:55:58+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/dell-security-advisory-av26-619","csirts_url":"https://www.csirts.com/advisory/dell-security-advisory-av26-619-19619"},{"num":19620,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av26-618","title":"Ubuntu security advisory (AV26-618)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T13:44:52+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/ubuntu-security-advisory-av26-618","csirts_url":"https://www.csirts.com/advisory/ubuntu-security-advisory-av26-618-19620"},{"num":19621,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-617","title":"IBM security advisory (AV26-617)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T13:38:40+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/ibm-security-advisory-av26-617","csirts_url":"https://www.csirts.com/advisory/ibm-security-advisory-av26-617-19621"},{"num":1203,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/the-ai-shift-in-cyber-risk-why-leaders-must-act-now","title":"The AI shift in cyber risk: why leaders must act now","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/the-ai-shift-in-cyber-risk-why-leaders-must-act-now","csirts_url":"https://www.csirts.com/advisory/the-ai-shift-in-cyber-risk-why-leaders-1203"},{"num":19672,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities_20260622","title":"Node.js Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2026-48615","CVE-2026-48617","CVE-2026-48618","CVE-2026-48619","CVE-2026-48928","CVE-2026-48930","CVE-2026-48931","CVE-2026-48933","CVE-2026-48934","CVE-2026-48935","CVE-2026-48936","CVE-2026-48937"],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T02:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities_20260622","csirts_url":"https://www.csirts.com/advisory/node-js-multiple-vulnerabilities-19672"},{"num":19673,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/zimbra-denial-of-service-vulnerability_20260622","title":"Zimbra Denial of Service Vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2026-49975"],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T02:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/zimbra-denial-of-service-vulnerability_20260622","csirts_url":"https://www.csirts.com/advisory/zimbra-denial-of-service-vulnerability-19673"},{"num":19674,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities_20260622","title":"Android Multiple Vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2022-25836","CVE-2022-25837","CVE-2023-40108","CVE-2023-40132","CVE-2025-48571","CVE-2025-48617","CVE-2025-48640","CVE-2025-48643","CVE-2026-0019","CVE-2026-0057","CVE-2026-0063","CVE-2026-0064","CVE-2026-0068","CVE-2026-0071","CVE-2026-0081","CVE-2026-0082","CVE-2026-0083","CVE-2026-0092","CVE-2026-28575","CVE-2026-28576","CVE-2026-28587","CVE-2026-28615"],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T01:00:00+00:00","link":"https://www.hkcert.org/security-bulletin/android-multiple-vulnerabilities_20260622","csirts_url":"https://www.csirts.com/advisory/android-multiple-vulnerabilities-19674"},{"num":1763,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0791/","title":"Multiple Vulnerabilities in Microsoft Edge (June 22, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-12454","CVE-2026-12467","CVE-2026-12439","CVE-2026-12461","CVE-2026-12455","CVE-2026-12464","CVE-2026-12447","CVE-2026-12457","CVE-2026-12446","CVE-2026-12463","CVE-2026-12465","CVE-2026-12437","CVE-2026-12440","CVE-2026-12444","CVE-2026-12453","CVE-2026-12443","CVE-2026-12460","CVE-2026-12449","CVE-2026-12451","CVE-2026-12462","CVE-2026-12458","CVE-2026-12445","CVE-2026-12466","CVE-2026-12459","CVE-2026-12452","CVE-2026-12441","CVE-2026-12468","CVE-2026-12456"],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0791/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-1763"},{"num":945,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0793/","title":"Multiple Vulnerabilities in Postfix (June 22, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0793/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-postfix-june-945"},{"num":943,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0792/","title":"Multiple Vulnerabilities in Microsoft Products (June 22, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-9698","CVE-2026-45446","CVE-2026-34183","CVE-2026-42768","CVE-2026-50519"],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0792/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-microsoft-943"},{"num":170059,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00272.html","title":"DSA-6361-1 ffmpeg - security update","severity":"unknown","cvss":null,"cves":["CVE-2025-22921","CVE-2026-8461","CVE-2026-30997"],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00272.html","csirts_url":"https://www.csirts.com/advisory/dsa-6361-1-ffmpeg-security-update-170059"},{"num":826,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0790/","title":"Vulnerability in CPython for Windows (June 22, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-12003"],"exploited":false,"has_exploit":false,"published_at":"2026-06-22T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0790/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-cpython-for-windows-june-826"},{"num":170065,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00266.html","title":"DSA-6355-1 linux - security update","severity":"unknown","cvss":null,"cves":["CVE-2025-22069","CVE-2025-68251","CVE-2025-68768","CVE-2025-71289","CVE-2026-23247","CVE-2026-23272","CVE-2026-23346","CVE-2026-23394","CVE-2026-23469","CVE-2026-31420","CVE-2026-31486","CVE-2026-31560","CVE-2026-31613","CVE-2026-31663","CVE-2026-31717","CVE-2026-43116","CVE-2026-43219","CVE-2026-43245","CVE-2026-43303","CVE-2026-43331","CVE-2026-45838","CVE-2026-45839","CVE-2026-45840","CVE-2026-45841","CVE-2026-45842","CVE-2026-45843","CVE-2026-45844","CVE-2026-45845","CVE-2026-45846","CVE-2026-45850","CVE-2026-45930","CVE-2026-46117","CVE-2026-46137","CVE-2026-46158","CVE-2026-46160","CVE-2026-46170","CVE-2026-46203","CVE-2026-46216","CVE-2026-46244","CVE-2026-46274","CVE-2026-46275","CVE-2026-46315","CVE-2026-46316","CVE-2026-46319","CVE-2026-46320","CVE-2026-46321","CVE-2026-46322","CVE-2026-46323","CVE-2026-46331","CVE-2026-52908","CVE-2026-52909","CVE-2026-52910","CVE-2026-52911"],"exploited":false,"has_exploit":false,"published_at":"2026-06-21T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00266.html","csirts_url":"https://www.csirts.com/advisory/dsa-6355-1-linux-security-update-170065"},{"num":170062,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00269.html","title":"DSA-6358-1 libhttp-daemon-perl - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-8450"],"exploited":false,"has_exploit":false,"published_at":"2026-06-21T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00269.html","csirts_url":"https://www.csirts.com/advisory/dsa-6358-1-libhttp-daemon-perl-security-170062"},{"num":170061,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00270.html","title":"DSA-6359-1 gst-plugins-good1.0 - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-1940","CVE-2026-3083","CVE-2026-3085","CVE-2026-39043","CVE-2026-39044"],"exploited":false,"has_exploit":false,"published_at":"2026-06-21T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00270.html","csirts_url":"https://www.csirts.com/advisory/dsa-6359-1-gst-plugins-good1-0-security-170061"},{"num":170060,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00271.html","title":"DSA-6360-1 squid - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-33515","CVE-2026-33526","CVE-2026-47729","CVE-2026-50012"],"exploited":false,"has_exploit":false,"published_at":"2026-06-21T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00271.html","csirts_url":"https://www.csirts.com/advisory/dsa-6360-1-squid-security-update-170060"},{"num":170064,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00267.html","title":"DSA-6356-1 imagemagick - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-48724","CVE-2026-48734","CVE-2026-48994","CVE-2026-49218","CVE-2026-49219","CVE-2026-53460","CVE-2026-53461","CVE-2026-53463","CVE-2026-53464"],"exploited":false,"has_exploit":false,"published_at":"2026-06-21T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00267.html","csirts_url":"https://www.csirts.com/advisory/dsa-6356-1-imagemagick-security-update-170064"},{"num":170063,"source_id":"debian","external_id":"https://lists.debian.org/debian-security-announce/2026/msg00268.html","title":"DSA-6357-1 pillow - security update","severity":"unknown","cvss":null,"cves":["CVE-2026-42308","CVE-2026-42310","CVE-2026-42311"],"exploited":false,"has_exploit":false,"published_at":"2026-06-21T00:00:00+00:00","link":"https://lists.debian.org/debian-security-announce/2026/msg00268.html","csirts_url":"https://www.csirts.com/advisory/dsa-6357-1-pillow-security-update-170063"},{"num":19622,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/control-systems-mitsubishi-electric-security-advisory-av26-616","title":"[Control systems] Mitsubishi Electric security advisory (AV26-616)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-19T18:53:39+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/control-systems-mitsubishi-electric-security-advisory-av26-616","csirts_url":"https://www.csirts.com/advisory/control-systems-mitsubishi-electric-19622"},{"num":2025,"source_id":"ncsc-nl","external_id":"NCSC-2026-0198 [1.01]","title":"NCSC-2026-0198 [1.01] [M/H] Vulnerabilities fixed in Splunk Enterprise and Splunk Cloud Platform","severity":"unknown","cvss":null,"cves":["CVE-2026-20253","CVE-2026-20251"],"exploited":true,"has_exploit":true,"published_at":"2026-06-19T12:42:32+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0198","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0198-1-01-m-h-vulnerabilities-2025"},{"num":2031,"source_id":"ncsc-nl","external_id":"NCSC-2026-0208 [1.00]","title":"NCSC-2026-0208 [1.00] [M/H] Vulnerabilities fixed in Cisco Identity Services Engine","severity":"unknown","cvss":null,"cves":["CVE-2026-20181","CVE-2026-20190"],"exploited":false,"has_exploit":false,"published_at":"2026-06-19T06:52:57+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0208","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0208-1-00-m-h-vulnerabilities-2031"},{"num":170080,"source_id":"aws","external_id":"fffdfafbdb7d63bb1f47888b9cd09eb3bf7a24bc","title":"Issue with containerd CRI Plugin - CVE-2026-50195, CVE-2026-53488, CVE-2026-53492, CVE-2026-53489, CVE-2026-47262","severity":"unknown","cvss":null,"cves":["CVE-2026-50195","CVE-2026-53488","CVE-2026-53492","CVE-2026-53489","CVE-2026-47262"],"exploited":false,"has_exploit":false,"published_at":"2026-06-19T00:29:27+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-046-aws/","csirts_url":"https://www.csirts.com/advisory/issue-with-containerd-cri-plugin-cve-2026-170080"},{"num":19623,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-615","title":"Drupal security advisory (AV26-615)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-18T17:26:18+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/drupal-security-advisory-av26-615","csirts_url":"https://www.csirts.com/advisory/drupal-security-advisory-av26-615-19623"},{"num":19624,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/splunk-security-advisory-av26-586","title":"Splunk security advisory (AV26-586) – Update 1","severity":"unknown","cvss":null,"cves":["CVE-2026-20253"],"exploited":true,"has_exploit":true,"published_at":"2026-06-18T17:15:42+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/splunk-security-advisory-av26-586","csirts_url":"https://www.csirts.com/advisory/splunk-security-advisory-av26-586-update-1-19624"},{"num":19625,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/al26-014-fortibleed-leak-thousands-compromised-credentials-impacting-fortinet-devices","title":"AL26-014 – FortiBleed leak of thousands of compromised credentials impacting Fortinet devices","severity":"critical","cvss":null,"cves":["CVE-2024-55591","CVE-2025-59718","CVE-2025-59719"],"exploited":true,"has_exploit":true,"published_at":"2026-06-18T13:52:14+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/al26-014-fortibleed-leak-thousands-compromised-credentials-impacting-fortinet-devices","csirts_url":"https://www.csirts.com/advisory/al26-014-fortibleed-leak-of-thousands-of-19625"},{"num":429,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/the-vibe-coding-spectrum-approach-to-ai-assisted-software-development","title":"The 'vibe coding spectrum' approach to AI-assisted software development","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-18T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/the-vibe-coding-spectrum-approach-to-ai-assisted-software-development","csirts_url":"https://www.csirts.com/advisory/the-vibe-coding-spectrum-approach-to-ai-429"},{"num":1205,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/advice-following-global-targeting-of-fortinet-firewalls-and-vpn-gateways","title":"Alert: NCSC issues advice following global targeting of Fortinet firewalls and VPN gateways","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-18T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/advice-following-global-targeting-of-fortinet-firewalls-and-vpn-gateways","csirts_url":"https://www.csirts.com/advisory/alert-ncsc-issues-advice-following-global-1205"},{"num":1102,"source_id":"cisa-kev","external_id":"CVE-2026-20253","title":"CVE-2026-20253: Splunk Enterprise Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20253"],"exploited":true,"has_exploit":true,"published_at":"2026-06-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20253","csirts_url":"https://www.csirts.com/advisory/cve-2026-20253-1102"},{"num":170111,"source_id":"aws","external_id":"7b1a16d63febf24ec5b9ccc7173de95770d15eed","title":"CVE-2026-12530 - Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()","severity":"critical","cvss":null,"cves":["CVE-2026-12530"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T21:16:00+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-044-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-12530-170111"},{"num":19626,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/splunk-security-advisory-av26-614","title":"Splunk security advisory (AV26-614)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T19:19:26+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/splunk-security-advisory-av26-614","csirts_url":"https://www.csirts.com/advisory/splunk-security-advisory-av26-614-19626"},{"num":87121,"source_id":"drupal","external_id":"3593385 at https://www.drupal.org","title":"Drupal core - Moderately critical - Improper validation - SA-CORE-2026-009","severity":"critical","cvss":null,"cves":["CVE-2026-55808"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T18:58:02+00:00","link":"https://www.drupal.org/sa-core-2026-009","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-improper-87121"},{"num":87122,"source_id":"drupal","external_id":"3593377 at https://www.drupal.org","title":"Drupal core - Moderately critical - Server-side request forgery - SA-CORE-2026-008","severity":"critical","cvss":null,"cves":["CVE-2026-55807"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T18:57:49+00:00","link":"https://www.drupal.org/sa-core-2026-008","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-server-87122"},{"num":87123,"source_id":"drupal","external_id":"3593110 at https://www.drupal.org","title":"Drupal core - Less critical - Cache poisoning and open redirect - SA-CORE-2026-007","severity":"critical","cvss":null,"cves":["CVE-2026-55806"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T18:57:37+00:00","link":"https://www.drupal.org/sa-core-2026-007","csirts_url":"https://www.csirts.com/advisory/drupal-core-less-critical-cache-poisoning-87123"},{"num":87124,"source_id":"drupal","external_id":"3594118 at https://www.drupal.org","title":"Drupal core - Moderately critical - Gadget chain - SA-CORE-2026-006","severity":"critical","cvss":null,"cves":["CVE-2026-55804"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T18:57:02+00:00","link":"https://www.drupal.org/sa-core-2026-006","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-gadget-87124"},{"num":87125,"source_id":"drupal","external_id":"3593881 at https://www.drupal.org","title":"Drupal core - Critical - PHP object injection - SA-CORE-2026-005","severity":"critical","cvss":null,"cves":["CVE-2026-55803"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T18:56:50+00:00","link":"https://www.drupal.org/sa-core-2026-005","csirts_url":"https://www.csirts.com/advisory/drupal-core-critical-php-object-injection-87125"},{"num":19627,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-613","title":"Cisco security advisory (AV26-613)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T18:44:15+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-613","csirts_url":"https://www.csirts.com/advisory/cisco-security-advisory-av26-613-19627"},{"num":19628,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/f5-security-advisory-av26-612","title":"F5 security advisory (AV26-612)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T18:14:07+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/f5-security-advisory-av26-612","csirts_url":"https://www.csirts.com/advisory/f5-security-advisory-av26-612-19628"},{"num":19629,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/mitel-security-advisory-av26-611","title":"Mitel security advisory (AV26-611)","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T18:00:01+00:00","link":"https://cyber.gc.ca/en/alerts-advisories/mitel-security-advisory-av26-611","csirts_url":"https://www.csirts.com/advisory/mitel-security-advisory-av26-611-19629"},{"num":1032,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-redirect-KOyxhffH","title":"Cisco Webex App Open Redirect Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20178"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-redirect-KOyxhffH?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Webex%20App%20Open%20Redirect%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-webex-app-open-redirect-1032"},{"num":2108,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-priv-esc-F4wJB7AU","title":"Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20246"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-priv-esc-F4wJB7AU?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Umbrella%20Virtual%20Appliance%20Privilege%20Escalation%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-umbrella-virtual-appliance-2108"},{"num":1031,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnc-inj-QNMeEmxk","title":"Cisco Crosswork Network Controller Server-Side Template Injection Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20220"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnc-inj-QNMeEmxk?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Crosswork%20Network%20Controller%20Server-Side%20Template%20Injection%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-crosswork-network-controller-server-1031"},{"num":1207,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/ncsc-ceo-hostile-states-linked-to-three-quarters-of-cyber-attacks","title":"NCSC CEO: Hostile states linked to three-quarters of cyber attacks affecting UK's critical systems","severity":"critical","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/ncsc-ceo-hostile-states-linked-to-three-quarters-of-cyber-attacks","csirts_url":"https://www.csirts.com/advisory/ncsc-ceo-hostile-states-linked-to-three-1207"},{"num":887,"source_id":"ncsc-nl","external_id":"NCSC-2026-0207 [1.00]","title":"NCSC-2026-0207 [1.00] [M/H] Vulnerabilities fixed in Oracle Fusion Middleware products","severity":"critical","cvss":null,"cves":["CVE-2026-46788","CVE-2026-46789","CVE-2026-46790","CVE-2026-46791","CVE-2026-46792","CVE-2026-46793","CVE-2026-46794","CVE-2026-46795","CVE-2026-46796","CVE-2026-46797","CVE-2026-46798","CVE-2026-46799","CVE-2026-46800","CVE-2026-46801","CVE-2026-46802","CVE-2026-46803","CVE-2026-46804","CVE-2026-46805","CVE-2026-46806","CVE-2026-46807","CVE-2026-46808","CVE-2026-46809","CVE-2026-46810","CVE-2026-46812","CVE-2026-46813","CVE-2026-46814","CVE-2026-46838","CVE-2026-46844","CVE-2026-46845","CVE-2026-46846","CVE-2026-46847","CVE-2026-46848","CVE-2026-35258","CVE-2026-35259","CVE-2026-35261","CVE-2026-35262","CVE-2026-35263","CVE-2026-35265","CVE-2026-35267","CVE-2026-35268","CVE-2026-35269","CVE-2026-35270","CVE-2026-35280","CVE-2026-35281","CVE-2026-35282","CVE-2026-35283","CVE-2026-35284","CVE-2026-35285","CVE-2026-35286","CVE-2026-35291","CVE-2026-35292","CVE-2026-35293","CVE-2026-35294","CVE-2026-35295","CVE-2026-35296","CVE-2026-35298","CVE-2026-35299","CVE-2026-35300","CVE-2026-35301","CVE-2026-35302"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T09:28:34+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0207","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0207-1-00-m-h-vulnerabilities-887"},{"num":2039,"source_id":"ncsc-nl","external_id":"NCSC-2026-0206 [1.00]","title":"NCSC-2026-0206 [1.00] [M/H] Vulnerabilities fixed in Oracle JD Edwards EnterpriseOne","severity":"unknown","cvss":null,"cves":["CVE-2026-46878","CVE-2026-46879","CVE-2026-46880","CVE-2026-46881","CVE-2026-46882","CVE-2026-46883","CVE-2026-46891","CVE-2026-46892","CVE-2026-46893","CVE-2026-46903","CVE-2026-46904","CVE-2026-46905","CVE-2026-46906","CVE-2026-46907","CVE-2026-46908","CVE-2026-46909","CVE-2026-46910","CVE-2026-46911","CVE-2026-46912","CVE-2026-46913"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T09:25:49+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0206","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0206-1-00-m-h-vulnerabilities-2039"},{"num":893,"source_id":"ncsc-nl","external_id":"NCSC-2026-0205 [1.00]","title":"NCSC-2026-0205 [1.00] [M/H] Vulnerabilities fixed in Oracle MySQL products","severity":"unknown","cvss":null,"cves":["CVE-2026-46850","CVE-2026-46860","CVE-2026-46861","CVE-2026-46862","CVE-2026-46863","CVE-2026-46869","CVE-2026-46870","CVE-2026-46871"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T09:20:53+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0205","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0205-1-00-m-h-vulnerabilities-893"},{"num":907,"source_id":"ncsc-nl","external_id":"NCSC-2026-0204 [1.00]","title":"NCSC-2026-0204 [1.00] [M/H] Vulnerabilities fixed in Oracle PeopleSoft Enterprise","severity":"unknown","cvss":null,"cves":["CVE-2026-35271","CVE-2026-35272","CVE-2026-35274","CVE-2026-35276","CVE-2026-35278","CVE-2026-35279","CVE-2026-35288","CVE-2026-35289","CVE-2026-46849","CVE-2026-46851","CVE-2026-46979"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T09:11:23+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0204","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0204-1-00-m-h-vulnerabilities-907"},{"num":908,"source_id":"ncsc-nl","external_id":"NCSC-2026-0203 [1.00]","title":"NCSC-2026-0203 [1.00] [M/H] Vulnerabilities fixed in Oracle VM VirtualBox","severity":"medium","cvss":null,"cves":["CVE-2026-35275","CVE-2026-46768","CVE-2026-46815","CVE-2026-46816","CVE-2026-46825","CVE-2026-46873","CVE-2026-46874","CVE-2026-46877","CVE-2026-46974","CVE-2026-46977"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T09:05:28+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0203","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0203-1-00-m-h-vulnerabilities-908"},{"num":909,"source_id":"ncsc-nl","external_id":"NCSC-2026-0202 [1.00]","title":"NCSC-2026-0202 [1.00] [M/H] Vulnerabilities fixed in Oracle Enterprise Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-34481","CVE-2026-46832","CVE-2026-46852","CVE-2026-46853","CVE-2026-46854","CVE-2026-46855","CVE-2026-46856","CVE-2026-46857","CVE-2026-46858","CVE-2026-46864","CVE-2026-46865","CVE-2026-46866","CVE-2026-46867","CVE-2026-46868","CVE-2026-46872","CVE-2026-46875"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T08:55:54+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0202","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0202-1-00-m-h-vulnerabilities-909"},{"num":910,"source_id":"ncsc-nl","external_id":"NCSC-2026-0201 [1.00]","title":"NCSC-2026-0201 [1.00] [M/H] Vulnerabilities fixed in Oracle E-Business Suite products","severity":"unknown","cvss":null,"cves":["CVE-2026-46949","CVE-2026-46950","CVE-2026-46951","CVE-2026-46952","CVE-2026-46953","CVE-2026-46955","CVE-2026-46956","CVE-2026-46957","CVE-2026-46958","CVE-2026-46959","CVE-2026-46960","CVE-2026-46961","CVE-2026-46962","CVE-2026-46963","CVE-2026-46964","CVE-2026-46965","CVE-2026-46966","CVE-2026-46967","CVE-2026-46969","CVE-2026-46970","CVE-2026-46971","CVE-2026-46972","CVE-2026-46973","CVE-2026-46976","CVE-2026-46894","CVE-2026-46895","CVE-2026-46896","CVE-2026-46897","CVE-2026-46898","CVE-2026-46899","CVE-2026-46900","CVE-2026-46901","CVE-2026-46902","CVE-2026-46915","CVE-2026-46916","CVE-2026-46918","CVE-2026-46922","CVE-2026-46927","CVE-2026-46928","CVE-2026-46929","CVE-2026-46930","CVE-2026-46931","CVE-2026-46932","CVE-2026-46933","CVE-2026-46934","CVE-2026-46935","CVE-2026-46937","CVE-2026-46938","CVE-2026-46939","CVE-2026-46940","CVE-2026-46942","CVE-2026-46944","CVE-2026-46945","CVE-2026-46946","CVE-2026-46947"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T08:53:15+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0201","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0201-1-00-m-h-vulnerabilities-910"},{"num":2049,"source_id":"ncsc-nl","external_id":"NCSC-2026-0200 [1.00]","title":"NCSC-2026-0200 [1.00] [M/H] Vulnerabilities fixed in Oracle Communications","severity":"unknown","cvss":null,"cves":["CVE-2025-70873","CVE-2026-34481"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T08:50:12+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0200","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0200-1-00-m-h-vulnerabilities-2049"},{"num":19643,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN20769211/","title":"OS command injection in RadiX AX6600 WiFi 6 Tri-Band Gaming Router","severity":"unknown","cvss":null,"cves":["CVE-2026-53876"],"exploited":false,"has_exploit":false,"published_at":"2026-06-17T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN20769211/","csirts_url":"https://www.csirts.com/advisory/os-command-injection-in-radix-ax6600-wifi-19643"},{"num":2139,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk","title":"Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20127"],"exploited":true,"has_exploit":true,"published_at":"2026-06-16T17:39:47+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Controller%20Authentication%20Bypass%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-catalyst-sd-wan-controller-2139"},{"num":2149,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW","title":"Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability","severity":"high","cvss":null,"cves":["CVE-2026-20182"],"exploited":true,"has_exploit":true,"published_at":"2026-06-16T17:39:46+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Controller%20Authentication%20Bypass%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-catalyst-sd-wan-controller-2149"},{"num":2052,"source_id":"ncsc-nl","external_id":"NCSC-2026-0199 [1.00]","title":"NCSC-2026-0199 [1.00] [M/H] Vulnerability fixed in Cisco Catalyst SD-WAN Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-20262"],"exploited":false,"has_exploit":true,"published_at":"2026-06-16T13:30:10+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0199","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0199-1-00-m-h-vulnerability-2052"},{"num":2059,"source_id":"ncsc-nl","external_id":"NCSC-2026-0179 [1.01]","title":"NCSC-2026-0179 [1.01] [H/H] Vulnerabilities fixed in Check Point Remote and Mobile Access VPN products","severity":"unknown","cvss":null,"cves":["CVE-2026-50751","CVE-2026-50752"],"exploited":true,"has_exploit":true,"published_at":"2026-06-16T13:13:03+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0179","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0179-1-01-h-h-vulnerabilities-2059"},{"num":19644,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN16937365/","title":"ThingsBoard vulnerable to prototype pollution","severity":"unknown","cvss":null,"cves":["CVE-2026-53676"],"exploited":false,"has_exploit":false,"published_at":"2026-06-16T03:00:15+00:00","link":"https://jvn.jp/en/jp/JVN16937365/","csirts_url":"https://www.csirts.com/advisory/thingsboard-vulnerable-to-prototype-19644"},{"num":19645,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN79926428/","title":"Improper file access permission settings in the installers for Optical Disc Archive Software for Windows","severity":"unknown","cvss":null,"cves":["CVE-2026-50255"],"exploited":false,"has_exploit":false,"published_at":"2026-06-16T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN79926428/","csirts_url":"https://www.csirts.com/advisory/improper-file-access-permission-settings-19645"},{"num":19646,"source_id":"jvn","external_id":"https://jvn.jp/en/vu/JVNVU98100934/","title":"Multiple vulnerabilities in Canon EOS Network Setting Tool","severity":"unknown","cvss":null,"cves":["CVE-2026-9258","CVE-2026-9259","CVE-2026-9260","CVE-2026-9261","CVE-2026-9262"],"exploited":false,"has_exploit":false,"published_at":"2026-06-16T02:00:00+00:00","link":"https://jvn.jp/en/vu/JVNVU98100934/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-canon-eos-19646"},{"num":1137,"source_id":"cisa-kev","external_id":"CVE-2026-48907","title":"CVE-2026-48907: Widget Factory Joomla Content Editor Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-48907"],"exploited":true,"has_exploit":true,"published_at":"2026-06-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48907","csirts_url":"https://www.csirts.com/advisory/cve-2026-48907-1137"},{"num":1033,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ","title":"Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20262"],"exploited":true,"has_exploit":true,"published_at":"2026-06-15T22:00:51+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Manager%20Arbitrary%20File%20Write%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-catalyst-sd-wan-manager-arbitrary-1033"},{"num":170084,"source_id":"aws","external_id":"bcf0b26cc032803ea5a8671f95888b84bad4e08b","title":"CVE-2026-11931 - Insecure Permissions on Authentication Token Cache File in Kiro IDE","severity":"unknown","cvss":null,"cves":["CVE-2026-11931"],"exploited":false,"has_exploit":false,"published_at":"2026-06-15T18:41:08+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-045-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-11931-170084"},{"num":19647,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN55319858/","title":"Privilege escalation vulnerability in multiple RICOH and KONICA MINOLTA JAPAN printer drivers","severity":"unknown","cvss":null,"cves":["CVE-2026-50100"],"exploited":false,"has_exploit":false,"published_at":"2026-06-15T05:00:00+00:00","link":"https://jvn.jp/en/jp/JVN55319858/","csirts_url":"https://www.csirts.com/advisory/privilege-escalation-vulnerability-in-19647"},{"num":1146,"source_id":"cisa-kev","external_id":"CVE-2026-54420","title":"CVE-2026-54420: LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-54420"],"exploited":true,"has_exploit":true,"published_at":"2026-06-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-54420","csirts_url":"https://www.csirts.com/advisory/cve-2026-54420-1146"},{"num":1147,"source_id":"cisa-kev","external_id":"CVE-2026-20262","title":"CVE-2026-20262: Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20262"],"exploited":true,"has_exploit":true,"published_at":"2026-06-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20262","csirts_url":"https://www.csirts.com/advisory/cve-2026-20262-1147"},{"num":86898,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0249","title":"CVE-2026-0249 GlobalProtect App: Certificate Validation Bypass Vulnerabilities (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0249"],"exploited":false,"has_exploit":false,"published_at":"2026-06-13T01:45:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0249","csirts_url":"https://www.csirts.com/advisory/cve-2026-0249-86898"},{"num":86899,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0250","title":"CVE-2026-0250 GlobalProtect App: Buffer Overflow Vulnerability during connection to Portal or Gateway (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0250"],"exploited":false,"has_exploit":false,"published_at":"2026-06-13T01:30:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0250","csirts_url":"https://www.csirts.com/advisory/cve-2026-0250-86899"},{"num":2154,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx","title":"Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability","severity":"unknown","cvss":null,"cves":["CVE-2026-20182","CVE-2026-20127","CVE-2026-20245"],"exploited":true,"has_exploit":true,"published_at":"2026-06-12T20:36:49+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Controller,%20Catalyst%20SD-WAN%20Manager,%20and%20Catalyst%20SD-WAN%20Validator%20Authenticated%20Privilege%20Escalation%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-catalyst-sd-wan-controller-catalyst-2154"},{"num":170101,"source_id":"aws","external_id":"fe3f111309aa77103f632e1b0783574b4c3d67c0","title":"CVE-2026-12043 - Heap double-free in AWS Common Runtime aws-c-http","severity":"unknown","cvss":null,"cves":["CVE-2026-12043"],"exploited":false,"has_exploit":false,"published_at":"2026-06-12T18:48:49+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-043-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-12043-170101"},{"num":2060,"source_id":"ncsc-nl","external_id":"NCSC-2026-0197 [1.00]","title":"NCSC-2026-0197 [1.00] [M/H] Vulnerability fixed in Fortinet FortiPortal","severity":"unknown","cvss":null,"cves":["CVE-2026-49938"],"exploited":false,"has_exploit":false,"published_at":"2026-06-12T07:45:00+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0197","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0197-1-00-m-h-vulnerability-2060"},{"num":1828,"source_id":"ncsc-nl","external_id":"NCSC-2026-0196 [1.00]","title":"NCSC-2026-0196 [1.00] [M/H] Vulnerabilities fixed in GitLab Enterprise Edition","severity":"unknown","cvss":null,"cves":["CVE-2026-10087","CVE-2026-10733","CVE-2026-1500","CVE-2026-3553","CVE-2026-6269","CVE-2026-6277","CVE-2026-6552","CVE-2026-6976","CVE-2026-7250","CVE-2026-8589","CVE-2026-9204","CVE-2026-9694"],"exploited":false,"has_exploit":false,"published_at":"2026-06-12T07:39:37+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0196","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0196-1-00-m-h-vulnerabilities-1828"},{"num":1830,"source_id":"ncsc-nl","external_id":"NCSC-2026-0195 [1.00]","title":"NCSC-2026-0195 [1.00] [M/H] Vulnerability fixed in Oracle PeopleSoft Enterprise PeopleTools","severity":"unknown","cvss":null,"cves":["CVE-2026-35273"],"exploited":true,"has_exploit":true,"published_at":"2026-06-12T07:25:07+00:00","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0195","csirts_url":"https://www.csirts.com/advisory/ncsc-2026-0195-1-00-m-h-vulnerability-1830"},{"num":1152,"source_id":"cisa-kev","external_id":"CVE-2026-35273","title":"CVE-2026-35273: Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-35273"],"exploited":true,"has_exploit":true,"published_at":"2026-06-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-35273","csirts_url":"https://www.csirts.com/advisory/cve-2026-35273-1152"},{"num":86900,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0273","title":"CVE-2026-0273 PAN-OS: Authenticated Admin Command Injection Vulnerability via CLI or Web UI (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0273"],"exploited":false,"has_exploit":false,"published_at":"2026-06-11T01:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0273","csirts_url":"https://www.csirts.com/advisory/cve-2026-0273-86900"},{"num":239,"source_id":"cisa-kev","external_id":"CVE-2026-10520","title":"CVE-2026-10520: Ivanti Sentry OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-10520"],"exploited":true,"has_exploit":true,"published_at":"2026-06-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-10520","csirts_url":"https://www.csirts.com/advisory/cve-2026-10520-239"},{"num":170130,"source_id":"aws","external_id":"f1ec681509fa863c47d21c3469eb59f996a89c38","title":"CVE-2026-10740 - Excessive memory allocation in s2n-quic","severity":"high","cvss":null,"cves":["CVE-2026-10740"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T18:15:57+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-042-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-10740-170130"},{"num":170120,"source_id":"aws","external_id":"6ca7b46a440f328c884abec4d2e1826e63e1a2cb","title":"CVE-2026-10740 - Excessive memory allocation in s2n-quic","severity":"unknown","cvss":null,"cves":["CVE-2026-10740","CVE-2026-11417"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T17:51:59+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-041-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-10740-170120"},{"num":86907,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/PAN-SA-2026-0009","title":"PAN-SA-2026-0009 Informational Bulletin: Impact assessment of OSS CVEs in Prisma SD-WAN ION (Severity: INFORMATIONAL)","severity":"unknown","cvss":null,"cves":["CVE-2026-35385","CVE-2026-35386","CVE-2026-35388","CVE-2026-35387","CVE-2026-35414"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/PAN-SA-2026-0009","csirts_url":"https://www.csirts.com/advisory/pan-sa-2026-0009-informational-bulletin-86907"},{"num":86910,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0266","title":"CVE-2026-0266 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface (Severity: LOW)","severity":"low","cvss":null,"cves":["CVE-2026-0266"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0266","csirts_url":"https://www.csirts.com/advisory/cve-2026-0266-86910"},{"num":86903,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0270","title":"CVE-2026-0270 Cortex XSOAR: Path Traversal Vulnerability (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0270"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0270","csirts_url":"https://www.csirts.com/advisory/cve-2026-0270-86903"},{"num":86902,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0272","title":"CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI) (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0272"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0272","csirts_url":"https://www.csirts.com/advisory/cve-2026-0272-86902"},{"num":86909,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0267","title":"CVE-2026-0267 GlobalProtect App: Information Exposure Vulnerability on macOS (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0267"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0267","csirts_url":"https://www.csirts.com/advisory/cve-2026-0267-86909"},{"num":86905,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0268","title":"CVE-2026-0268 Prisma Access Agent: Local Authenticated VPN Enforcement Bypass on Linux (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0268"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0268","csirts_url":"https://www.csirts.com/advisory/cve-2026-0268-86905"},{"num":86901,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0271","title":"CVE-2026-0271 Prisma Access Agent: Local Privilege Escalation by Authorized Users (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0271"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0271","csirts_url":"https://www.csirts.com/advisory/cve-2026-0271-86901"},{"num":86906,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/PAN-SA-2026-0008","title":"PAN-SA-2026-0008 Chromium: Monthly Vulnerability Update (June 2026) (Severity: HIGH)","severity":"high","cvss":null,"cves":["CVE-2026-8509","CVE-2026-8510","CVE-2026-8511","CVE-2026-8512","CVE-2026-8513","CVE-2026-8514","CVE-2026-8515","CVE-2026-8516","CVE-2026-8517","CVE-2026-8518","CVE-2026-8519","CVE-2026-8520","CVE-2026-8521","CVE-2026-8522","CVE-2026-8523","CVE-2026-8524","CVE-2026-8525","CVE-2026-8526","CVE-2026-8527","CVE-2026-8528","CVE-2026-8529","CVE-2026-8530","CVE-2026-8531","CVE-2026-8532","CVE-2026-8533","CVE-2026-8534","CVE-2026-8535","CVE-2026-8536","CVE-2026-8537","CVE-2026-8538","CVE-2026-8539","CVE-2026-8540","CVE-2026-8541","CVE-2026-8542","CVE-2026-8543","CVE-2026-8544","CVE-2026-8545","CVE-2026-8546","CVE-2026-8547","CVE-2026-8548","CVE-2026-8549","CVE-2026-8550","CVE-2026-8551","CVE-2026-8552","CVE-2026-8553","CVE-2026-8554","CVE-2026-8555","CVE-2026-8556","CVE-2026-8557","CVE-2026-8558","CVE-2026-8559","CVE-2026-8560","CVE-2026-8561","CVE-2026-8562","CVE-2026-8563","CVE-2026-8564","CVE-2026-8565","CVE-2026-8566","CVE-2026-8567","CVE-2026-8568"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/PAN-SA-2026-0008","csirts_url":"https://www.csirts.com/advisory/pan-sa-2026-0008-chromium-monthly-86906"},{"num":86904,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0269","title":"CVE-2026-0269 PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0269"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0269","csirts_url":"https://www.csirts.com/advisory/cve-2026-0269-86904"},{"num":86908,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0274","title":"CVE-2026-0274 Cortex XSOAR: Improper Validation of Credentials in CommvaultSecurityIQ integration (Severity: HIGH)","severity":"high","cvss":null,"cves":["CVE-2026-0274"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0274","csirts_url":"https://www.csirts.com/advisory/cve-2026-0274-86908"},{"num":87022,"source_id":"jenkins","external_id":"jenkins-advisory-2026-06-10","title":"Jenkins Security Advisory 2026-06-10","severity":"unknown","cvss":null,"cves":["CVE-2026-53435","CVE-2026-53436","CVE-2026-53437","CVE-2026-53438","CVE-2026-53439","CVE-2026-53440","CVE-2026-53441","CVE-2026-53442"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2026-06-10/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2026-06-10-87022"},{"num":1140,"source_id":"cert-eu","external_id":"security-advisories-10945","title":"2026-008: Critical vulnerabilities in Ivanti Sentry","severity":"critical","cvss":null,"cves":["CVE-2026-10520","CVE-2026-10523"],"exploited":false,"has_exploit":true,"published_at":"2026-06-10T11:55:39+00:00","link":"https://cert.europa.eu/publications/security-advisories/2026-008/","csirts_url":"https://www.csirts.com/advisory/2026-008-critical-vulnerabilities-in-1140"},{"num":1667,"source_id":"cert-eu","external_id":"security-advisories-10944","title":"2026-007: Critical Vulnerability in Windows Netlogon","severity":"critical","cvss":null,"cves":["CVE-2026-41089"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T06:47:08+00:00","link":"https://cert.europa.eu/publications/security-advisories/2026-007/","csirts_url":"https://www.csirts.com/advisory/2026-007-critical-vulnerability-in-1667"},{"num":19630,"source_id":"jpcert","external_id":"https://www.jpcert.or.jp/english/at/2026/at260018.html","title":"Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-63)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T04:50:00+00:00","link":"https://www.jpcert.or.jp/english/at/2026/at260018.html","csirts_url":"https://www.csirts.com/advisory/security-alert-alert-regarding-19630"},{"num":19631,"source_id":"jpcert","external_id":"https://www.jpcert.or.jp/english/at/2026/at260017.html","title":"Security Alert: Microsoft Releases June 2026 Security Updates","severity":"unknown","cvss":null,"cves":["CVE-2026-42897"],"exploited":true,"has_exploit":true,"published_at":"2026-06-10T04:50:00+00:00","link":"https://www.jpcert.or.jp/english/at/2026/at260017.html","csirts_url":"https://www.csirts.com/advisory/security-alert-microsoft-releases-june-19631"},{"num":86926,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-0-2-released/","title":"GitLab Patch Release: 19.0.2, 18.11.5, 18.10.8","severity":"critical","cvss":null,"cves":["CVE-2026-6552","CVE-2026-10087","CVE-2026-7250","CVE-2026-8589","CVE-2026-1500","CVE-2026-6269","CVE-2026-9204","CVE-2026-10733","CVE-2026-6277","CVE-2026-6976","CVE-2026-3553","CVE-2026-9694"],"exploited":false,"has_exploit":false,"published_at":"2026-06-10T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-0-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-19-0-2-18-11-5-18-10-86926"},{"num":5123,"source_id":"msrc","external_id":"CVE-2026-42906","title":"CVE-2026-42906: Windows Shell Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42906"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42906","csirts_url":"https://www.csirts.com/advisory/cve-2026-42906-5123"},{"num":4199,"source_id":"msrc","external_id":"CVE-2026-46325","title":"CVE-2026-46325: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE","severity":"medium","cvss":6.1,"cves":["CVE-2026-46325"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46325","csirts_url":"https://www.csirts.com/advisory/cve-2026-46325-4199"},{"num":4562,"source_id":"msrc","external_id":"CVE-2026-10964","title":"CVE-2026-10964: Chromium: CVE-2026-10964 Integer overflow in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-10964"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10964","csirts_url":"https://www.csirts.com/advisory/cve-2026-10964-4562"},{"num":4165,"source_id":"msrc","external_id":"CVE-2026-10097","title":"CVE-2026-10097: ML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static private-key recovery","severity":"high","cvss":7.5,"cves":["CVE-2026-10097"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10097","csirts_url":"https://www.csirts.com/advisory/cve-2026-10097-4165"},{"num":4236,"source_id":"msrc","external_id":"CVE-2026-49760","title":"CVE-2026-49760: Stack Buffer Overflow in ei_s_print_term at Very Large Integer","severity":"medium","cvss":5.5,"cves":["CVE-2026-49760"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49760","csirts_url":"https://www.csirts.com/advisory/cve-2026-49760-4236"},{"num":4334,"source_id":"msrc","external_id":"CVE-2026-53047","title":"CVE-2026-53047: efi/capsule-loader: fix incorrect sizeof in phys array reallocation","severity":"medium","cvss":5.5,"cves":["CVE-2026-53047"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53047","csirts_url":"https://www.csirts.com/advisory/cve-2026-53047-4334"},{"num":4204,"source_id":"msrc","external_id":"CVE-2026-48913","title":"CVE-2026-48913: Apache HTTP Server: mod_http2 memory corruption when file handles exhausted","severity":"high","cvss":7.3,"cves":["CVE-2026-48913"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48913","csirts_url":"https://www.csirts.com/advisory/cve-2026-48913-4204"},{"num":4436,"source_id":"msrc","external_id":"CVE-2026-11178","title":"CVE-2026-11178: Chromium: CVE-2026-11178 Policy bypass in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11178"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11178","csirts_url":"https://www.csirts.com/advisory/cve-2026-11178-4436"},{"num":4632,"source_id":"msrc","external_id":"CVE-2026-11087","title":"CVE-2026-11087: Chromium: CVE-2026-11087 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11087"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11087","csirts_url":"https://www.csirts.com/advisory/cve-2026-11087-4632"},{"num":1012,"source_id":"msrc","external_id":"CVE-2026-12003","title":"CVE-2026-12003: CPython >3.11 Insecure Input Validation resulting in privilege escalation","severity":"unknown","cvss":null,"cves":["CVE-2026-12003"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12003","csirts_url":"https://www.csirts.com/advisory/cve-2026-12003-1012"},{"num":1825,"source_id":"msrc","external_id":"CVE-2026-53071","title":"CVE-2026-53071: Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp","severity":"high","cvss":7,"cves":["CVE-2026-53071"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53071","csirts_url":"https://www.csirts.com/advisory/cve-2026-53071-1825"},{"num":4273,"source_id":"msrc","external_id":"CVE-2026-53118","title":"CVE-2026-53118: vdpa: use generic driver_override infrastructure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53118"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53118","csirts_url":"https://www.csirts.com/advisory/cve-2026-53118-4273"},{"num":988,"source_id":"msrc","external_id":"CVE-2026-11623","title":"CVE-2026-11623: tmux image.c image_free use after free","severity":"medium","cvss":4.5,"cves":["CVE-2026-11623"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11623","csirts_url":"https://www.csirts.com/advisory/cve-2026-11623-988"},{"num":4218,"source_id":"msrc","external_id":"CVE-2026-47167","title":"CVE-2026-47167: Vim: Vimscript Code Injection in cucumber filetype plugin via crafted step-definition regex","severity":"unknown","cvss":null,"cves":["CVE-2026-47167"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47167","csirts_url":"https://www.csirts.com/advisory/cve-2026-47167-4218"},{"num":4630,"source_id":"msrc","external_id":"CVE-2026-11084","title":"CVE-2026-11084: Chromium: CVE-2026-11084 Inappropriate implementation in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11084"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11084","csirts_url":"https://www.csirts.com/advisory/cve-2026-11084-4630"},{"num":4633,"source_id":"msrc","external_id":"CVE-2026-11088","title":"CVE-2026-11088: Chromium: CVE-2026-11088 Integer overflow in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11088"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11088","csirts_url":"https://www.csirts.com/advisory/cve-2026-11088-4633"},{"num":4516,"source_id":"msrc","external_id":"CVE-2026-48583","title":"CVE-2026-48583: Windows Kernel Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-48583"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48583","csirts_url":"https://www.csirts.com/advisory/cve-2026-48583-4516"},{"num":4346,"source_id":"msrc","external_id":"CVE-2026-53183","title":"CVE-2026-53183: mptcp: allow subflow rcv wnd to shrink","severity":"medium","cvss":5.5,"cves":["CVE-2026-53183"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53183","csirts_url":"https://www.csirts.com/advisory/cve-2026-53183-4346"},{"num":4520,"source_id":"msrc","external_id":"CVE-2026-10888","title":"CVE-2026-10888: Chromium: CVE-2026-10888 Use after free in Cast Streaming","severity":"unknown","cvss":null,"cves":["CVE-2026-10888"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10888","csirts_url":"https://www.csirts.com/advisory/cve-2026-10888-4520"},{"num":5106,"source_id":"msrc","external_id":"CVE-2026-13033","title":"CVE-2026-13033: Chromium: CVE-2026-13033 Out of bounds read in Blink>InterestGroups","severity":"unknown","cvss":null,"cves":["CVE-2026-13033"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13033","csirts_url":"https://www.csirts.com/advisory/cve-2026-13033-5106"},{"num":1813,"source_id":"msrc","external_id":"CVE-2026-13201","title":"CVE-2026-13201: Kubevirt: virt-handler-rhel9: kubevirt: safepath symlink following in virt-handler enables notify socket hijacking and node-level vm disruption","severity":"medium","cvss":6.3,"cves":["CVE-2026-13201"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13201","csirts_url":"https://www.csirts.com/advisory/cve-2026-13201-1813"},{"num":3930,"source_id":"msrc","external_id":"CVE-2026-53120","title":"CVE-2026-53120: PCI: use generic driver_override infrastructure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53120"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53120","csirts_url":"https://www.csirts.com/advisory/cve-2026-53120-3930"},{"num":4534,"source_id":"msrc","external_id":"CVE-2026-10914","title":"CVE-2026-10914: Chromium: CVE-2026-10914 Use after free in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10914"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10914","csirts_url":"https://www.csirts.com/advisory/cve-2026-10914-4534"},{"num":5104,"source_id":"msrc","external_id":"CVE-2026-13035","title":"CVE-2026-13035: Chromium: CVE-2026-13035 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-13035"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13035","csirts_url":"https://www.csirts.com/advisory/cve-2026-13035-5104"},{"num":5102,"source_id":"msrc","external_id":"CVE-2026-12466","title":"CVE-2026-12466: Chromium: CVE-2026-12466 Heap buffer overflow in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-12466"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12466","csirts_url":"https://www.csirts.com/advisory/cve-2026-12466-5102"},{"num":342,"source_id":"msrc","external_id":"CVE-2026-42764","title":"CVE-2026-42764: NULL Pointer Dereference in QUIC Server Initial Packet Handling","severity":"high","cvss":7.5,"cves":["CVE-2026-42764"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42764","csirts_url":"https://www.csirts.com/advisory/cve-2026-42764-342"},{"num":3931,"source_id":"msrc","external_id":"CVE-2026-53151","title":"CVE-2026-53151: rxrpc: Fix the ACK parser to extract the SACK table for parsing","severity":"medium","cvss":5.5,"cves":["CVE-2026-53151"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53151","csirts_url":"https://www.csirts.com/advisory/cve-2026-53151-3931"},{"num":4493,"source_id":"msrc","external_id":"CVE-2026-47291","title":"CVE-2026-47291: HTTP.sys Remote Code Execution Vulnerability","severity":"critical","cvss":9.8,"cves":["CVE-2026-47291"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47291","csirts_url":"https://www.csirts.com/advisory/cve-2026-47291-4493"},{"num":4591,"source_id":"msrc","external_id":"CVE-2026-11009","title":"CVE-2026-11009: Chromium: CVE-2026-11009 Use after free in USB","severity":"unknown","cvss":null,"cves":["CVE-2026-11009"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11009","csirts_url":"https://www.csirts.com/advisory/cve-2026-11009-4591"},{"num":4631,"source_id":"msrc","external_id":"CVE-2026-11086","title":"CVE-2026-11086: Chromium: CVE-2026-11086 Insufficient validation of untrusted input in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11086"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11086","csirts_url":"https://www.csirts.com/advisory/cve-2026-11086-4631"},{"num":4688,"source_id":"msrc","external_id":"CVE-2026-11162","title":"CVE-2026-11162: Chromium: CVE-2026-11162 Insufficient policy enforcement in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11162"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11162","csirts_url":"https://www.csirts.com/advisory/cve-2026-11162-4688"},{"num":4708,"source_id":"msrc","external_id":"CVE-2026-11189","title":"CVE-2026-11189: Chromium: CVE-2026-11189 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11189"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11189","csirts_url":"https://www.csirts.com/advisory/cve-2026-11189-4708"},{"num":1797,"source_id":"msrc","external_id":"CVE-2026-53239","title":"CVE-2026-53239: xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx()","severity":"high","cvss":7,"cves":["CVE-2026-53239"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53239","csirts_url":"https://www.csirts.com/advisory/cve-2026-53239-1797"},{"num":4255,"source_id":"msrc","external_id":"CVE-2026-53227","title":"CVE-2026-53227: net: openvswitch: fix possible kfree_skb of ERR_PTR","severity":"medium","cvss":5.5,"cves":["CVE-2026-53227"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53227","csirts_url":"https://www.csirts.com/advisory/cve-2026-53227-4255"},{"num":4288,"source_id":"msrc","external_id":"CVE-2026-3195","title":"CVE-2026-3195: Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)","severity":"high","cvss":7.4,"cves":["CVE-2026-3195"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3195","csirts_url":"https://www.csirts.com/advisory/cve-2026-3195-4288"},{"num":4408,"source_id":"msrc","external_id":"CVE-2026-57231","title":"CVE-2026-57231: Podman: Malformed Image can trick podman run into leaking host environment variables into the container","severity":"high","cvss":7.5,"cves":["CVE-2026-57231"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57231","csirts_url":"https://www.csirts.com/advisory/cve-2026-57231-4408"},{"num":4442,"source_id":"msrc","external_id":"CVE-2026-42895","title":"CVE-2026-42895: Microsoft Copilot Tampering Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-42895"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42895","csirts_url":"https://www.csirts.com/advisory/cve-2026-42895-4442"},{"num":4549,"source_id":"msrc","external_id":"CVE-2026-10939","title":"CVE-2026-10939: Chromium: CVE-2026-10939 Use after free in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-10939"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10939","csirts_url":"https://www.csirts.com/advisory/cve-2026-10939-4549"},{"num":4102,"source_id":"msrc","external_id":"CVE-2026-57436","title":"CVE-2026-57436: Nokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node type","severity":"medium","cvss":5.3,"cves":["CVE-2026-57436"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57436","csirts_url":"https://www.csirts.com/advisory/cve-2026-57436-4102"},{"num":4448,"source_id":"msrc","external_id":"CVE-2026-40404","title":"CVE-2026-40404: Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-40404"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40404","csirts_url":"https://www.csirts.com/advisory/cve-2026-40404-4448"},{"num":4546,"source_id":"msrc","external_id":"CVE-2026-10933","title":"CVE-2026-10933: Chromium: CVE-2026-10933 Use after free in Audio","severity":"unknown","cvss":null,"cves":["CVE-2026-10933"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10933","csirts_url":"https://www.csirts.com/advisory/cve-2026-10933-4546"},{"num":4496,"source_id":"msrc","external_id":"CVE-2026-32193","title":"CVE-2026-32193: Azure Kubernetes Service (AKS) Remote Code Execution Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-32193"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32193","csirts_url":"https://www.csirts.com/advisory/cve-2026-32193-4496"},{"num":4233,"source_id":"msrc","external_id":"CVE-2026-54411","title":"CVE-2026-54411: Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equa","severity":"medium","cvss":5.9,"cves":["CVE-2026-54411"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54411","csirts_url":"https://www.csirts.com/advisory/cve-2026-54411-4233"},{"num":4498,"source_id":"msrc","external_id":"CVE-2026-47631","title":"CVE-2026-47631: Microsoft Exchange Server Spoofing Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-47631"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47631","csirts_url":"https://www.csirts.com/advisory/cve-2026-47631-4498"},{"num":4561,"source_id":"msrc","external_id":"CVE-2026-10962","title":"CVE-2026-10962: Chromium: CVE-2026-10962 Type Confusion in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-10962"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10962","csirts_url":"https://www.csirts.com/advisory/cve-2026-10962-4561"},{"num":4627,"source_id":"msrc","external_id":"CVE-2026-11078","title":"CVE-2026-11078: Chromium: CVE-2026-11078 Insufficient validation of untrusted input in FileSystem","severity":"unknown","cvss":null,"cves":["CVE-2026-11078"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11078","csirts_url":"https://www.csirts.com/advisory/cve-2026-11078-4627"},{"num":4544,"source_id":"msrc","external_id":"CVE-2026-10931","title":"CVE-2026-10931: Chromium: CVE-2026-10931 Use after free in FileSystem","severity":"unknown","cvss":null,"cves":["CVE-2026-10931"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10931","csirts_url":"https://www.csirts.com/advisory/cve-2026-10931-4544"},{"num":4445,"source_id":"msrc","external_id":"CVE-2026-48584","title":"CVE-2026-48584: Microsoft Azure Synapse Elevation of Privilege Vulnerability","severity":"critical","cvss":9.9,"cves":["CVE-2026-48584"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48584","csirts_url":"https://www.csirts.com/advisory/cve-2026-48584-4445"},{"num":4558,"source_id":"msrc","external_id":"CVE-2026-10956","title":"CVE-2026-10956: Chromium: CVE-2026-10956 Use after free in MimeHandlerView","severity":"unknown","cvss":null,"cves":["CVE-2026-10956"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10956","csirts_url":"https://www.csirts.com/advisory/cve-2026-10956-4558"},{"num":4277,"source_id":"msrc","external_id":"CVE-2026-53094","title":"CVE-2026-53094: bpf: Fix stale offload->prog pointer after constant blinding","severity":"medium","cvss":6.4,"cves":["CVE-2026-53094"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53094","csirts_url":"https://www.csirts.com/advisory/cve-2026-53094-4277"},{"num":4551,"source_id":"msrc","external_id":"CVE-2026-10941","title":"CVE-2026-10941: Chromium: CVE-2026-10941 Out of bounds memory access in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-10941"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10941","csirts_url":"https://www.csirts.com/advisory/cve-2026-10941-4551"},{"num":4600,"source_id":"msrc","external_id":"CVE-2026-11033","title":"CVE-2026-11033: Chromium: CVE-2026-11033 Uninitialized Use in WebML","severity":"unknown","cvss":null,"cves":["CVE-2026-11033"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11033","csirts_url":"https://www.csirts.com/advisory/cve-2026-11033-4600"},{"num":4444,"source_id":"msrc","external_id":"CVE-2026-47647","title":"CVE-2026-47647: Dynamics 365 Elevation of Privilege Vulnerability","severity":"critical","cvss":9.9,"cves":["CVE-2026-47647"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47647","csirts_url":"https://www.csirts.com/advisory/cve-2026-47647-4444"},{"num":4563,"source_id":"msrc","external_id":"CVE-2026-10965","title":"CVE-2026-10965: Chromium: CVE-2026-10965 Integer overflow in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-10965"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10965","csirts_url":"https://www.csirts.com/advisory/cve-2026-10965-4563"},{"num":4567,"source_id":"msrc","external_id":"CVE-2026-10971","title":"CVE-2026-10971: Chromium: CVE-2026-10971 Insufficient validation of untrusted input in Printing","severity":"unknown","cvss":null,"cves":["CVE-2026-10971"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10971","csirts_url":"https://www.csirts.com/advisory/cve-2026-10971-4567"},{"num":4553,"source_id":"msrc","external_id":"CVE-2026-10943","title":"CVE-2026-10943: Chromium: CVE-2026-10943 Use after free in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-10943"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10943","csirts_url":"https://www.csirts.com/advisory/cve-2026-10943-4553"},{"num":4566,"source_id":"msrc","external_id":"CVE-2026-10970","title":"CVE-2026-10970: Chromium: CVE-2026-10970 Insufficient validation of untrusted input in InterestGroups","severity":"unknown","cvss":null,"cves":["CVE-2026-10970"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10970","csirts_url":"https://www.csirts.com/advisory/cve-2026-10970-4566"},{"num":4570,"source_id":"msrc","external_id":"CVE-2026-10974","title":"CVE-2026-10974: Chromium: CVE-2026-10974 Insufficient validation of untrusted input in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10974"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10974","csirts_url":"https://www.csirts.com/advisory/cve-2026-10974-4570"},{"num":4616,"source_id":"msrc","external_id":"CVE-2026-11056","title":"CVE-2026-11056: Chromium: CVE-2026-11056 Insufficient validation of untrusted input in SiteIsolation","severity":"unknown","cvss":null,"cves":["CVE-2026-11056"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11056","csirts_url":"https://www.csirts.com/advisory/cve-2026-11056-4616"},{"num":4628,"source_id":"msrc","external_id":"CVE-2026-11079","title":"CVE-2026-11079: Chromium: CVE-2026-11079 Insufficient validation of untrusted input in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11079"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11079","csirts_url":"https://www.csirts.com/advisory/cve-2026-11079-4628"},{"num":2534,"source_id":"msrc","external_id":"CVE-2026-53045","title":"CVE-2026-53045: memory: tegra124-emc: Fix dll_change check","severity":"critical","cvss":9.8,"cves":["CVE-2026-53045"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53045","csirts_url":"https://www.csirts.com/advisory/cve-2026-53045-2534"},{"num":5099,"source_id":"msrc","external_id":"CVE-2026-12444","title":"CVE-2026-12444: Chromium: CVE-2026-12444 Out of bounds read in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-12444"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12444","csirts_url":"https://www.csirts.com/advisory/cve-2026-12444-5099"},{"num":3542,"source_id":"msrc","external_id":"CVE-2026-53194","title":"CVE-2026-53194: USB: serial: kl5kusb105: fix bulk-out buffer overflow","severity":"high","cvss":7.8,"cves":["CVE-2026-53194"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53194","csirts_url":"https://www.csirts.com/advisory/cve-2026-53194-3542"},{"num":4453,"source_id":"msrc","external_id":"CVE-2026-44818","title":"CVE-2026-44818: Microsoft Excel Remote Code Execution Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-44818"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44818","csirts_url":"https://www.csirts.com/advisory/cve-2026-44818-4453"},{"num":4487,"source_id":"msrc","external_id":"CVE-2026-45655","title":"CVE-2026-45655: Windows BitLocker Security Feature Bypass Vulnerability","severity":"medium","cvss":5.3,"cves":["CVE-2026-45655"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45655","csirts_url":"https://www.csirts.com/advisory/cve-2026-45655-4487"},{"num":4565,"source_id":"msrc","external_id":"CVE-2026-10969","title":"CVE-2026-10969: Chromium: CVE-2026-10969 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-10969"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10969","csirts_url":"https://www.csirts.com/advisory/cve-2026-10969-4565"},{"num":5098,"source_id":"msrc","external_id":"CVE-2026-12449","title":"CVE-2026-12449: Chromium: CVE-2026-12449 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-12449"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12449","csirts_url":"https://www.csirts.com/advisory/cve-2026-12449-5098"},{"num":5138,"source_id":"msrc","external_id":"CVE-2026-42970","title":"CVE-2026-42970: Windows Push Notification Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42970"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42970","csirts_url":"https://www.csirts.com/advisory/cve-2026-42970-5138"},{"num":4319,"source_id":"msrc","external_id":"CVE-2026-53009","title":"CVE-2026-53009: ice: fix double-free of tx_buf skb","severity":"critical","cvss":9.8,"cves":["CVE-2026-53009"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53009","csirts_url":"https://www.csirts.com/advisory/cve-2026-53009-4319"},{"num":4264,"source_id":"msrc","external_id":"CVE-2026-52921","title":"CVE-2026-52921: netfilter: ipset: stop hash:* range iteration at end","severity":"medium","cvss":5.5,"cves":["CVE-2026-52921"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52921","csirts_url":"https://www.csirts.com/advisory/cve-2026-52921-4264"},{"num":4576,"source_id":"msrc","external_id":"CVE-2026-10982","title":"CVE-2026-10982: Chromium: CVE-2026-10982 Use after free in WebXR","severity":"unknown","cvss":null,"cves":["CVE-2026-10982"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10982","csirts_url":"https://www.csirts.com/advisory/cve-2026-10982-4576"},{"num":4653,"source_id":"msrc","external_id":"CVE-2026-11122","title":"CVE-2026-11122: Chromium: CVE-2026-11122 Inappropriate implementation in Keyboard","severity":"unknown","cvss":null,"cves":["CVE-2026-11122"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11122","csirts_url":"https://www.csirts.com/advisory/cve-2026-11122-4653"},{"num":4582,"source_id":"msrc","external_id":"CVE-2026-10993","title":"CVE-2026-10993: Chromium: CVE-2026-10993 Heap buffer overflow in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-10993"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10993","csirts_url":"https://www.csirts.com/advisory/cve-2026-10993-4582"},{"num":4289,"source_id":"msrc","external_id":"CVE-2026-3196","title":"CVE-2026-3196: Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation","severity":"medium","cvss":5.5,"cves":["CVE-2026-3196"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3196","csirts_url":"https://www.csirts.com/advisory/cve-2026-3196-4289"},{"num":4629,"source_id":"msrc","external_id":"CVE-2026-11081","title":"CVE-2026-11081: Chromium: CVE-2026-11081 Policy bypass in Canvas","severity":"unknown","cvss":null,"cves":["CVE-2026-11081"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11081","csirts_url":"https://www.csirts.com/advisory/cve-2026-11081-4629"},{"num":4294,"source_id":"msrc","external_id":"CVE-2026-55199","title":"CVE-2026-55199: libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler","severity":"medium","cvss":5.9,"cves":["CVE-2026-55199"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55199","csirts_url":"https://www.csirts.com/advisory/cve-2026-55199-4294"},{"num":4636,"source_id":"msrc","external_id":"CVE-2026-11093","title":"CVE-2026-11093: Chromium: CVE-2026-11093 Insufficient validation of untrusted input in Printing","severity":"unknown","cvss":null,"cves":["CVE-2026-11093"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11093","csirts_url":"https://www.csirts.com/advisory/cve-2026-11093-4636"},{"num":86850,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-140","title":"Improper access control in API endpoints","severity":"unknown","cvss":null,"cves":["CVE-2026-49938"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-140","csirts_url":"https://www.csirts.com/advisory/improper-access-control-in-api-endpoints-86850"},{"num":4468,"source_id":"msrc","external_id":"CVE-2026-45500","title":"CVE-2026-45500: Microsoft Exchange Server Spoofing Vulnerability","severity":"medium","cvss":6.1,"cves":["CVE-2026-45500"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45500","csirts_url":"https://www.csirts.com/advisory/cve-2026-45500-4468"},{"num":4225,"source_id":"msrc","external_id":"CVE-2026-9076","title":"CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption","severity":"high","cvss":7.5,"cves":["CVE-2026-9076"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9076","csirts_url":"https://www.csirts.com/advisory/cve-2026-9076-4225"},{"num":4227,"source_id":"msrc","external_id":"CVE-2026-42766","title":"CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption","severity":"medium","cvss":5.9,"cves":["CVE-2026-42766"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42766","csirts_url":"https://www.csirts.com/advisory/cve-2026-42766-4227"},{"num":4474,"source_id":"msrc","external_id":"CVE-2026-45605","title":"CVE-2026-45605: Windows Bluetooth Service Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45605"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45605","csirts_url":"https://www.csirts.com/advisory/cve-2026-45605-4474"},{"num":4684,"source_id":"msrc","external_id":"CVE-2026-11159","title":"CVE-2026-11159: Chromium: CVE-2026-11159 Uninitialized Use in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-11159"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11159","csirts_url":"https://www.csirts.com/advisory/cve-2026-11159-4684"},{"num":5173,"source_id":"msrc","external_id":"CVE-2026-48582","title":"CVE-2026-48582: Microsoft Exchange Online Elevation of Privilege Vulnerability","severity":"critical","cvss":9.6,"cves":["CVE-2026-48582"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48582","csirts_url":"https://www.csirts.com/advisory/cve-2026-48582-5173"},{"num":4696,"source_id":"msrc","external_id":"CVE-2026-11176","title":"CVE-2026-11176: Chromium: CVE-2026-11176 Inappropriate implementation in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11176"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11176","csirts_url":"https://www.csirts.com/advisory/cve-2026-11176-4696"},{"num":4726,"source_id":"msrc","external_id":"CVE-2026-11211","title":"CVE-2026-11211: Chromium: CVE-2026-11211 Integer overflow in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11211"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11211","csirts_url":"https://www.csirts.com/advisory/cve-2026-11211-4726"},{"num":4367,"source_id":"msrc","external_id":"CVE-2026-53050","title":"CVE-2026-53050: quota: Fix race of dquot_scan_active() with quota deactivation","severity":"medium","cvss":5.5,"cves":["CVE-2026-53050"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53050","csirts_url":"https://www.csirts.com/advisory/cve-2026-53050-4367"},{"num":5121,"source_id":"msrc","external_id":"CVE-2026-42904","title":"CVE-2026-42904: Windows TCP/IP Elevation of Privilege Vulnerability","severity":"critical","cvss":9.6,"cves":["CVE-2026-42904"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42904","csirts_url":"https://www.csirts.com/advisory/cve-2026-42904-5121"},{"num":4428,"source_id":"msrc","external_id":"CVE-2026-45479","title":"CVE-2026-45479: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":4.6,"cves":["CVE-2026-45479"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45479","csirts_url":"https://www.csirts.com/advisory/cve-2026-45479-4428"},{"num":4392,"source_id":"msrc","external_id":"CVE-2026-53289","title":"CVE-2026-53289: ice: fix NULL pointer dereference in ice_reset_all_vfs()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53289"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53289","csirts_url":"https://www.csirts.com/advisory/cve-2026-53289-4392"},{"num":4415,"source_id":"msrc","external_id":"CVE-2026-12340","title":"CVE-2026-12340: Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation","severity":"high","cvss":7.5,"cves":["CVE-2026-12340"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12340","csirts_url":"https://www.csirts.com/advisory/cve-2026-12340-4415"},{"num":4584,"source_id":"msrc","external_id":"CVE-2026-10995","title":"CVE-2026-10995: Chromium: CVE-2026-10995 Heap buffer overflow in TabStrip","severity":"unknown","cvss":null,"cves":["CVE-2026-10995"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10995","csirts_url":"https://www.csirts.com/advisory/cve-2026-10995-4584"},{"num":4589,"source_id":"msrc","external_id":"CVE-2026-11006","title":"CVE-2026-11006: Chromium: CVE-2026-11006 Out of bounds read in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11006"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11006","csirts_url":"https://www.csirts.com/advisory/cve-2026-11006-4589"},{"num":4443,"source_id":"msrc","external_id":"CVE-2026-54130","title":"CVE-2026-54130: M365 Copilot Information Disclosure Vulnerability","severity":"critical","cvss":9.8,"cves":["CVE-2026-54130"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54130","csirts_url":"https://www.csirts.com/advisory/cve-2026-54130-4443"},{"num":4545,"source_id":"msrc","external_id":"CVE-2026-10932","title":"CVE-2026-10932: Chromium: CVE-2026-10932 Use after free in UI","severity":"unknown","cvss":null,"cves":["CVE-2026-10932"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10932","csirts_url":"https://www.csirts.com/advisory/cve-2026-10932-4545"},{"num":4387,"source_id":"msrc","external_id":"CVE-2026-53306","title":"CVE-2026-53306: tty: hvc_iucv: fix off-by-one in number of supported devices","severity":"high","cvss":7.1,"cves":["CVE-2026-53306"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53306","csirts_url":"https://www.csirts.com/advisory/cve-2026-53306-4387"},{"num":5127,"source_id":"msrc","external_id":"CVE-2026-42909","title":"CVE-2026-42909: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-42909"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42909","csirts_url":"https://www.csirts.com/advisory/cve-2026-42909-5127"},{"num":4515,"source_id":"msrc","external_id":"CVE-2026-48578","title":"CVE-2026-48578: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-48578"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48578","csirts_url":"https://www.csirts.com/advisory/cve-2026-48578-4515"},{"num":4609,"source_id":"msrc","external_id":"CVE-2026-11048","title":"CVE-2026-11048: Chromium: CVE-2026-11048 Inappropriate implementation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11048"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11048","csirts_url":"https://www.csirts.com/advisory/cve-2026-11048-4609"},{"num":4615,"source_id":"msrc","external_id":"CVE-2026-11055","title":"CVE-2026-11055: Chromium: CVE-2026-11055 Use after free in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11055"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11055","csirts_url":"https://www.csirts.com/advisory/cve-2026-11055-4615"},{"num":2461,"source_id":"msrc","external_id":"CVE-2026-52929","title":"CVE-2026-52929: sctp: stream: fully roll back denied add-stream state","severity":"medium","cvss":5.5,"cves":["CVE-2026-52929"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52929","csirts_url":"https://www.csirts.com/advisory/cve-2026-52929-2461"},{"num":4366,"source_id":"msrc","external_id":"CVE-2026-52958","title":"CVE-2026-52958: libceph: Fix potential out-of-bounds access in osdmap_decode()","severity":"medium","cvss":5.5,"cves":["CVE-2026-52958"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52958","csirts_url":"https://www.csirts.com/advisory/cve-2026-52958-4366"},{"num":5131,"source_id":"msrc","external_id":"CVE-2026-42912","title":"CVE-2026-42912: Windows Telephony Service Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-42912"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42912","csirts_url":"https://www.csirts.com/advisory/cve-2026-42912-5131"},{"num":4572,"source_id":"msrc","external_id":"CVE-2026-10976","title":"CVE-2026-10976: Chromium: CVE-2026-10976 Uninitialized Use in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-10976"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10976","csirts_url":"https://www.csirts.com/advisory/cve-2026-10976-4572"},{"num":4579,"source_id":"msrc","external_id":"CVE-2026-10990","title":"CVE-2026-10990: Chromium: CVE-2026-10990 Use after free in Glic","severity":"unknown","cvss":null,"cves":["CVE-2026-10990"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10990","csirts_url":"https://www.csirts.com/advisory/cve-2026-10990-4579"},{"num":4290,"source_id":"msrc","external_id":"CVE-2026-53182","title":"CVE-2026-53182: wifi: nl80211: reject oversized EMA RNR lists","severity":"high","cvss":7,"cves":["CVE-2026-53182"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53182","csirts_url":"https://www.csirts.com/advisory/cve-2026-53182-4290"},{"num":4574,"source_id":"msrc","external_id":"CVE-2026-10978","title":"CVE-2026-10978: Chromium: CVE-2026-10978 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-10978"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10978","csirts_url":"https://www.csirts.com/advisory/cve-2026-10978-4574"},{"num":4578,"source_id":"msrc","external_id":"CVE-2026-10989","title":"CVE-2026-10989: Chromium: CVE-2026-10989 Inappropriate implementation in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-10989"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10989","csirts_url":"https://www.csirts.com/advisory/cve-2026-10989-4578"},{"num":4575,"source_id":"msrc","external_id":"CVE-2026-10981","title":"CVE-2026-10981: Chromium: CVE-2026-10981 Insufficient validation of untrusted input in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-10981"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10981","csirts_url":"https://www.csirts.com/advisory/cve-2026-10981-4575"},{"num":5096,"source_id":"msrc","external_id":"CVE-2026-12467","title":"CVE-2026-12467: Chromium: CVE-2026-12467 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12467"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12467","csirts_url":"https://www.csirts.com/advisory/cve-2026-12467-5096"},{"num":4577,"source_id":"msrc","external_id":"CVE-2026-10983","title":"CVE-2026-10983: Chromium: CVE-2026-10983 Insufficient validation of untrusted input in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-10983"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10983","csirts_url":"https://www.csirts.com/advisory/cve-2026-10983-4577"},{"num":4647,"source_id":"msrc","external_id":"CVE-2026-11107","title":"CVE-2026-11107: Chromium: CVE-2026-11107 Inappropriate implementation in Downloads","severity":"unknown","cvss":null,"cves":["CVE-2026-11107"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11107","csirts_url":"https://www.csirts.com/advisory/cve-2026-11107-4647"},{"num":4649,"source_id":"msrc","external_id":"CVE-2026-11111","title":"CVE-2026-11111: Chromium: CVE-2026-11111 Out of bounds read in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11111"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11111","csirts_url":"https://www.csirts.com/advisory/cve-2026-11111-4649"},{"num":4655,"source_id":"msrc","external_id":"CVE-2026-11125","title":"CVE-2026-11125: Chromium: CVE-2026-11125 Use after free in Compositing","severity":"unknown","cvss":null,"cves":["CVE-2026-11125"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11125","csirts_url":"https://www.csirts.com/advisory/cve-2026-11125-4655"},{"num":3501,"source_id":"msrc","external_id":"CVE-2026-53228","title":"CVE-2026-53228: ipv6: sit: reload inner IPv6 header after GSO offloads","severity":"high","cvss":7,"cves":["CVE-2026-53228"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53228","csirts_url":"https://www.csirts.com/advisory/cve-2026-53228-3501"},{"num":4068,"source_id":"msrc","external_id":"CVE-2026-46244","title":"CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync","severity":"high","cvss":7,"cves":["CVE-2026-46244"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46244","csirts_url":"https://www.csirts.com/advisory/cve-2026-46244-4068"},{"num":4427,"source_id":"msrc","external_id":"CVE-2026-45474","title":"CVE-2026-45474: Microsoft Office Remote Code Execution Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-45474"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45474","csirts_url":"https://www.csirts.com/advisory/cve-2026-45474-4427"},{"num":4580,"source_id":"msrc","external_id":"CVE-2026-10991","title":"CVE-2026-10991: Chromium: CVE-2026-10991 Use after free in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-10991"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10991","csirts_url":"https://www.csirts.com/advisory/cve-2026-10991-4580"},{"num":4676,"source_id":"msrc","external_id":"CVE-2026-11150","title":"CVE-2026-11150: Chromium: CVE-2026-11150 Inappropriate implementation in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-11150"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11150","csirts_url":"https://www.csirts.com/advisory/cve-2026-11150-4676"},{"num":4583,"source_id":"msrc","external_id":"CVE-2026-10994","title":"CVE-2026-10994: Chromium: CVE-2026-10994 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10994"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10994","csirts_url":"https://www.csirts.com/advisory/cve-2026-10994-4583"},{"num":4672,"source_id":"msrc","external_id":"CVE-2026-11143","title":"CVE-2026-11143: Chromium: CVE-2026-11143 Heap buffer overflow in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11143"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11143","csirts_url":"https://www.csirts.com/advisory/cve-2026-11143-4672"},{"num":4679,"source_id":"msrc","external_id":"CVE-2026-11152","title":"CVE-2026-11152: Chromium: CVE-2026-11152 Object lifecycle issue in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11152"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11152","csirts_url":"https://www.csirts.com/advisory/cve-2026-11152-4679"},{"num":4205,"source_id":"msrc","external_id":"CVE-2026-44119","title":"CVE-2026-44119: Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules","severity":"medium","cvss":5.5,"cves":["CVE-2026-44119"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44119","csirts_url":"https://www.csirts.com/advisory/cve-2026-44119-4205"},{"num":4513,"source_id":"msrc","external_id":"CVE-2026-48575","title":"CVE-2026-48575: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-48575"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48575","csirts_url":"https://www.csirts.com/advisory/cve-2026-48575-4513"},{"num":4682,"source_id":"msrc","external_id":"CVE-2026-11156","title":"CVE-2026-11156: Chromium: CVE-2026-11156 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11156"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11156","csirts_url":"https://www.csirts.com/advisory/cve-2026-11156-4682"},{"num":4707,"source_id":"msrc","external_id":"CVE-2026-11192","title":"CVE-2026-11192: Chromium: CVE-2026-11192 Insufficient validation of untrusted input in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11192"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11192","csirts_url":"https://www.csirts.com/advisory/cve-2026-11192-4707"},{"num":5094,"source_id":"msrc","external_id":"CVE-2026-12465","title":"CVE-2026-12465: Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics","severity":"unknown","cvss":null,"cves":["CVE-2026-12465"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12465","csirts_url":"https://www.csirts.com/advisory/cve-2026-12465-5094"},{"num":2432,"source_id":"msrc","external_id":"CVE-2026-53198","title":"CVE-2026-53198: ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL","severity":"high","cvss":7.8,"cves":["CVE-2026-53198"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53198","csirts_url":"https://www.csirts.com/advisory/cve-2026-53198-2432"},{"num":4229,"source_id":"msrc","external_id":"CVE-2026-42769","title":"CVE-2026-42769: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate","severity":"medium","cvss":5.3,"cves":["CVE-2026-42769"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42769","csirts_url":"https://www.csirts.com/advisory/cve-2026-42769-4229"},{"num":2430,"source_id":"msrc","external_id":"CVE-2026-53049","title":"CVE-2026-53049: gfs2: add some missing log locking","severity":"critical","cvss":9.8,"cves":["CVE-2026-53049"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53049","csirts_url":"https://www.csirts.com/advisory/cve-2026-53049-2430"},{"num":4235,"source_id":"msrc","external_id":"CVE-2026-6893","title":"CVE-2026-6893: Dracut: dracut: root code execution via dhcp options command injection","severity":"high","cvss":8.8,"cves":["CVE-2026-6893"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-6893","csirts_url":"https://www.csirts.com/advisory/cve-2026-6893-4235"},{"num":4634,"source_id":"msrc","external_id":"CVE-2026-11089","title":"CVE-2026-11089: Chromium: CVE-2026-11089 Uninitialized Use in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11089"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11089","csirts_url":"https://www.csirts.com/advisory/cve-2026-11089-4634"},{"num":4664,"source_id":"msrc","external_id":"CVE-2026-11136","title":"CVE-2026-11136: Chromium: CVE-2026-11136 Use after free in Canvas","severity":"unknown","cvss":null,"cves":["CVE-2026-11136"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11136","csirts_url":"https://www.csirts.com/advisory/cve-2026-11136-4664"},{"num":5126,"source_id":"msrc","external_id":"CVE-2026-42980","title":"CVE-2026-42980: NT OS Kernel Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42980"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42980","csirts_url":"https://www.csirts.com/advisory/cve-2026-42980-5126"},{"num":4167,"source_id":"msrc","external_id":"CVE-2026-13595","title":"CVE-2026-13595: Util-linux: util-linux: heap use-after-free in libblkid nested partition probing","severity":"medium","cvss":6.8,"cves":["CVE-2026-13595"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13595","csirts_url":"https://www.csirts.com/advisory/cve-2026-13595-4167"},{"num":4349,"source_id":"msrc","external_id":"CVE-2026-53023","title":"CVE-2026-53023: fs/ntfs3: terminate the cached volume label after UTF-8 conversion","severity":"high","cvss":7.1,"cves":["CVE-2026-53023"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53023","csirts_url":"https://www.csirts.com/advisory/cve-2026-53023-4349"},{"num":5140,"source_id":"msrc","external_id":"CVE-2026-42984","title":"CVE-2026-42984: Windows Kernel Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-42984"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42984","csirts_url":"https://www.csirts.com/advisory/cve-2026-42984-5140"},{"num":4394,"source_id":"msrc","external_id":"CVE-2026-53303","title":"CVE-2026-53303: f2fs: protect extension_list reading with sb_lock in f2fs_sbi_show()","severity":"high","cvss":7.1,"cves":["CVE-2026-53303"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53303","csirts_url":"https://www.csirts.com/advisory/cve-2026-53303-4394"},{"num":4680,"source_id":"msrc","external_id":"CVE-2026-11154","title":"CVE-2026-11154: Chromium: CVE-2026-11154 Use after free in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11154"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11154","csirts_url":"https://www.csirts.com/advisory/cve-2026-11154-4680"},{"num":4719,"source_id":"msrc","external_id":"CVE-2026-11203","title":"CVE-2026-11203: Chromium: CVE-2026-11203 Policy bypass in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11203"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11203","csirts_url":"https://www.csirts.com/advisory/cve-2026-11203-4719"},{"num":4720,"source_id":"msrc","external_id":"CVE-2026-11200","title":"CVE-2026-11200: Chromium: CVE-2026-11200 Inappropriate implementation in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11200"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11200","csirts_url":"https://www.csirts.com/advisory/cve-2026-11200-4720"},{"num":4397,"source_id":"msrc","external_id":"CVE-2026-53295","title":"CVE-2026-53295: mailbox: add sanity check for channel array","severity":"medium","cvss":5.5,"cves":["CVE-2026-53295"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53295","csirts_url":"https://www.csirts.com/advisory/cve-2026-53295-4397"},{"num":4140,"source_id":"msrc","external_id":"CVE-2026-58013","title":"CVE-2026-58013: Glib: buffer over-read in glib/giochannel.c via \"g_io_channel_read_line_backend\"","severity":"medium","cvss":6.5,"cves":["CVE-2026-58013"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58013","csirts_url":"https://www.csirts.com/advisory/cve-2026-58013-4140"},{"num":4398,"source_id":"msrc","external_id":"CVE-2026-53279","title":"CVE-2026-53279: drm/gma500/oaktrail_lvds: fix hang on init failure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53279"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53279","csirts_url":"https://www.csirts.com/advisory/cve-2026-53279-4398"},{"num":4318,"source_id":"msrc","external_id":"CVE-2026-53078","title":"CVE-2026-53078: bpf: Fix same-register dst/src OOB read and pointer leak in sock_ops","severity":"high","cvss":7,"cves":["CVE-2026-53078"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53078","csirts_url":"https://www.csirts.com/advisory/cve-2026-53078-4318"},{"num":3315,"source_id":"msrc","external_id":"CVE-2026-56131","title":"CVE-2026-56131: libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation).","severity":"medium","cvss":4.9,"cves":["CVE-2026-56131"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56131","csirts_url":"https://www.csirts.com/advisory/cve-2026-56131-3315"},{"num":4375,"source_id":"msrc","external_id":"CVE-2026-53070","title":"CVE-2026-53070: sctp: disable BH before calling udp_tunnel_xmit_skb()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53070"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53070","csirts_url":"https://www.csirts.com/advisory/cve-2026-53070-4375"},{"num":4587,"source_id":"msrc","external_id":"CVE-2026-10998","title":"CVE-2026-10998: Chromium: CVE-2026-10998 Out of bounds read in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-10998"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10998","csirts_url":"https://www.csirts.com/advisory/cve-2026-10998-4587"},{"num":4145,"source_id":"msrc","external_id":"CVE-2026-13325","title":"CVE-2026-13325: Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces","severity":"high","cvss":8.5,"cves":["CVE-2026-13325"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13325","csirts_url":"https://www.csirts.com/advisory/cve-2026-13325-4145"},{"num":4166,"source_id":"msrc","external_id":"CVE-2026-11310","title":"CVE-2026-11310: X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring","severity":"high","cvss":7.5,"cves":["CVE-2026-11310"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11310","csirts_url":"https://www.csirts.com/advisory/cve-2026-11310-4166"},{"num":4359,"source_id":"msrc","external_id":"CVE-2026-53135","title":"CVE-2026-53135: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs","severity":"medium","cvss":5.5,"cves":["CVE-2026-53135"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53135","csirts_url":"https://www.csirts.com/advisory/cve-2026-53135-4359"},{"num":4539,"source_id":"msrc","external_id":"CVE-2026-10922","title":"CVE-2026-10922: Chromium: CVE-2026-10922 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-10922"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10922","csirts_url":"https://www.csirts.com/advisory/cve-2026-10922-4539"},{"num":4391,"source_id":"msrc","external_id":"CVE-2026-53294","title":"CVE-2026-53294: mailbox: mailbox-test: don't free the reused channel","severity":"medium","cvss":5.5,"cves":["CVE-2026-53294"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53294","csirts_url":"https://www.csirts.com/advisory/cve-2026-53294-4391"},{"num":4585,"source_id":"msrc","external_id":"CVE-2026-10996","title":"CVE-2026-10996: Chromium: CVE-2026-10996 Inappropriate implementation in Workers","severity":"unknown","cvss":null,"cves":["CVE-2026-10996"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10996","csirts_url":"https://www.csirts.com/advisory/cve-2026-10996-4585"},{"num":4641,"source_id":"msrc","external_id":"CVE-2026-11100","title":"CVE-2026-11100: Chromium: CVE-2026-11100 Use after free in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-11100"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11100","csirts_url":"https://www.csirts.com/advisory/cve-2026-11100-4641"},{"num":4667,"source_id":"msrc","external_id":"CVE-2026-11139","title":"CVE-2026-11139: Chromium: CVE-2026-11139 Policy bypass in Paint","severity":"unknown","cvss":null,"cves":["CVE-2026-11139"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11139","csirts_url":"https://www.csirts.com/advisory/cve-2026-11139-4667"},{"num":4281,"source_id":"msrc","external_id":"CVE-2026-54679","title":"CVE-2026-54679: jq: potential integer overflow in jvp_string_append","severity":"medium","cvss":5.5,"cves":["CVE-2026-54679"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54679","csirts_url":"https://www.csirts.com/advisory/cve-2026-54679-4281"},{"num":4328,"source_id":"msrc","external_id":"CVE-2026-53061","title":"CVE-2026-53061: dm cache: fix dirty mapping checking in passthrough mode switching","severity":"medium","cvss":5.5,"cves":["CVE-2026-53061"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53061","csirts_url":"https://www.csirts.com/advisory/cve-2026-53061-4328"},{"num":4352,"source_id":"msrc","external_id":"CVE-2026-53130","title":"CVE-2026-53130: fs/omfs: reject s_sys_blocksize smaller than OMFS_DIR_START","severity":"critical","cvss":9.8,"cves":["CVE-2026-53130"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53130","csirts_url":"https://www.csirts.com/advisory/cve-2026-53130-4352"},{"num":4590,"source_id":"msrc","external_id":"CVE-2026-11008","title":"CVE-2026-11008: Chromium: CVE-2026-11008 Insufficient validation of untrusted input in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-11008"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11008","csirts_url":"https://www.csirts.com/advisory/cve-2026-11008-4590"},{"num":5091,"source_id":"msrc","external_id":"CVE-2026-12462","title":"CVE-2026-12462: Chromium: CVE-2026-12462 Use after free in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-12462"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12462","csirts_url":"https://www.csirts.com/advisory/cve-2026-12462-5091"},{"num":4592,"source_id":"msrc","external_id":"CVE-2026-11013","title":"CVE-2026-11013: Chromium: CVE-2026-11013 Insufficient validation of untrusted input in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11013"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11013","csirts_url":"https://www.csirts.com/advisory/cve-2026-11013-4592"},{"num":4593,"source_id":"msrc","external_id":"CVE-2026-11015","title":"CVE-2026-11015: Chromium: CVE-2026-11015 Out of bounds read in WebGPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11015"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11015","csirts_url":"https://www.csirts.com/advisory/cve-2026-11015-4593"},{"num":4031,"source_id":"msrc","external_id":"CVE-2026-46301","title":"CVE-2026-46301: spi: topcliff-pch: fix use-after-free on unbind","severity":"high","cvss":7.8,"cves":["CVE-2026-46301"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46301","csirts_url":"https://www.csirts.com/advisory/cve-2026-46301-4031"},{"num":4242,"source_id":"msrc","external_id":"CVE-2026-9698","title":"CVE-2026-9698: DBI versions before 1.648 for Perl saved errors in a limited-sized buffer","severity":"high","cvss":8.8,"cves":["CVE-2026-9698"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9698","csirts_url":"https://www.csirts.com/advisory/cve-2026-9698-4242"},{"num":4606,"source_id":"msrc","external_id":"CVE-2026-11044","title":"CVE-2026-11044: Chromium: CVE-2026-11044 Integer overflow in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11044"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11044","csirts_url":"https://www.csirts.com/advisory/cve-2026-11044-4606"},{"num":4598,"source_id":"msrc","external_id":"CVE-2026-11024","title":"CVE-2026-11024: Chromium: CVE-2026-11024 Stack buffer overflow in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-11024"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11024","csirts_url":"https://www.csirts.com/advisory/cve-2026-11024-4598"},{"num":4604,"source_id":"msrc","external_id":"CVE-2026-11040","title":"CVE-2026-11040: Chromium: CVE-2026-11040 Use after free in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11040"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11040","csirts_url":"https://www.csirts.com/advisory/cve-2026-11040-4604"},{"num":4638,"source_id":"msrc","external_id":"CVE-2026-11096","title":"CVE-2026-11096: Chromium: CVE-2026-11096 Out of bounds read in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11096"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11096","csirts_url":"https://www.csirts.com/advisory/cve-2026-11096-4638"},{"num":4683,"source_id":"msrc","external_id":"CVE-2026-11157","title":"CVE-2026-11157: Chromium: CVE-2026-11157 Script injection in Accessibility","severity":"unknown","cvss":null,"cves":["CVE-2026-11157"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11157","csirts_url":"https://www.csirts.com/advisory/cve-2026-11157-4683"},{"num":4737,"source_id":"msrc","external_id":"CVE-2026-11224","title":"CVE-2026-11224: Chromium: CVE-2026-11224 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11224"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11224","csirts_url":"https://www.csirts.com/advisory/cve-2026-11224-4737"},{"num":5089,"source_id":"msrc","external_id":"CVE-2026-12459","title":"CVE-2026-12459: Chromium: CVE-2026-12459 Inappropriate implementation in Serial","severity":"unknown","cvss":null,"cves":["CVE-2026-12459"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12459","csirts_url":"https://www.csirts.com/advisory/cve-2026-12459-5089"},{"num":4239,"source_id":"msrc","external_id":"CVE-2026-48860","title":"CVE-2026-48860: Distribution-over-TLS LAN allowlist silently bypassed due to sockname/peername confusion in inet_tls_dist","severity":"medium","cvss":6.5,"cves":["CVE-2026-48860"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48860","csirts_url":"https://www.csirts.com/advisory/cve-2026-48860-4239"},{"num":4407,"source_id":"msrc","external_id":"CVE-2026-13318","title":"CVE-2026-13318: Virt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ip","severity":"medium","cvss":6.4,"cves":["CVE-2026-13318"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13318","csirts_url":"https://www.csirts.com/advisory/cve-2026-13318-4407"},{"num":4214,"source_id":"msrc","external_id":"CVE-2026-34355","title":"CVE-2026-34355: Apache HTTP Server: mod_proxy_html buffer overflow","severity":"high","cvss":7.5,"cves":["CVE-2026-34355"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34355","csirts_url":"https://www.csirts.com/advisory/cve-2026-34355-4214"},{"num":4350,"source_id":"msrc","external_id":"CVE-2026-52928","title":"CVE-2026-52928: af_unix: Reject SIOCATMARK on non-stream sockets","severity":"medium","cvss":5.5,"cves":["CVE-2026-52928"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52928","csirts_url":"https://www.csirts.com/advisory/cve-2026-52928-4350"},{"num":4698,"source_id":"msrc","external_id":"CVE-2026-11177","title":"CVE-2026-11177: Chromium: CVE-2026-11177 Use after free in Omnibox","severity":"unknown","cvss":null,"cves":["CVE-2026-11177"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11177","csirts_url":"https://www.csirts.com/advisory/cve-2026-11177-4698"},{"num":4701,"source_id":"msrc","external_id":"CVE-2026-11182","title":"CVE-2026-11182: Chromium: CVE-2026-11182 Inappropriate implementation in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-11182"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11182","csirts_url":"https://www.csirts.com/advisory/cve-2026-11182-4701"},{"num":4648,"source_id":"msrc","external_id":"CVE-2026-11109","title":"CVE-2026-11109: Chromium: CVE-2026-11109 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11109"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11109","csirts_url":"https://www.csirts.com/advisory/cve-2026-11109-4648"},{"num":4614,"source_id":"msrc","external_id":"CVE-2026-11053","title":"CVE-2026-11053: Chromium: CVE-2026-11053 VULNERABILITY in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11053"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11053","csirts_url":"https://www.csirts.com/advisory/cve-2026-11053-4614"},{"num":4700,"source_id":"msrc","external_id":"CVE-2026-11180","title":"CVE-2026-11180: Chromium: CVE-2026-11180 Policy bypass in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-11180"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11180","csirts_url":"https://www.csirts.com/advisory/cve-2026-11180-4700"},{"num":4426,"source_id":"msrc","external_id":"CVE-2026-45471","title":"CVE-2026-45471: Microsoft Word Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45471"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45471","csirts_url":"https://www.csirts.com/advisory/cve-2026-45471-4426"},{"num":4646,"source_id":"msrc","external_id":"CVE-2026-11106","title":"CVE-2026-11106: Chromium: CVE-2026-11106 Inappropriate implementation in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11106"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11106","csirts_url":"https://www.csirts.com/advisory/cve-2026-11106-4646"},{"num":4706,"source_id":"msrc","external_id":"CVE-2026-11187","title":"CVE-2026-11187: Chromium: CVE-2026-11187 Insufficient policy enforcement in Glic","severity":"unknown","cvss":null,"cves":["CVE-2026-11187"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11187","csirts_url":"https://www.csirts.com/advisory/cve-2026-11187-4706"},{"num":4712,"source_id":"msrc","external_id":"CVE-2026-11194","title":"CVE-2026-11194: Chromium: CVE-2026-11194 Inappropriate implementation in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11194"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11194","csirts_url":"https://www.csirts.com/advisory/cve-2026-11194-4712"},{"num":5164,"source_id":"msrc","external_id":"CVE-2026-44812","title":"CVE-2026-44812: Windows Graphics Component Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44812"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44812","csirts_url":"https://www.csirts.com/advisory/cve-2026-44812-5164"},{"num":4301,"source_id":"msrc","external_id":"CVE-2026-47241","title":"CVE-2026-47241: Net::IMAP: Denial of Service via incomplete raw argument validation","severity":"unknown","cvss":null,"cves":["CVE-2026-47241"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47241","csirts_url":"https://www.csirts.com/advisory/cve-2026-47241-4301"},{"num":4365,"source_id":"msrc","external_id":"CVE-2026-53232","title":"CVE-2026-53232: net: phy: clean the sfp upstream if phy probing fails","severity":"medium","cvss":5.5,"cves":["CVE-2026-53232"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53232","csirts_url":"https://www.csirts.com/advisory/cve-2026-53232-4365"},{"num":5088,"source_id":"msrc","external_id":"CVE-2026-12457","title":"CVE-2026-12457: Chromium: CVE-2026-12457 Insufficient data validation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12457"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12457","csirts_url":"https://www.csirts.com/advisory/cve-2026-12457-5088"},{"num":4018,"source_id":"msrc","external_id":"CVE-2026-46280","title":"CVE-2026-46280: lib: test_hmm: evict device pages on file close to avoid use-after-free","severity":"medium","cvss":5.5,"cves":["CVE-2026-46280"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46280","csirts_url":"https://www.csirts.com/advisory/cve-2026-46280-4018"},{"num":4656,"source_id":"msrc","external_id":"CVE-2026-11126","title":"CVE-2026-11126: Chromium: CVE-2026-11126 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11126"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11126","csirts_url":"https://www.csirts.com/advisory/cve-2026-11126-4656"},{"num":4657,"source_id":"msrc","external_id":"CVE-2026-11128","title":"CVE-2026-11128: Chromium: CVE-2026-11128 Insufficient validation of untrusted input in Web Share","severity":"unknown","cvss":null,"cves":["CVE-2026-11128"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11128","csirts_url":"https://www.csirts.com/advisory/cve-2026-11128-4657"},{"num":4666,"source_id":"msrc","external_id":"CVE-2026-11140","title":"CVE-2026-11140: Chromium: CVE-2026-11140 Insufficient validation of untrusted input in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-11140"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11140","csirts_url":"https://www.csirts.com/advisory/cve-2026-11140-4666"},{"num":4299,"source_id":"msrc","external_id":"CVE-2026-53149","title":"CVE-2026-53149: thunderbolt: Bound root directory content to block size","severity":"medium","cvss":5.5,"cves":["CVE-2026-53149"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53149","csirts_url":"https://www.csirts.com/advisory/cve-2026-53149-4299"},{"num":4669,"source_id":"msrc","external_id":"CVE-2026-11146","title":"CVE-2026-11146: Chromium: CVE-2026-11146 Insufficient validation of untrusted input in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11146"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11146","csirts_url":"https://www.csirts.com/advisory/cve-2026-11146-4669"},{"num":4681,"source_id":"msrc","external_id":"CVE-2026-11155","title":"CVE-2026-11155: Chromium: CVE-2026-11155 Insufficient policy enforcement in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11155"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11155","csirts_url":"https://www.csirts.com/advisory/cve-2026-11155-4681"},{"num":5042,"source_id":"msrc","external_id":"CVE-2026-11010","title":"CVE-2026-11010: Chromium: CVE-2026-11010 Use after free in WebShare","severity":"unknown","cvss":null,"cves":["CVE-2026-11010"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11010","csirts_url":"https://www.csirts.com/advisory/cve-2026-11010-5042"},{"num":4689,"source_id":"msrc","external_id":"CVE-2026-11168","title":"CVE-2026-11168: Chromium: CVE-2026-11168 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11168"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11168","csirts_url":"https://www.csirts.com/advisory/cve-2026-11168-4689"},{"num":4695,"source_id":"msrc","external_id":"CVE-2026-11174","title":"CVE-2026-11174: Chromium: CVE-2026-11174 Insufficient policy enforcement in Site Isolation","severity":"unknown","cvss":null,"cves":["CVE-2026-11174"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11174","csirts_url":"https://www.csirts.com/advisory/cve-2026-11174-4695"},{"num":4697,"source_id":"msrc","external_id":"CVE-2026-11173","title":"CVE-2026-11173: Chromium: CVE-2026-11173 Out of bounds write in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11173"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11173","csirts_url":"https://www.csirts.com/advisory/cve-2026-11173-4697"},{"num":4716,"source_id":"msrc","external_id":"CVE-2026-11198","title":"CVE-2026-11198: Chromium: CVE-2026-11198 Insufficient validation of untrusted input in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11198"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11198","csirts_url":"https://www.csirts.com/advisory/cve-2026-11198-4716"},{"num":4740,"source_id":"msrc","external_id":"CVE-2026-11231","title":"CVE-2026-11231: Chromium: CVE-2026-11231 Inappropriate implementation in Safe Browsing","severity":"unknown","cvss":null,"cves":["CVE-2026-11231"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11231","csirts_url":"https://www.csirts.com/advisory/cve-2026-11231-4740"},{"num":4793,"source_id":"msrc","external_id":"CVE-2026-11131","title":"CVE-2026-11131: Chromium: CVE-2026-11131 Use after free in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-11131"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11131","csirts_url":"https://www.csirts.com/advisory/cve-2026-11131-4793"},{"num":4794,"source_id":"msrc","external_id":"CVE-2026-11145","title":"CVE-2026-11145: Chromium: CVE-2026-11145 Race in Geolocation","severity":"unknown","cvss":null,"cves":["CVE-2026-11145"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11145","csirts_url":"https://www.csirts.com/advisory/cve-2026-11145-4794"},{"num":4315,"source_id":"msrc","external_id":"CVE-2026-53082","title":"CVE-2026-53082: net: hamradio: 6pack: fix uninit-value in sixpack_receive_buf","severity":"medium","cvss":5.5,"cves":["CVE-2026-53082"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53082","csirts_url":"https://www.csirts.com/advisory/cve-2026-53082-4315"},{"num":4643,"source_id":"msrc","external_id":"CVE-2026-11102","title":"CVE-2026-11102: Chromium: CVE-2026-11102 Inappropriate implementation in Isolated Web Apps","severity":"unknown","cvss":null,"cves":["CVE-2026-11102"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11102","csirts_url":"https://www.csirts.com/advisory/cve-2026-11102-4643"},{"num":4727,"source_id":"msrc","external_id":"CVE-2026-11212","title":"CVE-2026-11212: Chromium: CVE-2026-11212 Insufficient policy enforcement in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11212"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11212","csirts_url":"https://www.csirts.com/advisory/cve-2026-11212-4727"},{"num":4594,"source_id":"msrc","external_id":"CVE-2026-11016","title":"CVE-2026-11016: Chromium: CVE-2026-11016 Insufficient validation of untrusted input in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11016"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11016","csirts_url":"https://www.csirts.com/advisory/cve-2026-11016-4594"},{"num":4659,"source_id":"msrc","external_id":"CVE-2026-11133","title":"CVE-2026-11133: Chromium: CVE-2026-11133 Insufficient policy enforcement in Paint","severity":"unknown","cvss":null,"cves":["CVE-2026-11133"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11133","csirts_url":"https://www.csirts.com/advisory/cve-2026-11133-4659"},{"num":4730,"source_id":"msrc","external_id":"CVE-2026-11217","title":"CVE-2026-11217: Chromium: CVE-2026-11217 Insufficient policy enforcement in Fenced Frames","severity":"unknown","cvss":null,"cves":["CVE-2026-11217"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11217","csirts_url":"https://www.csirts.com/advisory/cve-2026-11217-4730"},{"num":4789,"source_id":"msrc","external_id":"CVE-2026-11080","title":"CVE-2026-11080: Chromium: CVE-2026-11080 Use after free in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11080"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11080","csirts_url":"https://www.csirts.com/advisory/cve-2026-11080-4789"},{"num":4322,"source_id":"msrc","external_id":"CVE-2026-53255","title":"CVE-2026-53255: Bluetooth: MGMT: validate advertising TLV before type checks","severity":"medium","cvss":5.5,"cves":["CVE-2026-53255"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53255","csirts_url":"https://www.csirts.com/advisory/cve-2026-53255-4322"},{"num":4143,"source_id":"msrc","external_id":"CVE-2026-13208","title":"CVE-2026-13208: Kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request body","severity":"medium","cvss":6.5,"cves":["CVE-2026-13208"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13208","csirts_url":"https://www.csirts.com/advisory/cve-2026-13208-4143"},{"num":4325,"source_id":"msrc","external_id":"CVE-2026-53122","title":"CVE-2026-53122: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit","severity":"medium","cvss":5.5,"cves":["CVE-2026-53122"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53122","csirts_url":"https://www.csirts.com/advisory/cve-2026-53122-4325"},{"num":4055,"source_id":"msrc","external_id":"CVE-2026-46324","title":"CVE-2026-46324: netfilter: nf_tables: use list_del_rcu for netlink hooks","severity":"high","cvss":7.8,"cves":["CVE-2026-46324"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46324","csirts_url":"https://www.csirts.com/advisory/cve-2026-46324-4055"},{"num":2324,"source_id":"msrc","external_id":"CVE-2026-52974","title":"CVE-2026-52974: net: tls: fix strparser anchor skb leak on offload RX setup failure","severity":"medium","cvss":5.5,"cves":["CVE-2026-52974"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52974","csirts_url":"https://www.csirts.com/advisory/cve-2026-52974-2324"},{"num":4304,"source_id":"msrc","external_id":"CVE-2026-53184","title":"CVE-2026-53184: udp: clear skb->dev before running a sockmap verdict","severity":"medium","cvss":5.5,"cves":["CVE-2026-53184"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53184","csirts_url":"https://www.csirts.com/advisory/cve-2026-53184-4304"},{"num":4788,"source_id":"msrc","external_id":"CVE-2026-11072","title":"CVE-2026-11072: Chromium: CVE-2026-11072 Use after free in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11072"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11072","csirts_url":"https://www.csirts.com/advisory/cve-2026-11072-4788"},{"num":4790,"source_id":"msrc","external_id":"CVE-2026-11082","title":"CVE-2026-11082: Chromium: CVE-2026-11082 Use after free in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11082"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11082","csirts_url":"https://www.csirts.com/advisory/cve-2026-11082-4790"},{"num":400,"source_id":"msrc","external_id":"CVE-2026-34181","title":"CVE-2026-34181: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys","severity":"high","cvss":7.4,"cves":["CVE-2026-34181"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34181","csirts_url":"https://www.csirts.com/advisory/cve-2026-34181-400"},{"num":5041,"source_id":"msrc","external_id":"CVE-2026-11007","title":"CVE-2026-11007: Chromium: CVE-2026-11007 Insufficient validation of untrusted input in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11007"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11007","csirts_url":"https://www.csirts.com/advisory/cve-2026-11007-5041"},{"num":5086,"source_id":"msrc","external_id":"CVE-2026-12456","title":"CVE-2026-12456: Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12456"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12456","csirts_url":"https://www.csirts.com/advisory/cve-2026-12456-5086"},{"num":4258,"source_id":"msrc","external_id":"CVE-2026-53207","title":"CVE-2026-53207: mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison","severity":"medium","cvss":5.5,"cves":["CVE-2026-53207"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53207","csirts_url":"https://www.csirts.com/advisory/cve-2026-53207-4258"},{"num":4197,"source_id":"msrc","external_id":"CVE-2026-49762","title":"CVE-2026-49762: Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service","severity":"unknown","cvss":null,"cves":["CVE-2026-49762"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49762","csirts_url":"https://www.csirts.com/advisory/cve-2026-49762-4197"},{"num":4733,"source_id":"msrc","external_id":"CVE-2026-11221","title":"CVE-2026-11221: Chromium: CVE-2026-11221 Insufficient validation of untrusted input in PointerLock","severity":"unknown","cvss":null,"cves":["CVE-2026-11221"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11221","csirts_url":"https://www.csirts.com/advisory/cve-2026-11221-4733"},{"num":4331,"source_id":"msrc","external_id":"CVE-2026-53000","title":"CVE-2026-53000: netfilter: nat: use kfree_rcu to release ops","severity":"critical","cvss":9.8,"cves":["CVE-2026-53000"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53000","csirts_url":"https://www.csirts.com/advisory/cve-2026-53000-4331"},{"num":5166,"source_id":"msrc","external_id":"CVE-2026-44813","title":"CVE-2026-44813: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44813"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44813","csirts_url":"https://www.csirts.com/advisory/cve-2026-44813-5166"},{"num":4355,"source_id":"msrc","external_id":"CVE-2026-57236","title":"CVE-2026-57236: Nokogiri: Possible Use-After-Free when `Nokogiri::XML::Document#encoding=` raises an exception","severity":"high","cvss":8.2,"cves":["CVE-2026-57236"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57236","csirts_url":"https://www.csirts.com/advisory/cve-2026-57236-4355"},{"num":4786,"source_id":"msrc","external_id":"CVE-2026-11045","title":"CVE-2026-11045: Chromium: CVE-2026-11045 Insufficient validation of untrusted input in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11045"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11045","csirts_url":"https://www.csirts.com/advisory/cve-2026-11045-4786"},{"num":4787,"source_id":"msrc","external_id":"CVE-2026-11065","title":"CVE-2026-11065: Chromium: CVE-2026-11065 Use after free in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11065"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11065","csirts_url":"https://www.csirts.com/advisory/cve-2026-11065-4787"},{"num":4791,"source_id":"msrc","external_id":"CVE-2026-11108","title":"CVE-2026-11108: Chromium: CVE-2026-11108 Inappropriate implementation in NFC","severity":"unknown","cvss":null,"cves":["CVE-2026-11108"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11108","csirts_url":"https://www.csirts.com/advisory/cve-2026-11108-4791"},{"num":4405,"source_id":"msrc","external_id":"CVE-2026-41992","title":"CVE-2026-41992: Global Buffer Overflow in GNU gzip","severity":"unknown","cvss":null,"cves":["CVE-2026-41992"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41992","csirts_url":"https://www.csirts.com/advisory/cve-2026-41992-4405"},{"num":4380,"source_id":"msrc","external_id":"CVE-2026-53320","title":"CVE-2026-53320: nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53320"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53320","csirts_url":"https://www.csirts.com/advisory/cve-2026-53320-4380"},{"num":4485,"source_id":"msrc","external_id":"CVE-2026-45649","title":"CVE-2026-45649: Office for Android Spoofing Vulnerability","severity":"high","cvss":7.1,"cves":["CVE-2026-45649"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45649","csirts_url":"https://www.csirts.com/advisory/cve-2026-45649-4485"},{"num":5085,"source_id":"msrc","external_id":"CVE-2026-12455","title":"CVE-2026-12455: Chromium: CVE-2026-12455 Use after free in Tab Strip","severity":"unknown","cvss":null,"cves":["CVE-2026-12455"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12455","csirts_url":"https://www.csirts.com/advisory/cve-2026-12455-5085"},{"num":5083,"source_id":"msrc","external_id":"CVE-2026-12452","title":"CVE-2026-12452: Chromium: CVE-2026-12452 Use after free in Downloads","severity":"unknown","cvss":null,"cves":["CVE-2026-12452"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12452","csirts_url":"https://www.csirts.com/advisory/cve-2026-12452-5083"},{"num":4314,"source_id":"msrc","external_id":"CVE-2026-53133","title":"CVE-2026-53133: RDMA/umem: Fix truncation for block sizes >= 4G","severity":"high","cvss":7,"cves":["CVE-2026-53133"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53133","csirts_url":"https://www.csirts.com/advisory/cve-2026-53133-4314"},{"num":4783,"source_id":"msrc","external_id":"CVE-2026-26142","title":"CVE-2026-26142: Nuance PowerScribe Remote Code Execution Vulnerability","severity":"critical","cvss":9.8,"cves":["CVE-2026-26142"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26142","csirts_url":"https://www.csirts.com/advisory/cve-2026-26142-4783"},{"num":4323,"source_id":"msrc","external_id":"CVE-2026-52968","title":"CVE-2026-52968: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic","severity":"medium","cvss":6.4,"cves":["CVE-2026-52968"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52968","csirts_url":"https://www.csirts.com/advisory/cve-2026-52968-4323"},{"num":4222,"source_id":"msrc","external_id":"CVE-2026-34182","title":"CVE-2026-34182: CMS AuthEnvelopedData Processing May Accept Forged Messages","severity":"critical","cvss":9.1,"cves":["CVE-2026-34182"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34182","csirts_url":"https://www.csirts.com/advisory/cve-2026-34182-4222"},{"num":4451,"source_id":"msrc","external_id":"CVE-2026-42902","title":"CVE-2026-42902: Microsoft PowerToys Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42902"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42902","csirts_url":"https://www.csirts.com/advisory/cve-2026-42902-4451"},{"num":5081,"source_id":"msrc","external_id":"CVE-2026-12447","title":"CVE-2026-12447: Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-12447"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12447","csirts_url":"https://www.csirts.com/advisory/cve-2026-12447-5081"},{"num":5080,"source_id":"msrc","external_id":"CVE-2026-12441","title":"CVE-2026-12441: Chromium: CVE-2026-12441 Use after free in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-12441"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12441","csirts_url":"https://www.csirts.com/advisory/cve-2026-12441-5080"},{"num":4784,"source_id":"msrc","external_id":"CVE-2026-11012","title":"CVE-2026-11012: Chromium: CVE-2026-11012 Use after free in Serial","severity":"unknown","cvss":null,"cves":["CVE-2026-11012"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11012","csirts_url":"https://www.csirts.com/advisory/cve-2026-11012-4784"},{"num":4785,"source_id":"msrc","external_id":"CVE-2026-11029","title":"CVE-2026-11029: Chromium: CVE-2026-11029 Insufficient validation of untrusted input in Drag and Drop","severity":"unknown","cvss":null,"cves":["CVE-2026-11029"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11029","csirts_url":"https://www.csirts.com/advisory/cve-2026-11029-4785"},{"num":5078,"source_id":"msrc","external_id":"CVE-2026-12446","title":"CVE-2026-12446: Chromium: CVE-2026-12446 Insufficient data validation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-12446"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12446","csirts_url":"https://www.csirts.com/advisory/cve-2026-12446-5078"},{"num":4181,"source_id":"msrc","external_id":"CVE-2026-5419","title":"CVE-2026-5419: Guntls: gnutls: information disclosure via timing side-channel in pkcs#7 padding removal","severity":"low","cvss":3.7,"cves":["CVE-2026-5419"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5419","csirts_url":"https://www.csirts.com/advisory/cve-2026-5419-4181"},{"num":5044,"source_id":"msrc","external_id":"CVE-2026-11034","title":"CVE-2026-11034: Chromium: CVE-2026-11034 Insufficient validation of untrusted input in Tab Group Sync","severity":"unknown","cvss":null,"cves":["CVE-2026-11034"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11034","csirts_url":"https://www.csirts.com/advisory/cve-2026-11034-5044"},{"num":4192,"source_id":"msrc","external_id":"CVE-2026-46291","title":"CVE-2026-46291: crypto: caam - guard HMAC key hex dumps in hash_digest_key","severity":"medium","cvss":5.5,"cves":["CVE-2026-46291"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46291","csirts_url":"https://www.csirts.com/advisory/cve-2026-46291-4192"},{"num":4384,"source_id":"msrc","external_id":"CVE-2026-53309","title":"CVE-2026-53309: ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison","severity":"critical","cvss":9.8,"cves":["CVE-2026-53309"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53309","csirts_url":"https://www.csirts.com/advisory/cve-2026-53309-4384"},{"num":4087,"source_id":"msrc","external_id":"CVE-2026-53208","title":"CVE-2026-53208: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig","severity":"high","cvss":7,"cves":["CVE-2026-53208"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53208","csirts_url":"https://www.csirts.com/advisory/cve-2026-53208-4087"},{"num":4729,"source_id":"msrc","external_id":"CVE-2026-11216","title":"CVE-2026-11216: Chromium: CVE-2026-11216 Incorrect security UI in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-11216"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11216","csirts_url":"https://www.csirts.com/advisory/cve-2026-11216-4729"},{"num":4692,"source_id":"msrc","external_id":"CVE-2026-11166","title":"CVE-2026-11166: Chromium: CVE-2026-11166 Inappropriate implementation in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-11166"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11166","csirts_url":"https://www.csirts.com/advisory/cve-2026-11166-4692"},{"num":5076,"source_id":"msrc","external_id":"CVE-2026-12440","title":"CVE-2026-12440: Chromium: CVE-2026-12440 Use after free in DigitalCredentials","severity":"unknown","cvss":null,"cves":["CVE-2026-12440"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12440","csirts_url":"https://www.csirts.com/advisory/cve-2026-12440-5076"},{"num":4714,"source_id":"msrc","external_id":"CVE-2026-11195","title":"CVE-2026-11195: Chromium: CVE-2026-11195 Inappropriate implementation in MHTML","severity":"unknown","cvss":null,"cves":["CVE-2026-11195"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11195","csirts_url":"https://www.csirts.com/advisory/cve-2026-11195-4714"},{"num":4735,"source_id":"msrc","external_id":"CVE-2026-11222","title":"CVE-2026-11222: Chromium: CVE-2026-11222 Incorrect security UI in Tab Strip","severity":"unknown","cvss":null,"cves":["CVE-2026-11222"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11222","csirts_url":"https://www.csirts.com/advisory/cve-2026-11222-4735"},{"num":4782,"source_id":"msrc","external_id":"CVE-2026-50508","title":"CVE-2026-50508: Windows NTLM Spoofing Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-50508"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50508","csirts_url":"https://www.csirts.com/advisory/cve-2026-50508-4782"},{"num":4792,"source_id":"msrc","external_id":"CVE-2026-11119","title":"CVE-2026-11119: Chromium: CVE-2026-11119 Insufficient validation of untrusted input in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11119"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11119","csirts_url":"https://www.csirts.com/advisory/cve-2026-11119-4792"},{"num":4795,"source_id":"msrc","external_id":"CVE-2026-11148","title":"CVE-2026-11148: Chromium: CVE-2026-11148 Inappropriate implementation in Payments","severity":"unknown","cvss":null,"cves":["CVE-2026-11148"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11148","csirts_url":"https://www.csirts.com/advisory/cve-2026-11148-4795"},{"num":5074,"source_id":"msrc","external_id":"CVE-2026-11656","title":"CVE-2026-11656: Chromium: CVE-2026-11655 Integer overflow in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11656"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11656","csirts_url":"https://www.csirts.com/advisory/cve-2026-11656-5074"},{"num":5073,"source_id":"msrc","external_id":"CVE-2026-11657","title":"CVE-2026-11657: Chromium: CVE-2026-11656 Use after free in ServiceWorker","severity":"unknown","cvss":null,"cves":["CVE-2026-11657"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11657","csirts_url":"https://www.csirts.com/advisory/cve-2026-11657-5073"},{"num":4778,"source_id":"msrc","external_id":"CVE-2026-11268","title":"CVE-2026-11268: Chromium: CVE-2026-11268 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11268"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11268","csirts_url":"https://www.csirts.com/advisory/cve-2026-11268-4778"},{"num":2248,"source_id":"msrc","external_id":"CVE-2026-53060","title":"CVE-2026-53060: dm cache metadata: fix memory leak on metadata abort retry","severity":"medium","cvss":5.5,"cves":["CVE-2026-53060"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53060","csirts_url":"https://www.csirts.com/advisory/cve-2026-53060-2248"},{"num":4159,"source_id":"msrc","external_id":"CVE-2026-55958","title":"CVE-2026-55958: Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage","severity":"high","cvss":7.5,"cves":["CVE-2026-55958"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55958","csirts_url":"https://www.csirts.com/advisory/cve-2026-55958-4159"},{"num":4779,"source_id":"msrc","external_id":"CVE-2026-11269","title":"CVE-2026-11269: Chromium: CVE-2026-11269 Inappropriate implementation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11269"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11269","csirts_url":"https://www.csirts.com/advisory/cve-2026-11269-4779"},{"num":4215,"source_id":"msrc","external_id":"CVE-2026-46683","title":"CVE-2026-46683: Snappy: SSRF and local file read via the xsl-style-sheet option","severity":"unknown","cvss":null,"cves":["CVE-2026-46683"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46683","csirts_url":"https://www.csirts.com/advisory/cve-2026-46683-4215"},{"num":4418,"source_id":"msrc","external_id":"CVE-2026-7531","title":"CVE-2026-7531: Use-after-free in PQC hybrid key-share handling","severity":"critical","cvss":9.8,"cves":["CVE-2026-7531"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-7531","csirts_url":"https://www.csirts.com/advisory/cve-2026-7531-4418"},{"num":3202,"source_id":"msrc","external_id":"CVE-2026-53258","title":"CVE-2026-53258: wifi: fix leak if split 6 GHz scanning fails","severity":"medium","cvss":5.5,"cves":["CVE-2026-53258"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53258","csirts_url":"https://www.csirts.com/advisory/cve-2026-53258-3202"},{"num":3012,"source_id":"msrc","external_id":"CVE-2026-47770","title":"CVE-2026-47770: jq: stack overflow in deep structural equality","severity":"medium","cvss":5.5,"cves":["CVE-2026-47770"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47770","csirts_url":"https://www.csirts.com/advisory/cve-2026-47770-3012"},{"num":4383,"source_id":"msrc","external_id":"CVE-2026-53284","title":"CVE-2026-53284: btrfs: only release the dirty pages io tree after successful writes","severity":"high","cvss":7.5,"cves":["CVE-2026-53284"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53284","csirts_url":"https://www.csirts.com/advisory/cve-2026-53284-4383"},{"num":4777,"source_id":"msrc","external_id":"CVE-2026-11267","title":"CVE-2026-11267: Chromium: CVE-2026-11267 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11267"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11267","csirts_url":"https://www.csirts.com/advisory/cve-2026-11267-4777"},{"num":4780,"source_id":"msrc","external_id":"CVE-2026-11271","title":"CVE-2026-11271: Chromium: CVE-2026-11271 Incorrect security UI in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-11271"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11271","csirts_url":"https://www.csirts.com/advisory/cve-2026-11271-4780"},{"num":4330,"source_id":"msrc","external_id":"CVE-2026-53064","title":"CVE-2026-53064: dm cache: fix null-deref with concurrent writes in passthrough mode","severity":"high","cvss":7.1,"cves":["CVE-2026-53064"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53064","csirts_url":"https://www.csirts.com/advisory/cve-2026-53064-4330"},{"num":4162,"source_id":"msrc","external_id":"CVE-2026-10512","title":"CVE-2026-10512: X25519 x86_64 assembly final reduction leaves non-canonical field element","severity":"high","cvss":7.5,"cves":["CVE-2026-10512"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10512","csirts_url":"https://www.csirts.com/advisory/cve-2026-10512-4162"},{"num":4393,"source_id":"msrc","external_id":"CVE-2026-53287","title":"CVE-2026-53287: audit: fix incorrect inheritable capability in CAPSET records","severity":"medium","cvss":5.5,"cves":["CVE-2026-53287"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53287","csirts_url":"https://www.csirts.com/advisory/cve-2026-53287-4393"},{"num":2214,"source_id":"msrc","external_id":"CVE-2026-53159","title":"CVE-2026-53159: misc: fastrpc: fix DMA address corruption due to find_vma misuse","severity":"high","cvss":7.8,"cves":["CVE-2026-53159"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53159","csirts_url":"https://www.csirts.com/advisory/cve-2026-53159-2214"},{"num":4437,"source_id":"msrc","external_id":"CVE-2026-12012","title":"CVE-2026-12012: Chromium: CVE-2026-12012 Use after free Network","severity":"unknown","cvss":null,"cves":["CVE-2026-12012"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12012","csirts_url":"https://www.csirts.com/advisory/cve-2026-12012-4437"},{"num":4212,"source_id":"msrc","external_id":"CVE-2026-34356","title":"CVE-2026-34356: Apache HTTP Server: ProxyPassReverseCookieMap buffer overflow","severity":"high","cvss":7.5,"cves":["CVE-2026-34356"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34356","csirts_url":"https://www.csirts.com/advisory/cve-2026-34356-4212"},{"num":4618,"source_id":"msrc","external_id":"CVE-2026-11058","title":"CVE-2026-11058: Chromium: CVE-2026-11058 Integer overflow in CredentialProvider","severity":"unknown","cvss":null,"cves":["CVE-2026-11058"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11058","csirts_url":"https://www.csirts.com/advisory/cve-2026-11058-4618"},{"num":4711,"source_id":"msrc","external_id":"CVE-2026-11193","title":"CVE-2026-11193: Chromium: CVE-2026-11193 Insufficient policy enforcement in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11193"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11193","csirts_url":"https://www.csirts.com/advisory/cve-2026-11193-4711"},{"num":4402,"source_id":"msrc","external_id":"CVE-2026-41991","title":"CVE-2026-41991: Predictable Temporary File in GNU gzip","severity":"unknown","cvss":null,"cves":["CVE-2026-41991"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41991","csirts_url":"https://www.csirts.com/advisory/cve-2026-41991-4402"},{"num":4410,"source_id":"msrc","external_id":"CVE-2026-55967","title":"CVE-2026-55967: AES-GCM streaming APIs do not reject >64 GiB cumulative single messages, enabling counter wrap and keystream reuse","severity":"high","cvss":7.5,"cves":["CVE-2026-55967"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55967","csirts_url":"https://www.csirts.com/advisory/cve-2026-55967-4410"},{"num":4775,"source_id":"msrc","external_id":"CVE-2026-11264","title":"CVE-2026-11264: Chromium: CVE-2026-11264 Policy bypass in Content Security Policy","severity":"unknown","cvss":null,"cves":["CVE-2026-11264"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11264","csirts_url":"https://www.csirts.com/advisory/cve-2026-11264-4775"},{"num":4776,"source_id":"msrc","external_id":"CVE-2026-11266","title":"CVE-2026-11266: Chromium: CVE-2026-11266 Policy bypass in SafeBrowsing","severity":"unknown","cvss":null,"cves":["CVE-2026-11266"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11266","csirts_url":"https://www.csirts.com/advisory/cve-2026-11266-4776"},{"num":4781,"source_id":"msrc","external_id":"CVE-2026-11273","title":"CVE-2026-11273: Chromium: CVE-2026-11273 Insufficient validation of untrusted input in Omnibox","severity":"unknown","cvss":null,"cves":["CVE-2026-11273"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11273","csirts_url":"https://www.csirts.com/advisory/cve-2026-11273-4781"},{"num":4332,"source_id":"msrc","external_id":"CVE-2026-53035","title":"CVE-2026-53035: bpf, sockmap: Fix af_unix iter deadlock","severity":"medium","cvss":5.5,"cves":["CVE-2026-53035"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53035","csirts_url":"https://www.csirts.com/advisory/cve-2026-53035-4332"},{"num":4414,"source_id":"msrc","external_id":"CVE-2026-6091","title":"CVE-2026-6091: Partial-chain verification accepts untrusted intermediate as trust anchor","severity":"medium","cvss":6.5,"cves":["CVE-2026-6091"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-6091","csirts_url":"https://www.csirts.com/advisory/cve-2026-6091-4414"},{"num":5071,"source_id":"msrc","external_id":"CVE-2026-11654","title":"CVE-2026-11654: Chromium: CVE-2026-11653 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11654"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11654","csirts_url":"https://www.csirts.com/advisory/cve-2026-11654-5071"},{"num":5070,"source_id":"msrc","external_id":"CVE-2026-11651","title":"CVE-2026-11651: Chromium: CVE-2026-11650 Use after free in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11651"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11651","csirts_url":"https://www.csirts.com/advisory/cve-2026-11651-5070"},{"num":5069,"source_id":"msrc","external_id":"CVE-2026-11653","title":"CVE-2026-11653: Chromium: CVE-2026-11652 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11653"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11653","csirts_url":"https://www.csirts.com/advisory/cve-2026-11653-5069"},{"num":586,"source_id":"msrc","external_id":"CVE-2026-52933","title":"CVE-2026-52933: io_uring/poll: fix signed comparison in io_poll_get_ownership()","severity":"high","cvss":7,"cves":["CVE-2026-52933"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52933","csirts_url":"https://www.csirts.com/advisory/cve-2026-52933-586"},{"num":4717,"source_id":"msrc","external_id":"CVE-2026-11199","title":"CVE-2026-11199: Chromium: CVE-2026-11199 Insufficient validation of untrusted input in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11199"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11199","csirts_url":"https://www.csirts.com/advisory/cve-2026-11199-4717"},{"num":4074,"source_id":"msrc","external_id":"CVE-2026-10879","title":"CVE-2026-10879: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders","severity":"high","cvss":8.6,"cves":["CVE-2026-10879"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10879","csirts_url":"https://www.csirts.com/advisory/cve-2026-10879-4074"},{"num":4333,"source_id":"msrc","external_id":"CVE-2026-53225","title":"CVE-2026-53225: sctp: fix uninit-value in __sctp_rcv_asconf_lookup()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53225"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53225","csirts_url":"https://www.csirts.com/advisory/cve-2026-53225-4333"},{"num":5068,"source_id":"msrc","external_id":"CVE-2026-11650","title":"CVE-2026-11650: Chromium: CVE-2026-11649 Use after free in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11650"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11650","csirts_url":"https://www.csirts.com/advisory/cve-2026-11650-5068"},{"num":5159,"source_id":"msrc","external_id":"CVE-2026-44814","title":"CVE-2026-44814: Windows DWM Core Library Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-44814"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44814","csirts_url":"https://www.csirts.com/advisory/cve-2026-44814-5159"},{"num":4431,"source_id":"msrc","external_id":"CVE-2026-45483","title":"CVE-2026-45483: Microsoft Office Project Server Spoofing Vulnerability","severity":"medium","cvss":4.6,"cves":["CVE-2026-45483"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45483","csirts_url":"https://www.csirts.com/advisory/cve-2026-45483-4431"},{"num":5067,"source_id":"msrc","external_id":"CVE-2026-11652","title":"CVE-2026-11652: Chromium: CVE-2026-11651 Use after free in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11652"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11652","csirts_url":"https://www.csirts.com/advisory/cve-2026-11652-5067"},{"num":4210,"source_id":"msrc","external_id":"CVE-2026-44631","title":"CVE-2026-44631: Apache HTTP Server: Heap Underflow in `ap_regname` via Signed Char Overflow","severity":"critical","cvss":9.4,"cves":["CVE-2026-44631"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44631","csirts_url":"https://www.csirts.com/advisory/cve-2026-44631-4210"},{"num":4342,"source_id":"msrc","external_id":"CVE-2026-53111","title":"CVE-2026-53111: bpf: test_run: Fix the null pointer dereference issue in bpf_lwt_xmit_push_encap","severity":"medium","cvss":6.5,"cves":["CVE-2026-53111"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53111","csirts_url":"https://www.csirts.com/advisory/cve-2026-53111-4342"},{"num":4478,"source_id":"msrc","external_id":"CVE-2026-45607","title":"CVE-2026-45607: Windows Hyper-V Remote Code Execution Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-45607"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45607","csirts_url":"https://www.csirts.com/advisory/cve-2026-45607-4478"},{"num":4736,"source_id":"msrc","external_id":"CVE-2026-11223","title":"CVE-2026-11223: Chromium: CVE-2026-11223 Insufficient validation of untrusted input in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11223"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11223","csirts_url":"https://www.csirts.com/advisory/cve-2026-11223-4736"},{"num":4796,"source_id":"msrc","external_id":"CVE-2026-11175","title":"CVE-2026-11175: Chromium: CVE-2026-11175 Incorrect security UI in Messages","severity":"unknown","cvss":null,"cves":["CVE-2026-11175"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11175","csirts_url":"https://www.csirts.com/advisory/cve-2026-11175-4796"},{"num":4797,"source_id":"msrc","external_id":"CVE-2026-11188","title":"CVE-2026-11188: Chromium: CVE-2026-11188 Use after free in USB","severity":"unknown","cvss":null,"cves":["CVE-2026-11188"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11188","csirts_url":"https://www.csirts.com/advisory/cve-2026-11188-4797"},{"num":4335,"source_id":"msrc","external_id":"CVE-2026-53262","title":"CVE-2026-53262: l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()","severity":"high","cvss":7.8,"cves":["CVE-2026-53262"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53262","csirts_url":"https://www.csirts.com/advisory/cve-2026-53262-4335"},{"num":4548,"source_id":"msrc","external_id":"CVE-2026-10936","title":"CVE-2026-10936: Chromium: CVE-2026-10936 Type Confusion in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-10936"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10936","csirts_url":"https://www.csirts.com/advisory/cve-2026-10936-4548"},{"num":4455,"source_id":"msrc","external_id":"CVE-2026-44820","title":"CVE-2026-44820: Microsoft Excel Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44820"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44820","csirts_url":"https://www.csirts.com/advisory/cve-2026-44820-4455"},{"num":4668,"source_id":"msrc","external_id":"CVE-2026-11138","title":"CVE-2026-11138: Chromium: CVE-2026-11138 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11138"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11138","csirts_url":"https://www.csirts.com/advisory/cve-2026-11138-4668"},{"num":4690,"source_id":"msrc","external_id":"CVE-2026-11169","title":"CVE-2026-11169: Chromium: CVE-2026-11169 Inappropriate implementation in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-11169"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11169","csirts_url":"https://www.csirts.com/advisory/cve-2026-11169-4690"},{"num":4156,"source_id":"msrc","external_id":"CVE-2026-6331","title":"CVE-2026-6331: HMAC zero-length tag forgery in EVP_DigestVerifyFinal","severity":"high","cvss":7.5,"cves":["CVE-2026-6331"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-6331","csirts_url":"https://www.csirts.com/advisory/cve-2026-6331-4156"},{"num":4709,"source_id":"msrc","external_id":"CVE-2026-11191","title":"CVE-2026-11191: Chromium: CVE-2026-11191 Out of bounds memory access in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11191"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11191","csirts_url":"https://www.csirts.com/advisory/cve-2026-11191-4709"},{"num":4116,"source_id":"msrc","external_id":"CVE-2026-55895","title":"CVE-2026-55895: Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename","severity":"high","cvss":7.8,"cves":["CVE-2026-55895"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55895","csirts_url":"https://www.csirts.com/advisory/cve-2026-55895-4116"},{"num":4274,"source_id":"msrc","external_id":"CVE-2026-56410","title":"CVE-2026-56410: xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId.","severity":"medium","cvss":6.9,"cves":["CVE-2026-56410"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56410","csirts_url":"https://www.csirts.com/advisory/cve-2026-56410-4274"},{"num":4691,"source_id":"msrc","external_id":"CVE-2026-11164","title":"CVE-2026-11164: Chromium: CVE-2026-11164 Use after free in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-11164"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11164","csirts_url":"https://www.csirts.com/advisory/cve-2026-11164-4691"},{"num":4771,"source_id":"msrc","external_id":"CVE-2026-11260","title":"CVE-2026-11260: Chromium: CVE-2026-11260 Policy bypass in Permissions","severity":"unknown","cvss":null,"cves":["CVE-2026-11260"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11260","csirts_url":"https://www.csirts.com/advisory/cve-2026-11260-4771"},{"num":4772,"source_id":"msrc","external_id":"CVE-2026-11261","title":"CVE-2026-11261: Chromium: CVE-2026-11261 Insufficient validation of untrusted input in PDF","severity":"unknown","cvss":null,"cves":["CVE-2026-11261"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11261","csirts_url":"https://www.csirts.com/advisory/cve-2026-11261-4772"},{"num":4767,"source_id":"msrc","external_id":"CVE-2026-11257","title":"CVE-2026-11257: Chromium: CVE-2026-11257 Inappropriate implementation in Browser","severity":"unknown","cvss":null,"cves":["CVE-2026-11257"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11257","csirts_url":"https://www.csirts.com/advisory/cve-2026-11257-4767"},{"num":4344,"source_id":"msrc","external_id":"CVE-2026-53066","title":"CVE-2026-53066: drm/sun4i: backend: fix error pointer dereference","severity":"medium","cvss":5.5,"cves":["CVE-2026-53066"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53066","csirts_url":"https://www.csirts.com/advisory/cve-2026-53066-4344"},{"num":4768,"source_id":"msrc","external_id":"CVE-2026-11256","title":"CVE-2026-11256: Chromium: CVE-2026-11256 Out of bounds read in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11256"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11256","csirts_url":"https://www.csirts.com/advisory/cve-2026-11256-4768"},{"num":3546,"source_id":"msrc","external_id":"CVE-2026-53013","title":"CVE-2026-53013: macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF","severity":"medium","cvss":5.5,"cves":["CVE-2026-53013"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53013","csirts_url":"https://www.csirts.com/advisory/cve-2026-53013-3546"},{"num":2937,"source_id":"msrc","external_id":"CVE-2026-52963","title":"CVE-2026-52963: ALSA: usb-audio: Bound MIDI endpoint descriptor scans","severity":"medium","cvss":5.5,"cves":["CVE-2026-52963"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52963","csirts_url":"https://www.csirts.com/advisory/cve-2026-52963-2937"},{"num":4351,"source_id":"msrc","external_id":"CVE-2026-53226","title":"CVE-2026-53226: gpio: rockchip: fix generic IRQ chip leak on remove","severity":"medium","cvss":5.5,"cves":["CVE-2026-53226"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53226","csirts_url":"https://www.csirts.com/advisory/cve-2026-53226-4351"},{"num":4769,"source_id":"msrc","external_id":"CVE-2026-11258","title":"CVE-2026-11258: Chromium: CVE-2026-11258 Inappropriate implementation in File System Access","severity":"unknown","cvss":null,"cves":["CVE-2026-11258"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11258","csirts_url":"https://www.csirts.com/advisory/cve-2026-11258-4769"},{"num":4457,"source_id":"msrc","external_id":"CVE-2026-44823","title":"CVE-2026-44823: Microsoft Excel Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44823"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44823","csirts_url":"https://www.csirts.com/advisory/cve-2026-44823-4457"},{"num":4353,"source_id":"msrc","external_id":"CVE-2026-52964","title":"CVE-2026-52964: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans","severity":"medium","cvss":5.5,"cves":["CVE-2026-52964"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52964","csirts_url":"https://www.csirts.com/advisory/cve-2026-52964-4353"},{"num":4728,"source_id":"msrc","external_id":"CVE-2026-11213","title":"CVE-2026-11213: Chromium: CVE-2026-11213 Insufficient validation of untrusted input in Reading Mode","severity":"unknown","cvss":null,"cves":["CVE-2026-11213"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11213","csirts_url":"https://www.csirts.com/advisory/cve-2026-11213-4728"},{"num":5149,"source_id":"msrc","external_id":"CVE-2026-44809","title":"CVE-2026-44809: Windows Common Log File System Driver Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44809"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44809","csirts_url":"https://www.csirts.com/advisory/cve-2026-44809-5149"},{"num":4348,"source_id":"msrc","external_id":"CVE-2026-53002","title":"CVE-2026-53002: netfilter: conntrack: remove sprintf usage","severity":"critical","cvss":9.8,"cves":["CVE-2026-53002"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53002","csirts_url":"https://www.csirts.com/advisory/cve-2026-53002-4348"},{"num":570,"source_id":"msrc","external_id":"CVE-2026-56406","title":"CVE-2026-56406: libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.","severity":"medium","cvss":6.9,"cves":["CVE-2026-56406"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56406","csirts_url":"https://www.csirts.com/advisory/cve-2026-56406-570"},{"num":4409,"source_id":"msrc","external_id":"CVE-2026-11703","title":"CVE-2026-11703: Missing SNI/ALPN binding on stateful (session-ID) TLS session resumption","severity":"high","cvss":7.5,"cves":["CVE-2026-11703"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11703","csirts_url":"https://www.csirts.com/advisory/cve-2026-11703-4409"},{"num":4766,"source_id":"msrc","external_id":"CVE-2026-11255","title":"CVE-2026-11255: Chromium: CVE-2026-11255 Insufficient validation of untrusted input in Storage Access API","severity":"unknown","cvss":null,"cves":["CVE-2026-11255"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11255","csirts_url":"https://www.csirts.com/advisory/cve-2026-11255-4766"},{"num":4770,"source_id":"msrc","external_id":"CVE-2026-11259","title":"CVE-2026-11259: Chromium: CVE-2026-11259 Insufficient validation of untrusted input in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-11259"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11259","csirts_url":"https://www.csirts.com/advisory/cve-2026-11259-4770"},{"num":4773,"source_id":"msrc","external_id":"CVE-2026-11262","title":"CVE-2026-11262: Chromium: CVE-2026-11262 Use after free in TabStrip","severity":"unknown","cvss":null,"cves":["CVE-2026-11262"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11262","csirts_url":"https://www.csirts.com/advisory/cve-2026-11262-4773"},{"num":2148,"source_id":"msrc","external_id":"CVE-2026-52975","title":"CVE-2026-52975: bonding: 3ad: implement proper RCU rules for port->aggregator","severity":"medium","cvss":5.5,"cves":["CVE-2026-52975"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52975","csirts_url":"https://www.csirts.com/advisory/cve-2026-52975-2148"},{"num":4112,"source_id":"msrc","external_id":"CVE-2026-53247","title":"CVE-2026-53247: net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown","severity":"high","cvss":7.8,"cves":["CVE-2026-53247"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53247","csirts_url":"https://www.csirts.com/advisory/cve-2026-53247-4112"},{"num":557,"source_id":"msrc","external_id":"CVE-2026-56409","title":"CVE-2026-56409: xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used.","severity":"medium","cvss":6.5,"cves":["CVE-2026-56409"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56409","csirts_url":"https://www.csirts.com/advisory/cve-2026-56409-557"},{"num":3895,"source_id":"msrc","external_id":"CVE-2026-48779","title":"CVE-2026-48779: ws: Memory exhaustion DoS from tiny fragments and data chunks","severity":"high","cvss":7.5,"cves":["CVE-2026-48779"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48779","csirts_url":"https://www.csirts.com/advisory/cve-2026-48779-3895"},{"num":4039,"source_id":"msrc","external_id":"CVE-2025-71315","title":"CVE-2025-71315: drm/vkms: Convert to DRM's vblank timer","severity":"medium","cvss":5.5,"cves":["CVE-2025-71315"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71315","csirts_url":"https://www.csirts.com/advisory/cve-2025-71315-4039"},{"num":4763,"source_id":"msrc","external_id":"CVE-2026-11246","title":"CVE-2026-11246: Chromium: CVE-2026-11246 Insufficient validation of untrusted input in IndexedDB","severity":"unknown","cvss":null,"cves":["CVE-2026-11246"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11246","csirts_url":"https://www.csirts.com/advisory/cve-2026-11246-4763"},{"num":4357,"source_id":"msrc","external_id":"CVE-2026-52970","title":"CVE-2026-52970: netfilter: nft_ct: fix missing expect put in obj eval","severity":"medium","cvss":5.5,"cves":["CVE-2026-52970"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52970","csirts_url":"https://www.csirts.com/advisory/cve-2026-52970-4357"},{"num":4452,"source_id":"msrc","external_id":"CVE-2026-44817","title":"CVE-2026-44817: Microsoft Excel Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44817"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44817","csirts_url":"https://www.csirts.com/advisory/cve-2026-44817-4452"},{"num":4278,"source_id":"msrc","external_id":"CVE-2026-52993","title":"CVE-2026-52993: tipc: fix double-free in tipc_buf_append()","severity":"critical","cvss":9.8,"cves":["CVE-2026-52993"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52993","csirts_url":"https://www.csirts.com/advisory/cve-2026-52993-4278"},{"num":2136,"source_id":"msrc","external_id":"CVE-2026-48570","title":"CVE-2026-48570: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-48570"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48570","csirts_url":"https://www.csirts.com/advisory/cve-2026-48570-2136"},{"num":4446,"source_id":"msrc","external_id":"CVE-2025-10263","title":"CVE-2025-10263: ARM: CVE-2025-10263 Completion of affected memory accesses might not be guaranteed by completion of a TLBI [kernel]","severity":"critical","cvss":9.3,"cves":["CVE-2025-10263"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10263","csirts_url":"https://www.csirts.com/advisory/cve-2025-10263-4446"},{"num":4388,"source_id":"msrc","external_id":"CVE-2026-53291","title":"CVE-2026-53291: ALSA: hda/conexant: Fix missing error check for jack detection","severity":"medium","cvss":5.5,"cves":["CVE-2026-53291"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53291","csirts_url":"https://www.csirts.com/advisory/cve-2026-53291-4388"},{"num":4762,"source_id":"msrc","external_id":"CVE-2026-11252","title":"CVE-2026-11252: Chromium: CVE-2026-11252 Policy bypass in Content Settings","severity":"unknown","cvss":null,"cves":["CVE-2026-11252"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11252","csirts_url":"https://www.csirts.com/advisory/cve-2026-11252-4762"},{"num":4764,"source_id":"msrc","external_id":"CVE-2026-11253","title":"CVE-2026-11253: Chromium: CVE-2026-11253 Race in Permissions","severity":"unknown","cvss":null,"cves":["CVE-2026-11253"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11253","csirts_url":"https://www.csirts.com/advisory/cve-2026-11253-4764"},{"num":2134,"source_id":"msrc","external_id":"CVE-2026-48566","title":"CVE-2026-48566: Windows DWM Core Library Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-48566"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48566","csirts_url":"https://www.csirts.com/advisory/cve-2026-48566-2134"},{"num":4347,"source_id":"msrc","external_id":"CVE-2026-53128","title":"CVE-2026-53128: drbd: Balance RCU calls in drbd_adm_dump_devices()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53128"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53128","csirts_url":"https://www.csirts.com/advisory/cve-2026-53128-4347"},{"num":2135,"source_id":"msrc","external_id":"CVE-2026-48568","title":"CVE-2026-48568: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-48568"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48568","csirts_url":"https://www.csirts.com/advisory/cve-2026-48568-2135"},{"num":4529,"source_id":"msrc","external_id":"CVE-2026-10908","title":"CVE-2026-10908: Chromium: CVE-2026-10908 Use after free in FullScreen","severity":"unknown","cvss":null,"cves":["CVE-2026-10908"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10908","csirts_url":"https://www.csirts.com/advisory/cve-2026-10908-4529"},{"num":2133,"source_id":"msrc","external_id":"CVE-2026-48563","title":"CVE-2026-48563: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-48563"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48563","csirts_url":"https://www.csirts.com/advisory/cve-2026-48563-2133"},{"num":5118,"source_id":"msrc","external_id":"CVE-2026-42836","title":"CVE-2026-42836: Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-42836"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42836","csirts_url":"https://www.csirts.com/advisory/cve-2026-42836-5118"},{"num":4354,"source_id":"msrc","external_id":"CVE-2026-53167","title":"CVE-2026-53167: fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios","severity":"high","cvss":7,"cves":["CVE-2026-53167"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53167","csirts_url":"https://www.csirts.com/advisory/cve-2026-53167-4354"},{"num":4732,"source_id":"msrc","external_id":"CVE-2026-11219","title":"CVE-2026-11219: Chromium: CVE-2026-11219 Insufficient data validation in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-11219"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11219","csirts_url":"https://www.csirts.com/advisory/cve-2026-11219-4732"},{"num":5146,"source_id":"msrc","external_id":"CVE-2026-42979","title":"CVE-2026-42979: Windows Push Notifications Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42979"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42979","csirts_url":"https://www.csirts.com/advisory/cve-2026-42979-5146"},{"num":3026,"source_id":"msrc","external_id":"CVE-2026-53110","title":"CVE-2026-53110: s390/bpf: Zero-extend bpf prog return values and kfunc arguments","severity":"medium","cvss":5.5,"cves":["CVE-2026-53110"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53110","csirts_url":"https://www.csirts.com/advisory/cve-2026-53110-3026"},{"num":4124,"source_id":"msrc","external_id":"CVE-2026-53229","title":"CVE-2026-53229: net/mlx5e: xsk: Fix DMA and xdp_frame leak on XDP_TX xmit failure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53229"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53229","csirts_url":"https://www.csirts.com/advisory/cve-2026-53229-4124"},{"num":4191,"source_id":"msrc","external_id":"CVE-2026-46274","title":"CVE-2026-46274: io-wq: check that the predecessor is hashed in io_wq_remove_pending()","severity":"high","cvss":7.8,"cves":["CVE-2026-46274"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46274","csirts_url":"https://www.csirts.com/advisory/cve-2026-46274-4191"},{"num":122,"source_id":"msrc","external_id":"CVE-2026-46319","title":"CVE-2026-46319: net/sched: act_ct: Only release RCU read lock after ct_ft","severity":"high","cvss":7,"cves":["CVE-2026-46319"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46319","csirts_url":"https://www.csirts.com/advisory/cve-2026-46319-122"},{"num":4252,"source_id":"msrc","external_id":"CVE-2026-12969","title":"CVE-2026-12969: Dnsmasq: dnsmasq: out-of-bounds read in find_soa() due to missing extrabytes validation","severity":"medium","cvss":5.3,"cves":["CVE-2026-12969"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12969","csirts_url":"https://www.csirts.com/advisory/cve-2026-12969-4252"},{"num":4517,"source_id":"msrc","external_id":"CVE-2026-10881","title":"CVE-2026-10881: Chromium: CVE-2026-10881 Out of bounds read and write in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10881"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10881","csirts_url":"https://www.csirts.com/advisory/cve-2026-10881-4517"},{"num":5156,"source_id":"msrc","external_id":"CVE-2026-44799","title":"CVE-2026-44799: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-44799"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44799","csirts_url":"https://www.csirts.com/advisory/cve-2026-44799-5156"},{"num":4761,"source_id":"msrc","external_id":"CVE-2026-11248","title":"CVE-2026-11248: Chromium: CVE-2026-11248 Policy bypass in Google Lens","severity":"unknown","cvss":null,"cves":["CVE-2026-11248"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11248","csirts_url":"https://www.csirts.com/advisory/cve-2026-11248-4761"},{"num":4765,"source_id":"msrc","external_id":"CVE-2026-11254","title":"CVE-2026-11254: Chromium: CVE-2026-11254 Inappropriate implementation in Permissions","severity":"unknown","cvss":null,"cves":["CVE-2026-11254"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11254","csirts_url":"https://www.csirts.com/advisory/cve-2026-11254-4765"},{"num":4774,"source_id":"msrc","external_id":"CVE-2026-11265","title":"CVE-2026-11265: Chromium: CVE-2026-11265 Insufficient data validation in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-11265"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11265","csirts_url":"https://www.csirts.com/advisory/cve-2026-11265-4774"},{"num":5072,"source_id":"msrc","external_id":"CVE-2026-11655","title":"CVE-2026-11655: Chromium: CVE-2026-11654 Use after free in CameraCapture","severity":"unknown","cvss":null,"cves":["CVE-2026-11655"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11655","csirts_url":"https://www.csirts.com/advisory/cve-2026-11655-5072"},{"num":2123,"source_id":"msrc","external_id":"CVE-2026-9675","title":"CVE-2026-9675: undici WebSocket client vulnerable to denial of service via cumulative fragment bypass","severity":"high","cvss":7.5,"cves":["CVE-2026-9675"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9675","csirts_url":"https://www.csirts.com/advisory/cve-2026-9675-2123"},{"num":2118,"source_id":"msrc","external_id":"CVE-2026-53147","title":"CVE-2026-53147: thunderbolt: Validate XDomain request packet size before type cast","severity":"medium","cvss":5.5,"cves":["CVE-2026-53147"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53147","csirts_url":"https://www.csirts.com/advisory/cve-2026-53147-2118"},{"num":4371,"source_id":"msrc","external_id":"CVE-2026-52962","title":"CVE-2026-52962: ceph: fix a buffer leak in __ceph_setxattr()","severity":"critical","cvss":9.8,"cves":["CVE-2026-52962"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52962","csirts_url":"https://www.csirts.com/advisory/cve-2026-52962-4371"},{"num":4757,"source_id":"msrc","external_id":"CVE-2026-11245","title":"CVE-2026-11245: Chromium: CVE-2026-11245 Inappropriate implementation in Payments","severity":"unknown","cvss":null,"cves":["CVE-2026-11245"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11245","csirts_url":"https://www.csirts.com/advisory/cve-2026-11245-4757"},{"num":4240,"source_id":"msrc","external_id":"CVE-2026-49759","title":"CVE-2026-49759: Stack buffer overflow in SCTP error cause parsing in inet_drv allows remote VM crash","severity":"high","cvss":8.2,"cves":["CVE-2026-49759"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49759","csirts_url":"https://www.csirts.com/advisory/cve-2026-49759-4240"},{"num":4282,"source_id":"msrc","external_id":"CVE-2026-53126","title":"CVE-2026-53126: blk-cgroup: fix disk reference leak in blkcg_maybe_throttle_current()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53126"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53126","csirts_url":"https://www.csirts.com/advisory/cve-2026-53126-4282"},{"num":4286,"source_id":"msrc","external_id":"CVE-2026-49839","title":"CVE-2026-49839: jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow","severity":"high","cvss":7.1,"cves":["CVE-2026-49839"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49839","csirts_url":"https://www.csirts.com/advisory/cve-2026-49839-4286"},{"num":5075,"source_id":"msrc","external_id":"CVE-2026-12439","title":"CVE-2026-12439: Chromium: CVE-2026-12439 Use after free in Digital Credentials","severity":"unknown","cvss":null,"cves":["CVE-2026-12439"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12439","csirts_url":"https://www.csirts.com/advisory/cve-2026-12439-5075"},{"num":4378,"source_id":"msrc","external_id":"CVE-2026-57451","title":"CVE-2026-57451: Vim: Out-of-bounds Read in Text Property Count","severity":"medium","cvss":5.3,"cves":["CVE-2026-57451"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57451","csirts_url":"https://www.csirts.com/advisory/cve-2026-57451-4378"},{"num":4381,"source_id":"msrc","external_id":"CVE-2026-53296","title":"CVE-2026-53296: mailbox: mailbox-test: free channels on probe error","severity":"medium","cvss":5.5,"cves":["CVE-2026-53296"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53296","csirts_url":"https://www.csirts.com/advisory/cve-2026-53296-4381"},{"num":4758,"source_id":"msrc","external_id":"CVE-2026-11249","title":"CVE-2026-11249: Chromium: CVE-2026-11249 Use after free in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11249"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11249","csirts_url":"https://www.csirts.com/advisory/cve-2026-11249-4758"},{"num":5077,"source_id":"msrc","external_id":"CVE-2026-12445","title":"CVE-2026-12445: Chromium: CVE-2026-12445 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12445"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12445","csirts_url":"https://www.csirts.com/advisory/cve-2026-12445-5077"},{"num":4543,"source_id":"msrc","external_id":"CVE-2026-10928","title":"CVE-2026-10928: Chromium: CVE-2026-10928 Script injection in Headless","severity":"unknown","cvss":null,"cves":["CVE-2026-10928"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10928","csirts_url":"https://www.csirts.com/advisory/cve-2026-10928-4543"},{"num":4753,"source_id":"msrc","external_id":"CVE-2026-11244","title":"CVE-2026-11244: Chromium: CVE-2026-11244 Insufficient validation of untrusted input in WebAuthentication","severity":"unknown","cvss":null,"cves":["CVE-2026-11244"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11244","csirts_url":"https://www.csirts.com/advisory/cve-2026-11244-4753"},{"num":4754,"source_id":"msrc","external_id":"CVE-2026-11242","title":"CVE-2026-11242: Chromium: CVE-2026-11242 Insufficient validation of untrusted input in Plugins","severity":"unknown","cvss":null,"cves":["CVE-2026-11242"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11242","csirts_url":"https://www.csirts.com/advisory/cve-2026-11242-4754"},{"num":4368,"source_id":"msrc","external_id":"CVE-2026-57235","title":"CVE-2026-57235: Nokogiri: Possible Out-of-Bounds Read in `Nokogiri::XML::NodeSet#[]`","severity":"high","cvss":8.2,"cves":["CVE-2026-57235"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57235","csirts_url":"https://www.csirts.com/advisory/cve-2026-57235-4368"},{"num":4755,"source_id":"msrc","external_id":"CVE-2026-11243","title":"CVE-2026-11243: Chromium: CVE-2026-11243 Incorrect security UI in Downloads","severity":"unknown","cvss":null,"cves":["CVE-2026-11243"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11243","csirts_url":"https://www.csirts.com/advisory/cve-2026-11243-4755"},{"num":5066,"source_id":"msrc","external_id":"CVE-2026-11649","title":"CVE-2026-11649: Chromium: CVE-2026-11648 Use after free in FullScreen","severity":"unknown","cvss":null,"cves":["CVE-2026-11649"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11649","csirts_url":"https://www.csirts.com/advisory/cve-2026-11649-5066"},{"num":2762,"source_id":"msrc","external_id":"CVE-2026-53166","title":"CVE-2026-53166: futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock","severity":"medium","cvss":5.5,"cves":["CVE-2026-53166"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53166","csirts_url":"https://www.csirts.com/advisory/cve-2026-53166-2762"},{"num":5079,"source_id":"msrc","external_id":"CVE-2026-12451","title":"CVE-2026-12451: Chromium: CVE-2026-12451 Use after free in DigitalCredentials","severity":"unknown","cvss":null,"cves":["CVE-2026-12451"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12451","csirts_url":"https://www.csirts.com/advisory/cve-2026-12451-5079"},{"num":4528,"source_id":"msrc","external_id":"CVE-2026-10903","title":"CVE-2026-10903: Chromium: CVE-2026-10903 Use after free in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-10903"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10903","csirts_url":"https://www.csirts.com/advisory/cve-2026-10903-4528"},{"num":4756,"source_id":"msrc","external_id":"CVE-2026-11241","title":"CVE-2026-11241: Chromium: CVE-2026-11241 Insufficient validation of untrusted input in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-11241"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11241","csirts_url":"https://www.csirts.com/advisory/cve-2026-11241-4756"},{"num":4759,"source_id":"msrc","external_id":"CVE-2026-11251","title":"CVE-2026-11251: Chromium: CVE-2026-11251 Insufficient validation of untrusted input in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11251"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11251","csirts_url":"https://www.csirts.com/advisory/cve-2026-11251-4759"},{"num":4741,"source_id":"msrc","external_id":"CVE-2026-11225","title":"CVE-2026-11225: Chromium: CVE-2026-11225 Incorrect security UI in WebUI","severity":"unknown","cvss":null,"cves":["CVE-2026-11225"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11225","csirts_url":"https://www.csirts.com/advisory/cve-2026-11225-4741"},{"num":4292,"source_id":"msrc","external_id":"CVE-2026-52924","title":"CVE-2026-52924: sctp: purge outqueue on stale COOKIE-ECHO handling","severity":"high","cvss":7,"cves":["CVE-2026-52924"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52924","csirts_url":"https://www.csirts.com/advisory/cve-2026-52924-4292"},{"num":5116,"source_id":"msrc","external_id":"CVE-2026-12448","title":"CVE-2026-12448: Chromium: CVE-2026-12448 Inappropriate implementation in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-12448"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12448","csirts_url":"https://www.csirts.com/advisory/cve-2026-12448-5116"},{"num":4136,"source_id":"msrc","external_id":"CVE-2026-58015","title":"CVE-2026-58015: Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive","severity":"medium","cvss":5.9,"cves":["CVE-2026-58015"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58015","csirts_url":"https://www.csirts.com/advisory/cve-2026-58015-4136"},{"num":5082,"source_id":"msrc","external_id":"CVE-2026-12443","title":"CVE-2026-12443: Chromium: CVE-2026-12443 Use after free in Web Authentication","severity":"unknown","cvss":null,"cves":["CVE-2026-12443"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12443","csirts_url":"https://www.csirts.com/advisory/cve-2026-12443-5082"},{"num":4748,"source_id":"msrc","external_id":"CVE-2026-11235","title":"CVE-2026-11235: Chromium: CVE-2026-11235 Insufficient validation of untrusted input in Compositing","severity":"unknown","cvss":null,"cves":["CVE-2026-11235"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11235","csirts_url":"https://www.csirts.com/advisory/cve-2026-11235-4748"},{"num":5084,"source_id":"msrc","external_id":"CVE-2026-12453","title":"CVE-2026-12453: Chromium: CVE-2026-12453 Insufficient validation of untrusted input in Input","severity":"unknown","cvss":null,"cves":["CVE-2026-12453"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12453","csirts_url":"https://www.csirts.com/advisory/cve-2026-12453-5084"},{"num":2083,"source_id":"msrc","external_id":"CVE-2026-53006","title":"CVE-2026-53006: ipv6: fix possible UAF in icmpv6_rcv()","severity":"high","cvss":7,"cves":["CVE-2026-53006"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53006","csirts_url":"https://www.csirts.com/advisory/cve-2026-53006-2083"},{"num":333,"source_id":"msrc","external_id":"CVE-2026-45447","title":"CVE-2026-45447: Heap Use-After-Free in the PKCS7_verify() Function","severity":"high","cvss":8.8,"cves":["CVE-2026-45447"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45447","csirts_url":"https://www.csirts.com/advisory/cve-2026-45447-333"},{"num":4340,"source_id":"msrc","external_id":"CVE-2026-53199","title":"CVE-2026-53199: hv_netvsc: use kmap_local_page in netvsc_copy_to_send_buf","severity":"medium","cvss":5.5,"cves":["CVE-2026-53199"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53199","csirts_url":"https://www.csirts.com/advisory/cve-2026-53199-4340"},{"num":5124,"source_id":"msrc","external_id":"CVE-2026-42907","title":"CVE-2026-42907: Windows Shell Information Disclosure Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-42907"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42907","csirts_url":"https://www.csirts.com/advisory/cve-2026-42907-5124"},{"num":4196,"source_id":"msrc","external_id":"CVE-2026-46303","title":"CVE-2026-46303: isofs: validate Rock Ridge CE continuation extent against volume size","severity":"medium","cvss":5.5,"cves":["CVE-2026-46303"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46303","csirts_url":"https://www.csirts.com/advisory/cve-2026-46303-4196"},{"num":2605,"source_id":"msrc","external_id":"CVE-2026-52936","title":"CVE-2026-52936: crypto: jitterentropy - replace long-held spinlock with mutex","severity":"medium","cvss":5.5,"cves":["CVE-2026-52936"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52936","csirts_url":"https://www.csirts.com/advisory/cve-2026-52936-2605"},{"num":4749,"source_id":"msrc","external_id":"CVE-2026-11237","title":"CVE-2026-11237: Chromium: CVE-2026-11237 Insufficient validation of untrusted input in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11237"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11237","csirts_url":"https://www.csirts.com/advisory/cve-2026-11237-4749"},{"num":3104,"source_id":"msrc","external_id":"CVE-2026-53179","title":"CVE-2026-53179: staging: rtl8723bs: fix buffer over-read in rtw_update_protection","severity":"high","cvss":7.1,"cves":["CVE-2026-53179"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53179","csirts_url":"https://www.csirts.com/advisory/cve-2026-53179-3104"},{"num":2077,"source_id":"msrc","external_id":"CVE-2026-53093","title":"CVE-2026-53093: wifi: brcmfmac: Fix error pointer dereference","severity":"medium","cvss":5.5,"cves":["CVE-2026-53093"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53093","csirts_url":"https://www.csirts.com/advisory/cve-2026-53093-2077"},{"num":4461,"source_id":"msrc","external_id":"CVE-2026-45458","title":"CVE-2026-45458: Microsoft Outlook and Word Remote Code Execution Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-45458"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45458","csirts_url":"https://www.csirts.com/advisory/cve-2026-45458-4461"},{"num":4389,"source_id":"msrc","external_id":"CVE-2026-53297","title":"CVE-2026-53297: net: mana: Guard mana_remove against double invocation","severity":"medium","cvss":5.5,"cves":["CVE-2026-53297"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53297","csirts_url":"https://www.csirts.com/advisory/cve-2026-53297-4389"},{"num":4738,"source_id":"msrc","external_id":"CVE-2026-11229","title":"CVE-2026-11229: Chromium: CVE-2026-11229 Insufficient policy enforcement in Enterprise","severity":"unknown","cvss":null,"cves":["CVE-2026-11229"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11229","csirts_url":"https://www.csirts.com/advisory/cve-2026-11229-4738"},{"num":4750,"source_id":"msrc","external_id":"CVE-2026-11236","title":"CVE-2026-11236: Chromium: CVE-2026-11236 Insufficient policy enforcement in Web Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-11236"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11236","csirts_url":"https://www.csirts.com/advisory/cve-2026-11236-4750"},{"num":5135,"source_id":"msrc","external_id":"CVE-2026-42972","title":"CVE-2026-42972: Windows Hyper-V Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42972"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42972","csirts_url":"https://www.csirts.com/advisory/cve-2026-42972-5135"},{"num":2076,"source_id":"msrc","external_id":"CVE-2026-53148","title":"CVE-2026-53148: thunderbolt: Clamp XDomain response data copy to allocation size","severity":"high","cvss":7,"cves":["CVE-2026-53148"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53148","csirts_url":"https://www.csirts.com/advisory/cve-2026-53148-2076"},{"num":2075,"source_id":"msrc","external_id":"CVE-2026-52954","title":"CVE-2026-52954: libceph: handle rbtree insertion error in decode_choose_args()","severity":"medium","cvss":5.5,"cves":["CVE-2026-52954"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52954","csirts_url":"https://www.csirts.com/advisory/cve-2026-52954-2075"},{"num":5043,"source_id":"msrc","external_id":"CVE-2026-11019","title":"CVE-2026-11019: Chromium: CVE-2026-11019 Inappropriate implementation in Payments","severity":"unknown","cvss":null,"cves":["CVE-2026-11019"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11019","csirts_url":"https://www.csirts.com/advisory/cve-2026-11019-5043"},{"num":2069,"source_id":"msrc","external_id":"CVE-2026-53113","title":"CVE-2026-53113: wifi: ath11k: fix memory leaks in beacon template setup","severity":"medium","cvss":5.5,"cves":["CVE-2026-53113"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53113","csirts_url":"https://www.csirts.com/advisory/cve-2026-53113-2069"},{"num":4454,"source_id":"msrc","external_id":"CVE-2026-44819","title":"CVE-2026-44819: Microsoft Office Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44819"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44819","csirts_url":"https://www.csirts.com/advisory/cve-2026-44819-4454"},{"num":4484,"source_id":"msrc","external_id":"CVE-2026-45648","title":"CVE-2026-45648: Windows Active Directory Domain Services Remote Code Execution Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-45648"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45648","csirts_url":"https://www.csirts.com/advisory/cve-2026-45648-4484"},{"num":4751,"source_id":"msrc","external_id":"CVE-2026-11239","title":"CVE-2026-11239: Chromium: CVE-2026-11239 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11239"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11239","csirts_url":"https://www.csirts.com/advisory/cve-2026-11239-4751"},{"num":5158,"source_id":"msrc","external_id":"CVE-2026-42983","title":"CVE-2026-42983: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42983"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42983","csirts_url":"https://www.csirts.com/advisory/cve-2026-42983-5158"},{"num":4559,"source_id":"msrc","external_id":"CVE-2026-10957","title":"CVE-2026-10957: Chromium: CVE-2026-10957 Use after free in Glic","severity":"unknown","cvss":null,"cves":["CVE-2026-10957"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10957","csirts_url":"https://www.csirts.com/advisory/cve-2026-10957-4559"},{"num":4635,"source_id":"msrc","external_id":"CVE-2026-11090","title":"CVE-2026-11090: Chromium: CVE-2026-11090 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11090"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11090","csirts_url":"https://www.csirts.com/advisory/cve-2026-11090-4635"},{"num":5065,"source_id":"msrc","external_id":"CVE-2026-11648","title":"CVE-2026-11648: Chromium: CVE-2026-11647 Use after free in Printing","severity":"unknown","cvss":null,"cves":["CVE-2026-11648"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11648","csirts_url":"https://www.csirts.com/advisory/cve-2026-11648-5065"},{"num":4363,"source_id":"msrc","external_id":"CVE-2026-52998","title":"CVE-2026-52998: netfilter: nfnetlink_osf: fix potential NULL dereference in ttl check","severity":"high","cvss":7,"cves":["CVE-2026-52998"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52998","csirts_url":"https://www.csirts.com/advisory/cve-2026-52998-4363"},{"num":5064,"source_id":"msrc","external_id":"CVE-2026-12009","title":"CVE-2026-12009: Chromium: CVE-2026-12009 Insufficient validation of untrusted input Accessibility","severity":"unknown","cvss":null,"cves":["CVE-2026-12009"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12009","csirts_url":"https://www.csirts.com/advisory/cve-2026-12009-5064"},{"num":4540,"source_id":"msrc","external_id":"CVE-2026-10924","title":"CVE-2026-10924: Chromium: CVE-2026-10924 Integer overflow in Chromecast","severity":"unknown","cvss":null,"cves":["CVE-2026-10924"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10924","csirts_url":"https://www.csirts.com/advisory/cve-2026-10924-4540"},{"num":4650,"source_id":"msrc","external_id":"CVE-2026-11113","title":"CVE-2026-11113: Chromium: CVE-2026-11113 Insufficient validation of untrusted input in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11113"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11113","csirts_url":"https://www.csirts.com/advisory/cve-2026-11113-4650"},{"num":5117,"source_id":"msrc","external_id":"CVE-2026-12442","title":"CVE-2026-12442: Chromium: CVE-2026-12442 Use after free in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-12442"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12442","csirts_url":"https://www.csirts.com/advisory/cve-2026-12442-5117"},{"num":4326,"source_id":"msrc","external_id":"CVE-2026-52999","title":"CVE-2026-52999: netfilter: nfnetlink_osf: fix out-of-bounds read on option matching","severity":"medium","cvss":5.5,"cves":["CVE-2026-52999"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52999","csirts_url":"https://www.csirts.com/advisory/cve-2026-52999-4326"},{"num":4382,"source_id":"msrc","external_id":"CVE-2026-53292","title":"CVE-2026-53292: net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bind","severity":"medium","cvss":5.5,"cves":["CVE-2026-53292"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53292","csirts_url":"https://www.csirts.com/advisory/cve-2026-53292-4382"},{"num":4343,"source_id":"msrc","external_id":"CVE-2026-57437","title":"CVE-2026-57437: Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime","severity":"medium","cvss":5.3,"cves":["CVE-2026-57437"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57437","csirts_url":"https://www.csirts.com/advisory/cve-2026-57437-4343"},{"num":4305,"source_id":"msrc","external_id":"CVE-2026-52923","title":"CVE-2026-52923: ipc: limit next_id allocation to the valid ID range","severity":"high","cvss":7.8,"cves":["CVE-2026-52923"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52923","csirts_url":"https://www.csirts.com/advisory/cve-2026-52923-4305"},{"num":4224,"source_id":"msrc","external_id":"CVE-2026-42768","title":"CVE-2026-42768: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()","severity":"low","cvss":3.7,"cves":["CVE-2026-42768"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42768","csirts_url":"https://www.csirts.com/advisory/cve-2026-42768-4224"},{"num":4734,"source_id":"msrc","external_id":"CVE-2026-11220","title":"CVE-2026-11220: Chromium: CVE-2026-11220 Insufficient validation of untrusted input in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-11220"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11220","csirts_url":"https://www.csirts.com/advisory/cve-2026-11220-4734"},{"num":4752,"source_id":"msrc","external_id":"CVE-2026-11240","title":"CVE-2026-11240: Chromium: CVE-2026-11240 Insufficient validation of untrusted input in Loader","severity":"unknown","cvss":null,"cves":["CVE-2026-11240"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11240","csirts_url":"https://www.csirts.com/advisory/cve-2026-11240-4752"},{"num":4119,"source_id":"msrc","external_id":"CVE-2026-53253","title":"CVE-2026-53253: Bluetooth: bnep: reject short frames before parsing","severity":"high","cvss":7.1,"cves":["CVE-2026-53253"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53253","csirts_url":"https://www.csirts.com/advisory/cve-2026-53253-4119"},{"num":4760,"source_id":"msrc","external_id":"CVE-2026-11250","title":"CVE-2026-11250: Chromium: CVE-2026-11250 Inappropriate implementation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11250"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11250","csirts_url":"https://www.csirts.com/advisory/cve-2026-11250-4760"},{"num":5087,"source_id":"msrc","external_id":"CVE-2026-12458","title":"CVE-2026-12458: Chromium: CVE-2026-12458 Incorrect security UI in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-12458"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12458","csirts_url":"https://www.csirts.com/advisory/cve-2026-12458-5087"},{"num":4798,"source_id":"msrc","external_id":"CVE-2026-11226","title":"CVE-2026-11226: Chromium: CVE-2026-11226 Insufficient policy enforcement in PreviewTab","severity":"unknown","cvss":null,"cves":["CVE-2026-11226"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11226","csirts_url":"https://www.csirts.com/advisory/cve-2026-11226-4798"},{"num":4801,"source_id":"msrc","external_id":"CVE-2026-11295","title":"CVE-2026-11295: Chromium: CVE-2026-11295 Inappropriate implementation in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11295"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11295","csirts_url":"https://www.csirts.com/advisory/cve-2026-11295-4801"},{"num":4802,"source_id":"msrc","external_id":"CVE-2026-12019","title":"CVE-2026-12019: Chromium: CVE-2026-12019 Out of bounds write Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-12019"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12019","csirts_url":"https://www.csirts.com/advisory/cve-2026-12019-4802"},{"num":5167,"source_id":"msrc","external_id":"CVE-2026-44804","title":"CVE-2026-44804: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44804"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44804","csirts_url":"https://www.csirts.com/advisory/cve-2026-44804-5167"},{"num":4271,"source_id":"msrc","external_id":"CVE-2026-53242","title":"CVE-2026-53242: ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams","severity":"high","cvss":7,"cves":["CVE-2026-53242"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53242","csirts_url":"https://www.csirts.com/advisory/cve-2026-53242-4271"},{"num":4267,"source_id":"msrc","external_id":"CVE-2026-11525","title":"CVE-2026-11525: undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching","severity":"low","cvss":3.7,"cves":["CVE-2026-11525"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11525","csirts_url":"https://www.csirts.com/advisory/cve-2026-11525-4267"},{"num":4284,"source_id":"msrc","external_id":"CVE-2026-55203","title":"CVE-2026-55203: HAProxy - Integer Overflow in FCGI Demux Record Length Field","severity":"high","cvss":7.5,"cves":["CVE-2026-55203"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55203","csirts_url":"https://www.csirts.com/advisory/cve-2026-55203-4284"},{"num":2021,"source_id":"msrc","external_id":"CVE-2026-42055","title":"CVE-2026-42055: NGINX ngx_http_proxy_v2_module and ngx_http_grpc_module vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-42055"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42055","csirts_url":"https://www.csirts.com/advisory/cve-2026-42055-2021"},{"num":2020,"source_id":"msrc","external_id":"CVE-2026-54369","title":"CVE-2026-54369: acl < 2.4.0 Symlink Traversal Privilege Escalation via libacl Functions","severity":"high","cvss":7.1,"cves":["CVE-2026-54369"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54369","csirts_url":"https://www.csirts.com/advisory/cve-2026-54369-2020"},{"num":2019,"source_id":"msrc","external_id":"CVE-2026-58058","title":"CVE-2026-58058: Nmap - Integer Underflow in IPv6 Extension Header Parsing","severity":"medium","cvss":6.5,"cves":["CVE-2026-58058"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58058","csirts_url":"https://www.csirts.com/advisory/cve-2026-58058-2019"},{"num":2018,"source_id":"msrc","external_id":"CVE-2026-58051","title":"CVE-2026-58051: libssh2 - Free of Uninitialized Pointer in publickey List Cleanup","severity":"medium","cvss":6.5,"cves":["CVE-2026-58051"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58051","csirts_url":"https://www.csirts.com/advisory/cve-2026-58051-2018"},{"num":2366,"source_id":"msrc","external_id":"CVE-2026-52911","title":"CVE-2026-52911: ksmbd: scope conn->binding slowpath to bound sessions only","severity":"high","cvss":8.4,"cves":["CVE-2026-52911"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52911","csirts_url":"https://www.csirts.com/advisory/cve-2026-52911-2366"},{"num":4509,"source_id":"msrc","external_id":"CVE-2026-47653","title":"CVE-2026-47653: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-47653"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47653","csirts_url":"https://www.csirts.com/advisory/cve-2026-47653-4509"},{"num":2017,"source_id":"msrc","external_id":"CVE-2026-58050","title":"CVE-2026-58050: libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation","severity":"high","cvss":7,"cves":["CVE-2026-58050"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58050","csirts_url":"https://www.csirts.com/advisory/cve-2026-58050-2017"},{"num":2016,"source_id":"msrc","external_id":"CVE-2026-52908","title":"CVE-2026-52908: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible","severity":"high","cvss":7.8,"cves":["CVE-2026-52908"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52908","csirts_url":"https://www.csirts.com/advisory/cve-2026-52908-2016"},{"num":2015,"source_id":"msrc","external_id":"CVE-2026-52910","title":"CVE-2026-52910: bpf: Free reuseport cBPF prog after RCU grace period.","severity":"high","cvss":7.8,"cves":["CVE-2026-52910"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52910","csirts_url":"https://www.csirts.com/advisory/cve-2026-52910-2015"},{"num":2655,"source_id":"msrc","external_id":"CVE-2026-53097","title":"CVE-2026-53097: wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work()","severity":"high","cvss":7.8,"cves":["CVE-2026-53097"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53097","csirts_url":"https://www.csirts.com/advisory/cve-2026-53097-2655"},{"num":3727,"source_id":"msrc","external_id":"CVE-2026-53022","title":"CVE-2026-53022: platform/x86: dell-wmi-sysman: bound enumeration string aggregation","severity":"medium","cvss":5.5,"cves":["CVE-2026-53022"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53022","csirts_url":"https://www.csirts.com/advisory/cve-2026-53022-3727"},{"num":5040,"source_id":"msrc","external_id":"CVE-2026-10967","title":"CVE-2026-10967: Chromium: CVE-2026-10967 Use after free in SurfaceCapture","severity":"unknown","cvss":null,"cves":["CVE-2026-10967"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10967","csirts_url":"https://www.csirts.com/advisory/cve-2026-10967-5040"},{"num":4372,"source_id":"msrc","external_id":"CVE-2026-52935","title":"CVE-2026-52935: xfrm: espintcp: do not reuse an in-progress partial send","severity":"high","cvss":7.8,"cves":["CVE-2026-52935"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52935","csirts_url":"https://www.csirts.com/advisory/cve-2026-52935-4372"},{"num":4266,"source_id":"msrc","external_id":"CVE-2026-53270","title":"CVE-2026-53270: ipvs: clear the svc scheduler ptr early on edit","severity":"high","cvss":7.1,"cves":["CVE-2026-53270"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53270","csirts_url":"https://www.csirts.com/advisory/cve-2026-53270-4266"},{"num":4249,"source_id":"msrc","external_id":"CVE-2026-53195","title":"CVE-2026-53195: USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr()","severity":"high","cvss":7.1,"cves":["CVE-2026-53195"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53195","csirts_url":"https://www.csirts.com/advisory/cve-2026-53195-4249"},{"num":264,"source_id":"msrc","external_id":"CVE-2026-45445","title":"CVE-2026-45445: AES-OCB IV Ignored on EVP_Cipher() Path","severity":"high","cvss":7.5,"cves":["CVE-2026-45445"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45445","csirts_url":"https://www.csirts.com/advisory/cve-2026-45445-264"},{"num":4309,"source_id":"msrc","external_id":"CVE-2026-53209","title":"CVE-2026-53209: Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend","severity":"high","cvss":7,"cves":["CVE-2026-53209"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53209","csirts_url":"https://www.csirts.com/advisory/cve-2026-53209-4309"},{"num":4456,"source_id":"msrc","external_id":"CVE-2026-44821","title":"CVE-2026-44821: Microsoft Office Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-44821"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44821","csirts_url":"https://www.csirts.com/advisory/cve-2026-44821-4456"},{"num":5148,"source_id":"msrc","external_id":"CVE-2026-42989","title":"CVE-2026-42989: Winlogon Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42989"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42989","csirts_url":"https://www.csirts.com/advisory/cve-2026-42989-5148"},{"num":4467,"source_id":"msrc","external_id":"CVE-2026-45491","title":"CVE-2026-45491: .NET Tampering Vulnerability","severity":"medium","cvss":6.2,"cves":["CVE-2026-45491"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45491","csirts_url":"https://www.csirts.com/advisory/cve-2026-45491-4467"},{"num":5119,"source_id":"msrc","external_id":"CVE-2026-42837","title":"CVE-2026-42837: Windows Projected File System Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42837"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42837","csirts_url":"https://www.csirts.com/advisory/cve-2026-42837-5119"},{"num":4552,"source_id":"msrc","external_id":"CVE-2026-10942","title":"CVE-2026-10942: Chromium: CVE-2026-10942 Insufficient validation of untrusted input in UI","severity":"unknown","cvss":null,"cves":["CVE-2026-10942"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10942","csirts_url":"https://www.csirts.com/advisory/cve-2026-10942-4552"},{"num":4083,"source_id":"msrc","external_id":"CVE-2026-53190","title":"CVE-2026-53190: drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53190"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53190","csirts_url":"https://www.csirts.com/advisory/cve-2026-53190-4083"},{"num":4311,"source_id":"msrc","external_id":"CVE-2026-53192","title":"CVE-2026-53192: ALSA: timer: Fix UAF at snd_timer_user_params()","severity":"high","cvss":7,"cves":["CVE-2026-53192"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53192","csirts_url":"https://www.csirts.com/advisory/cve-2026-53192-4311"},{"num":5063,"source_id":"msrc","external_id":"CVE-2026-12010","title":"CVE-2026-12010: Chromium: CVE-2026-12010 Heap buffer overflow GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-12010"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12010","csirts_url":"https://www.csirts.com/advisory/cve-2026-12010-5063"},{"num":4535,"source_id":"msrc","external_id":"CVE-2026-10916","title":"CVE-2026-10916: Chromium: CVE-2026-10916 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-10916"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10916","csirts_url":"https://www.csirts.com/advisory/cve-2026-10916-4535"},{"num":5090,"source_id":"msrc","external_id":"CVE-2026-12460","title":"CVE-2026-12460: Chromium: CVE-2026-12460 Insufficient policy enforcement in File System Access","severity":"unknown","cvss":null,"cves":["CVE-2026-12460"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12460","csirts_url":"https://www.csirts.com/advisory/cve-2026-12460-5090"},{"num":4377,"source_id":"msrc","external_id":"CVE-2026-53156","title":"CVE-2026-53156: nvmem: core: fix use-after-free bugs in error paths","severity":"medium","cvss":5.5,"cves":["CVE-2026-53156"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53156","csirts_url":"https://www.csirts.com/advisory/cve-2026-53156-4377"},{"num":4506,"source_id":"msrc","external_id":"CVE-2026-45588","title":"CVE-2026-45588: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-45588"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45588","csirts_url":"https://www.csirts.com/advisory/cve-2026-45588-4506"},{"num":4639,"source_id":"msrc","external_id":"CVE-2026-11098","title":"CVE-2026-11098: Chromium: CVE-2026-11098 Insufficient validation of untrusted input in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11098"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11098","csirts_url":"https://www.csirts.com/advisory/cve-2026-11098-4639"},{"num":4665,"source_id":"msrc","external_id":"CVE-2026-11137","title":"CVE-2026-11137: Chromium: CVE-2026-11137 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11137"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11137","csirts_url":"https://www.csirts.com/advisory/cve-2026-11137-4665"},{"num":2628,"source_id":"msrc","external_id":"CVE-2026-53032","title":"CVE-2026-53032: bpf: Fix NULL deref in map_kptr_match_type for scalar regs","severity":"medium","cvss":5.5,"cves":["CVE-2026-53032"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53032","csirts_url":"https://www.csirts.com/advisory/cve-2026-53032-2628"},{"num":5132,"source_id":"msrc","external_id":"CVE-2026-42914","title":"CVE-2026-42914: Windows Kerberos Denial of Service Vulnerability","severity":"medium","cvss":5.3,"cves":["CVE-2026-42914"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42914","csirts_url":"https://www.csirts.com/advisory/cve-2026-42914-5132"},{"num":4047,"source_id":"msrc","external_id":"CVE-2026-46299","title":"CVE-2026-46299: hfsplus: fix held lock freed on hfsplus_fill_super()","severity":"medium","cvss":5.5,"cves":["CVE-2026-46299"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46299","csirts_url":"https://www.csirts.com/advisory/cve-2026-46299-4047"},{"num":3497,"source_id":"msrc","external_id":"CVE-2026-53230","title":"CVE-2026-53230: net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list","severity":"high","cvss":7.1,"cves":["CVE-2026-53230"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53230","csirts_url":"https://www.csirts.com/advisory/cve-2026-53230-3497"},{"num":4336,"source_id":"msrc","external_id":"CVE-2026-53245","title":"CVE-2026-53245: net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr","severity":"medium","cvss":5.5,"cves":["CVE-2026-53245"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53245","csirts_url":"https://www.csirts.com/advisory/cve-2026-53245-4336"},{"num":4505,"source_id":"msrc","external_id":"CVE-2026-47641","title":"CVE-2026-47641: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":4.6,"cves":["CVE-2026-47641"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47641","csirts_url":"https://www.csirts.com/advisory/cve-2026-47641-4505"},{"num":4541,"source_id":"msrc","external_id":"CVE-2026-10925","title":"CVE-2026-10925: Chromium: CVE-2026-10925 Out of bounds write in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-10925"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10925","csirts_url":"https://www.csirts.com/advisory/cve-2026-10925-4541"},{"num":3940,"source_id":"msrc","external_id":"CVE-2026-52934","title":"CVE-2026-52934: batman-adv: tvlv: reject oversized TVLV packets","severity":"critical","cvss":9.8,"cves":["CVE-2026-52934"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52934","csirts_url":"https://www.csirts.com/advisory/cve-2026-52934-3940"},{"num":3504,"source_id":"msrc","external_id":"CVE-2026-52956","title":"CVE-2026-52956: libceph: Fix potential out-of-bounds access in __ceph_x_decrypt()","severity":"critical","cvss":9.8,"cves":["CVE-2026-52956"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52956","csirts_url":"https://www.csirts.com/advisory/cve-2026-52956-3504"},{"num":3431,"source_id":"msrc","external_id":"CVE-2026-53065","title":"CVE-2026-53065: ASoC: sti: use managed regmap_field allocations","severity":"medium","cvss":5.5,"cves":["CVE-2026-53065"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53065","csirts_url":"https://www.csirts.com/advisory/cve-2026-53065-3431"},{"num":4260,"source_id":"msrc","external_id":"CVE-2026-52982","title":"CVE-2026-52982: net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit()","severity":"medium","cvss":5.5,"cves":["CVE-2026-52982"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52982","csirts_url":"https://www.csirts.com/advisory/cve-2026-52982-4260"},{"num":4248,"source_id":"msrc","external_id":"CVE-2026-52948","title":"CVE-2026-52948: i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl","severity":"medium","cvss":5.5,"cves":["CVE-2026-52948"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52948","csirts_url":"https://www.csirts.com/advisory/cve-2026-52948-4248"},{"num":4296,"source_id":"msrc","external_id":"CVE-2026-47240","title":"CVE-2026-47240: Net::IMAP: Command Injection via non-synchronizing literal in \"raw\" argument","severity":"unknown","cvss":null,"cves":["CVE-2026-47240"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47240","csirts_url":"https://www.csirts.com/advisory/cve-2026-47240-4296"},{"num":1906,"source_id":"msrc","external_id":"CVE-2026-53177","title":"CVE-2026-53177: bnxt_en: Fix NULL pointer dereference","severity":"medium","cvss":5.5,"cves":["CVE-2026-53177"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53177","csirts_url":"https://www.csirts.com/advisory/cve-2026-53177-1906"},{"num":3586,"source_id":"msrc","external_id":"CVE-2026-53161","title":"CVE-2026-53161: misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context","severity":"high","cvss":7,"cves":["CVE-2026-53161"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53161","csirts_url":"https://www.csirts.com/advisory/cve-2026-53161-3586"},{"num":1900,"source_id":"msrc","external_id":"CVE-2026-40930","title":"CVE-2026-40930: LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body","severity":"medium","cvss":5.4,"cves":["CVE-2026-40930"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40930","csirts_url":"https://www.csirts.com/advisory/cve-2026-40930-1900"},{"num":4510,"source_id":"msrc","external_id":"CVE-2026-47652","title":"CVE-2026-47652: Windows Hyper-V Remote Code Execution Vulnerability","severity":"high","cvss":8.2,"cves":["CVE-2026-47652"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47652","csirts_url":"https://www.csirts.com/advisory/cve-2026-47652-4510"},{"num":4571,"source_id":"msrc","external_id":"CVE-2026-10975","title":"CVE-2026-10975: Chromium: CVE-2026-10975 Use after free in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-10975"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10975","csirts_url":"https://www.csirts.com/advisory/cve-2026-10975-4571"},{"num":2415,"source_id":"msrc","external_id":"CVE-2026-53076","title":"CVE-2026-53076: bpf: Fix OOB in pcpu_init_value","severity":"medium","cvss":5.5,"cves":["CVE-2026-53076"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53076","csirts_url":"https://www.csirts.com/advisory/cve-2026-53076-2415"},{"num":4173,"source_id":"msrc","external_id":"CVE-2026-46272","title":"CVE-2026-46272: coresight: tmc-etr: Fix race condition between sysfs and perf mode","severity":"low","cvss":3.9,"cves":["CVE-2026-46272"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46272","csirts_url":"https://www.csirts.com/advisory/cve-2026-46272-4173"},{"num":4645,"source_id":"msrc","external_id":"CVE-2026-11105","title":"CVE-2026-11105: Chromium: CVE-2026-11105 Insufficient validation of untrusted input in WebUI","severity":"unknown","cvss":null,"cves":["CVE-2026-11105"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11105","csirts_url":"https://www.csirts.com/advisory/cve-2026-11105-4645"},{"num":2594,"source_id":"msrc","external_id":"CVE-2026-53003","title":"CVE-2026-53003: pppoe: drop PFC frames","severity":"medium","cvss":5.5,"cves":["CVE-2026-53003"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53003","csirts_url":"https://www.csirts.com/advisory/cve-2026-53003-2594"},{"num":5144,"source_id":"msrc","external_id":"CVE-2026-42978","title":"CVE-2026-42978: Windows Push Notifications Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42978"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42978","csirts_url":"https://www.csirts.com/advisory/cve-2026-42978-5144"},{"num":4237,"source_id":"msrc","external_id":"CVE-2026-48858","title":"CVE-2026-48858: ftp client PASV response IP not validated against control peer, enabling SSRF and FTP bounce attacks","severity":"medium","cvss":6.5,"cves":["CVE-2026-48858"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48858","csirts_url":"https://www.csirts.com/advisory/cve-2026-48858-4237"},{"num":4504,"source_id":"msrc","external_id":"CVE-2026-47639","title":"CVE-2026-47639: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-47639"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47639","csirts_url":"https://www.csirts.com/advisory/cve-2026-47639-4504"},{"num":1871,"source_id":"msrc","external_id":"CVE-2026-10722","title":"CVE-2026-10722: cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow","severity":"low","cvss":3.3,"cves":["CVE-2026-10722"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10722","csirts_url":"https://www.csirts.com/advisory/cve-2026-10722-1871"},{"num":4120,"source_id":"msrc","external_id":"CVE-2026-52984","title":"CVE-2026-52984: net/sched: netem: fix queue limit check to include reordered packets","severity":"medium","cvss":5.5,"cves":["CVE-2026-52984"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52984","csirts_url":"https://www.csirts.com/advisory/cve-2026-52984-4120"},{"num":4243,"source_id":"msrc","external_id":"CVE-2026-12143","title":"CVE-2026-12143: form-data does not escape CR/LF/quote in multipart field names and filenames (CRLF injection)","severity":"high","cvss":7.5,"cves":["CVE-2026-12143"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12143","csirts_url":"https://www.csirts.com/advisory/cve-2026-12143-4243"},{"num":4265,"source_id":"msrc","external_id":"CVE-2026-53024","title":"CVE-2026-53024: greybus: raw: fix use-after-free if write is called after disconnect","severity":"high","cvss":7.1,"cves":["CVE-2026-53024"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53024","csirts_url":"https://www.csirts.com/advisory/cve-2026-53024-4265"},{"num":4526,"source_id":"msrc","external_id":"CVE-2026-10899","title":"CVE-2026-10899: Chromium: CVE-2026-10899 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-10899"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10899","csirts_url":"https://www.csirts.com/advisory/cve-2026-10899-4526"},{"num":4533,"source_id":"msrc","external_id":"CVE-2026-10912","title":"CVE-2026-10912: Chromium: CVE-2026-10912 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-10912"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10912","csirts_url":"https://www.csirts.com/advisory/cve-2026-10912-4533"},{"num":5092,"source_id":"msrc","external_id":"CVE-2026-12464","title":"CVE-2026-12464: Chromium: CVE-2026-12464 Use after free in Browser","severity":"unknown","cvss":null,"cves":["CVE-2026-12464"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12464","csirts_url":"https://www.csirts.com/advisory/cve-2026-12464-5092"},{"num":5062,"source_id":"msrc","external_id":"CVE-2026-12013","title":"CVE-2026-12013: Chromium: CVE-2026-12013 Use after free Media","severity":"unknown","cvss":null,"cves":["CVE-2026-12013"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12013","csirts_url":"https://www.csirts.com/advisory/cve-2026-12013-5062"},{"num":4268,"source_id":"msrc","external_id":"CVE-2026-56132","title":"CVE-2026-56132: In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.","severity":"medium","cvss":6.9,"cves":["CVE-2026-56132"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56132","csirts_url":"https://www.csirts.com/advisory/cve-2026-56132-4268"},{"num":1838,"source_id":"msrc","external_id":"CVE-2026-53043","title":"CVE-2026-53043: ocfs2/dlm: validate qr_numregions in dlm_match_regions()","severity":"critical","cvss":9.8,"cves":["CVE-2026-53043"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53043","csirts_url":"https://www.csirts.com/advisory/cve-2026-53043-1838"},{"num":4302,"source_id":"msrc","external_id":"CVE-2026-53018","title":"CVE-2026-53018: f2fs: avoid reading already updated pages during GC","severity":"critical","cvss":9.8,"cves":["CVE-2026-53018"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53018","csirts_url":"https://www.csirts.com/advisory/cve-2026-53018-4302"},{"num":5061,"source_id":"msrc","external_id":"CVE-2026-12014","title":"CVE-2026-12014: Chromium: CVE-2026-12014 Use after free Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-12014"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12014","csirts_url":"https://www.csirts.com/advisory/cve-2026-12014-5061"},{"num":5093,"source_id":"msrc","external_id":"CVE-2026-12463","title":"CVE-2026-12463: Chromium: CVE-2026-12463 Inappropriate implementation in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-12463"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12463","csirts_url":"https://www.csirts.com/advisory/cve-2026-12463-5093"},{"num":1822,"source_id":"msrc","external_id":"CVE-2026-57062","title":"CVE-2026-57062: CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182.","severity":"low","cvss":2.9,"cves":["CVE-2026-57062"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57062","csirts_url":"https://www.csirts.com/advisory/cve-2026-57062-1822"},{"num":4460,"source_id":"msrc","external_id":"CVE-2026-45456","title":"CVE-2026-45456: Microsoft Outlook and Word Remote Code Execution Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-45456"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45456","csirts_url":"https://www.csirts.com/advisory/cve-2026-45456-4460"},{"num":4637,"source_id":"msrc","external_id":"CVE-2026-11095","title":"CVE-2026-11095: Chromium: CVE-2026-11095 Insufficient validation of untrusted input in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11095"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11095","csirts_url":"https://www.csirts.com/advisory/cve-2026-11095-4637"},{"num":4686,"source_id":"msrc","external_id":"CVE-2026-11158","title":"CVE-2026-11158: Chromium: CVE-2026-11158 Insufficient validation of untrusted input in Downloads","severity":"unknown","cvss":null,"cves":["CVE-2026-11158"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11158","csirts_url":"https://www.csirts.com/advisory/cve-2026-11158-4686"},{"num":4704,"source_id":"msrc","external_id":"CVE-2026-11185","title":"CVE-2026-11185: Chromium: CVE-2026-11185 Use after free in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11185"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11185","csirts_url":"https://www.csirts.com/advisory/cve-2026-11185-4704"},{"num":5095,"source_id":"msrc","external_id":"CVE-2026-12454","title":"CVE-2026-12454: Chromium: CVE-2026-12454 Race in Safe Browsing","severity":"unknown","cvss":null,"cves":["CVE-2026-12454"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12454","csirts_url":"https://www.csirts.com/advisory/cve-2026-12454-5095"},{"num":1821,"source_id":"msrc","external_id":"CVE-2026-53212","title":"CVE-2026-53212: netfilter: nft_tunnel: fix use-after-free on object destroy","severity":"high","cvss":7.1,"cves":["CVE-2026-53212"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53212","csirts_url":"https://www.csirts.com/advisory/cve-2026-53212-1821"},{"num":1814,"source_id":"msrc","external_id":"CVE-2026-53021","title":"CVE-2026-53021: scsi: target: core: Fix integer overflow in UNMAP bounds check","severity":"medium","cvss":6.1,"cves":["CVE-2026-53021"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53021","csirts_url":"https://www.csirts.com/advisory/cve-2026-53021-1814"},{"num":4406,"source_id":"msrc","external_id":"CVE-2026-11979","title":"CVE-2026-11979: Stack-Based Buffer Overflow in libxml2","severity":"unknown","cvss":null,"cves":["CVE-2026-11979"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11979","csirts_url":"https://www.csirts.com/advisory/cve-2026-11979-4406"},{"num":3576,"source_id":"msrc","external_id":"CVE-2026-53115","title":"CVE-2026-53115: bus: fsl-mc: use generic driver_override infrastructure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53115"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53115","csirts_url":"https://www.csirts.com/advisory/cve-2026-53115-3576"},{"num":5154,"source_id":"msrc","external_id":"CVE-2026-44808","title":"CVE-2026-44808: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44808"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44808","csirts_url":"https://www.csirts.com/advisory/cve-2026-44808-5154"},{"num":4186,"source_id":"msrc","external_id":"CVE-2026-50261","title":"CVE-2026-50261: Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in syncchangecounter()","severity":"high","cvss":7.8,"cves":["CVE-2026-50261"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50261","csirts_url":"https://www.csirts.com/advisory/cve-2026-50261-4186"},{"num":4447,"source_id":"msrc","external_id":"CVE-2026-40409","title":"CVE-2026-40409: Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-40409"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40409","csirts_url":"https://www.csirts.com/advisory/cve-2026-40409-4447"},{"num":4321,"source_id":"msrc","external_id":"CVE-2026-52946","title":"CVE-2026-52946: fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling","severity":"medium","cvss":5.9,"cves":["CVE-2026-52946"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52946","csirts_url":"https://www.csirts.com/advisory/cve-2026-52946-4321"},{"num":1805,"source_id":"msrc","external_id":"CVE-2026-53059","title":"CVE-2026-53059: dm log: fix out-of-bounds write due to region_count overflow","severity":"high","cvss":7,"cves":["CVE-2026-53059"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53059","csirts_url":"https://www.csirts.com/advisory/cve-2026-53059-1805"},{"num":5120,"source_id":"msrc","external_id":"CVE-2026-42903","title":"CVE-2026-42903: Windows Kerberos Denial of Service Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-42903"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42903","csirts_url":"https://www.csirts.com/advisory/cve-2026-42903-5120"},{"num":4416,"source_id":"msrc","external_id":"CVE-2026-6092","title":"CVE-2026-6092: Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured","severity":"medium","cvss":5.3,"cves":["CVE-2026-6092"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-6092","csirts_url":"https://www.csirts.com/advisory/cve-2026-6092-4416"},{"num":1804,"source_id":"msrc","external_id":"CVE-2026-52912","title":"CVE-2026-52912: netfilter: nf_queue: hold bridge skb->dev while queued","severity":"high","cvss":7.8,"cves":["CVE-2026-52912"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52912","csirts_url":"https://www.csirts.com/advisory/cve-2026-52912-1804"},{"num":4470,"source_id":"msrc","external_id":"CVE-2026-45502","title":"CVE-2026-45502: Microsoft Exchange Server Information Disclosure Vulnerability","severity":"medium","cvss":5,"cves":["CVE-2026-45502"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45502","csirts_url":"https://www.csirts.com/advisory/cve-2026-45502-4470"},{"num":4532,"source_id":"msrc","external_id":"CVE-2026-10911","title":"CVE-2026-10911: Chromium: CVE-2026-10911 Insufficient validation of untrusted input in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-10911"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10911","csirts_url":"https://www.csirts.com/advisory/cve-2026-10911-4532"},{"num":5115,"source_id":"msrc","external_id":"CVE-2026-12469","title":"CVE-2026-12469: Chromium: CVE-2026-12469 Uninitialized Use in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-12469"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12469","csirts_url":"https://www.csirts.com/advisory/cve-2026-12469-5115"},{"num":4221,"source_id":"msrc","external_id":"CVE-2026-34183","title":"CVE-2026-34183: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler","severity":"high","cvss":7.5,"cves":["CVE-2026-34183"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34183","csirts_url":"https://www.csirts.com/advisory/cve-2026-34183-4221"},{"num":4568,"source_id":"msrc","external_id":"CVE-2026-10972","title":"CVE-2026-10972: Chromium: CVE-2026-10972 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-10972"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10972","csirts_url":"https://www.csirts.com/advisory/cve-2026-10972-4568"},{"num":4512,"source_id":"msrc","external_id":"CVE-2026-48573","title":"CVE-2026-48573: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-48573"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48573","csirts_url":"https://www.csirts.com/advisory/cve-2026-48573-4512"},{"num":5060,"source_id":"msrc","external_id":"CVE-2026-12017","title":"CVE-2026-12017: Chromium: CVE-2026-12017 Insufficient validation of untrusted input Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12017"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12017","csirts_url":"https://www.csirts.com/advisory/cve-2026-12017-5060"},{"num":5097,"source_id":"msrc","external_id":"CVE-2026-12468","title":"CVE-2026-12468: Chromium: CVE-2026-12468 Inappropriate implementation in Updater","severity":"unknown","cvss":null,"cves":["CVE-2026-12468"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12468","csirts_url":"https://www.csirts.com/advisory/cve-2026-12468-5097"},{"num":4147,"source_id":"msrc","external_id":"CVE-2026-6291","title":"CVE-2026-6291: Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption","severity":"medium","cvss":6.5,"cves":["CVE-2026-6291"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-6291","csirts_url":"https://www.csirts.com/advisory/cve-2026-6291-4147"},{"num":4569,"source_id":"msrc","external_id":"CVE-2026-10973","title":"CVE-2026-10973: Chromium: CVE-2026-10973 Uninitialized Use in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-10973"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10973","csirts_url":"https://www.csirts.com/advisory/cve-2026-10973-4569"},{"num":4602,"source_id":"msrc","external_id":"CVE-2026-11037","title":"CVE-2026-11037: Chromium: CVE-2026-11037 Out of bounds write in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11037"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11037","csirts_url":"https://www.csirts.com/advisory/cve-2026-11037-4602"},{"num":2451,"source_id":"msrc","external_id":"CVE-2026-53214","title":"CVE-2026-53214: ipv6: Fix a potential NPD in cleanup_prefix_route()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53214"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53214","csirts_url":"https://www.csirts.com/advisory/cve-2026-53214-2451"},{"num":4625,"source_id":"msrc","external_id":"CVE-2026-11075","title":"CVE-2026-11075: Chromium: CVE-2026-11075 Out of bounds read in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11075"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11075","csirts_url":"https://www.csirts.com/advisory/cve-2026-11075-4625"},{"num":5059,"source_id":"msrc","external_id":"CVE-2026-12007","title":"CVE-2026-12007: Chromium: CVE-2026-12007 Use after free Core","severity":"unknown","cvss":null,"cves":["CVE-2026-12007"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12007","csirts_url":"https://www.csirts.com/advisory/cve-2026-12007-5059"},{"num":5114,"source_id":"msrc","external_id":"CVE-2026-12438","title":"CVE-2026-12438: Chromium: CVE-2026-12438 Inappropriate implementation in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-12438"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12438","csirts_url":"https://www.csirts.com/advisory/cve-2026-12438-5114"},{"num":4283,"source_id":"msrc","external_id":"CVE-2026-53138","title":"CVE-2026-53138: drm/amd/display: Bound VBIOS record-chain walk loops","severity":"medium","cvss":5.5,"cves":["CVE-2026-53138"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53138","csirts_url":"https://www.csirts.com/advisory/cve-2026-53138-4283"},{"num":4084,"source_id":"msrc","external_id":"CVE-2026-52961","title":"CVE-2026-52961: ceph: fix BUG_ON in __ceph_build_xattrs_blob() due to stale blob size","severity":"high","cvss":7.1,"cves":["CVE-2026-52961"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52961","csirts_url":"https://www.csirts.com/advisory/cve-2026-52961-4084"},{"num":4097,"source_id":"msrc","external_id":"CVE-2026-53186","title":"CVE-2026-53186: RDMA/srp: bound SRP_RSP sense copy by the received length","severity":"high","cvss":7.1,"cves":["CVE-2026-53186"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53186","csirts_url":"https://www.csirts.com/advisory/cve-2026-53186-4097"},{"num":4155,"source_id":"msrc","external_id":"CVE-2026-6094","title":"CVE-2026-6094: Heap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedData","severity":"critical","cvss":9.1,"cves":["CVE-2026-6094"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-6094","csirts_url":"https://www.csirts.com/advisory/cve-2026-6094-4155"},{"num":4339,"source_id":"msrc","external_id":"CVE-2026-52925","title":"CVE-2026-52925: vrf: Fix a potential NPD when removing a port from a VRF","severity":"medium","cvss":5.5,"cves":["CVE-2026-52925"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52925","csirts_url":"https://www.csirts.com/advisory/cve-2026-52925-4339"},{"num":4503,"source_id":"msrc","external_id":"CVE-2026-47638","title":"CVE-2026-47638: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":4.6,"cves":["CVE-2026-47638"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47638","csirts_url":"https://www.csirts.com/advisory/cve-2026-47638-4503"},{"num":4187,"source_id":"msrc","external_id":"CVE-2026-50259","title":"CVE-2026-50259: Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb setmap request via mapwidths indexing","severity":"high","cvss":7.8,"cves":["CVE-2026-50259"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50259","csirts_url":"https://www.csirts.com/advisory/cve-2026-50259-4187"},{"num":4279,"source_id":"msrc","external_id":"CVE-2026-53012","title":"CVE-2026-53012: nexthop: fix IPv6 route referencing IPv4 nexthop","severity":"medium","cvss":5.5,"cves":["CVE-2026-53012"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53012","csirts_url":"https://www.csirts.com/advisory/cve-2026-53012-4279"},{"num":2499,"source_id":"msrc","external_id":"CVE-2026-53218","title":"CVE-2026-53218: netfilter: nft_exthdr: fix register tracking for F_PRESENT flag","severity":"high","cvss":7,"cves":["CVE-2026-53218"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53218","csirts_url":"https://www.csirts.com/advisory/cve-2026-53218-2499"},{"num":4337,"source_id":"msrc","external_id":"CVE-2026-52969","title":"CVE-2026-52969: KVM: Reject wrapped offset in kvm_reset_dirty_gfn()","severity":"high","cvss":7.1,"cves":["CVE-2026-52969"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52969","csirts_url":"https://www.csirts.com/advisory/cve-2026-52969-4337"},{"num":4465,"source_id":"msrc","external_id":"CVE-2026-45487","title":"CVE-2026-45487: Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45487"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45487","csirts_url":"https://www.csirts.com/advisory/cve-2026-45487-4465"},{"num":4611,"source_id":"msrc","external_id":"CVE-2026-11050","title":"CVE-2026-11050: Chromium: CVE-2026-11050 Use after free in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11050"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11050","csirts_url":"https://www.csirts.com/advisory/cve-2026-11050-4611"},{"num":5122,"source_id":"msrc","external_id":"CVE-2026-42905","title":"CVE-2026-42905: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42905"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42905","csirts_url":"https://www.csirts.com/advisory/cve-2026-42905-5122"},{"num":4687,"source_id":"msrc","external_id":"CVE-2026-11161","title":"CVE-2026-11161: Chromium: CVE-2026-11161 Insufficient data validation in DataTransfer","severity":"unknown","cvss":null,"cves":["CVE-2026-11161"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11161","csirts_url":"https://www.csirts.com/advisory/cve-2026-11161-4687"},{"num":2479,"source_id":"msrc","external_id":"CVE-2026-53073","title":"CVE-2026-53073: Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error","severity":"high","cvss":7,"cves":["CVE-2026-53073"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53073","csirts_url":"https://www.csirts.com/advisory/cve-2026-53073-2479"},{"num":5058,"source_id":"msrc","external_id":"CVE-2026-12018","title":"CVE-2026-12018: Chromium: CVE-2026-12018 Inappropriate implementation Mojo","severity":"unknown","cvss":null,"cves":["CVE-2026-12018"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12018","csirts_url":"https://www.csirts.com/advisory/cve-2026-12018-5058"},{"num":3693,"source_id":"msrc","external_id":"CVE-2026-53163","title":"CVE-2026-53163: locking/rtmutex: Skip remove_waiter() when waiter is not enqueued","severity":"medium","cvss":5.5,"cves":["CVE-2026-53163"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53163","csirts_url":"https://www.csirts.com/advisory/cve-2026-53163-3693"},{"num":4232,"source_id":"msrc","external_id":"CVE-2026-11526","title":"CVE-2026-11526: GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle","severity":"medium","cvss":4.2,"cves":["CVE-2026-11526"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11526","csirts_url":"https://www.csirts.com/advisory/cve-2026-11526-4232"},{"num":4358,"source_id":"msrc","external_id":"CVE-2026-57234","title":"CVE-2026-57234: Nokogiri: XML::Schema on JRuby allows network requests when NONET is set, bypassing CVE-2020-26247","severity":"low","cvss":2.6,"cves":["CVE-2026-57234"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57234","csirts_url":"https://www.csirts.com/advisory/cve-2026-57234-4358"},{"num":4449,"source_id":"msrc","external_id":"CVE-2026-33828","title":"CVE-2026-33828: Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-33828"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33828","csirts_url":"https://www.csirts.com/advisory/cve-2026-33828-4449"},{"num":5162,"source_id":"msrc","external_id":"CVE-2026-42987","title":"CVE-2026-42987: Windows Deployment Services (WDS) Remote Code Execution","severity":"high","cvss":8.1,"cves":["CVE-2026-42987"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42987","csirts_url":"https://www.csirts.com/advisory/cve-2026-42987-5162"},{"num":4642,"source_id":"msrc","external_id":"CVE-2026-11101","title":"CVE-2026-11101: Chromium: CVE-2026-11101 Uninitialized Use in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11101"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11101","csirts_url":"https://www.csirts.com/advisory/cve-2026-11101-4642"},{"num":5169,"source_id":"msrc","external_id":"CVE-2026-42824","title":"CVE-2026-42824: M365 Copilot Information Disclosure Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-42824"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42824","csirts_url":"https://www.csirts.com/advisory/cve-2026-42824-5169"},{"num":5139,"source_id":"msrc","external_id":"CVE-2026-42973","title":"CVE-2026-42973: Windows Push Notification Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42973"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42973","csirts_url":"https://www.csirts.com/advisory/cve-2026-42973-5139"},{"num":4183,"source_id":"msrc","external_id":"CVE-2026-3276","title":"CVE-2026-3276: Potential DoS via quadratic complexity in unicodedata.normalize()","severity":"unknown","cvss":null,"cves":["CVE-2026-3276"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3276","csirts_url":"https://www.csirts.com/advisory/cve-2026-3276-4183"},{"num":4471,"source_id":"msrc","external_id":"CVE-2026-45503","title":"CVE-2026-45503: Microsoft Exchange Server Information Disclosure Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-45503"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45503","csirts_url":"https://www.csirts.com/advisory/cve-2026-45503-4471"},{"num":3563,"source_id":"msrc","external_id":"CVE-2026-52986","title":"CVE-2026-52986: netfilter: nf_conntrack_sip: don't use simple_strtoul","severity":"high","cvss":7.5,"cves":["CVE-2026-52986"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52986","csirts_url":"https://www.csirts.com/advisory/cve-2026-52986-3563"},{"num":4434,"source_id":"msrc","external_id":"CVE-2026-10984","title":"CVE-2026-10984: Chromium: CVE-2026-10984 Inappropriate implementation in Accessibility","severity":"unknown","cvss":null,"cves":["CVE-2026-10984"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10984","csirts_url":"https://www.csirts.com/advisory/cve-2026-10984-4434"},{"num":4573,"source_id":"msrc","external_id":"CVE-2026-10977","title":"CVE-2026-10977: Chromium: CVE-2026-10977 Uninitialized Use in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-10977"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10977","csirts_url":"https://www.csirts.com/advisory/cve-2026-10977-4573"},{"num":4670,"source_id":"msrc","external_id":"CVE-2026-11147","title":"CVE-2026-11147: Chromium: CVE-2026-11147 Use after free in WebML","severity":"unknown","cvss":null,"cves":["CVE-2026-11147"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11147","csirts_url":"https://www.csirts.com/advisory/cve-2026-11147-4670"},{"num":4275,"source_id":"msrc","external_id":"CVE-2026-56412","title":"CVE-2026-56412: libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219.","severity":"medium","cvss":4.9,"cves":["CVE-2026-56412"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56412","csirts_url":"https://www.csirts.com/advisory/cve-2026-56412-4275"},{"num":4432,"source_id":"msrc","external_id":"CVE-2026-47644","title":"CVE-2026-47644: Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-47644"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47644","csirts_url":"https://www.csirts.com/advisory/cve-2026-47644-4432"},{"num":4500,"source_id":"msrc","external_id":"CVE-2026-47635","title":"CVE-2026-47635: Microsoft Outlook and Word Remote Code Execution Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-47635"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47635","csirts_url":"https://www.csirts.com/advisory/cve-2026-47635-4500"},{"num":4466,"source_id":"msrc","external_id":"CVE-2026-45490","title":"CVE-2026-45490: .NET SDK Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45490"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45490","csirts_url":"https://www.csirts.com/advisory/cve-2026-45490-4466"},{"num":4522,"source_id":"msrc","external_id":"CVE-2026-10890","title":"CVE-2026-10890: Chromium: CVE-2026-10890 Use after free in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-10890"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10890","csirts_url":"https://www.csirts.com/advisory/cve-2026-10890-4522"},{"num":4662,"source_id":"msrc","external_id":"CVE-2026-11134","title":"CVE-2026-11134: Chromium: CVE-2026-11134 Insufficient data validation in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11134"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11134","csirts_url":"https://www.csirts.com/advisory/cve-2026-11134-4662"},{"num":4403,"source_id":"msrc","external_id":"CVE-2026-54371","title":"CVE-2026-54371: attr < 2.6.0 Symlink Traversal Privilege Escalation via getfattr/setfattr","severity":"high","cvss":7.1,"cves":["CVE-2026-54371"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54371","csirts_url":"https://www.csirts.com/advisory/cve-2026-54371-4403"},{"num":4507,"source_id":"msrc","external_id":"CVE-2026-47648","title":"CVE-2026-47648: Windows Storage Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-47648"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47648","csirts_url":"https://www.csirts.com/advisory/cve-2026-47648-4507"},{"num":5134,"source_id":"msrc","external_id":"CVE-2026-42968","title":"CVE-2026-42968: Windows Telephony Server Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42968"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42968","csirts_url":"https://www.csirts.com/advisory/cve-2026-42968-5134"},{"num":4096,"source_id":"msrc","external_id":"CVE-2026-52989","title":"CVE-2026-52989: nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers","severity":"critical","cvss":9.8,"cves":["CVE-2026-52989"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52989","csirts_url":"https://www.csirts.com/advisory/cve-2026-52989-4096"},{"num":4139,"source_id":"msrc","external_id":"CVE-2026-58011","title":"CVE-2026-58011: Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime","severity":"medium","cvss":6.5,"cves":["CVE-2026-58011"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58011","csirts_url":"https://www.csirts.com/advisory/cve-2026-58011-4139"},{"num":4395,"source_id":"msrc","external_id":"CVE-2026-53314","title":"CVE-2026-53314: padata: Put CPU offline callback in ONLINE section to allow failure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53314"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53314","csirts_url":"https://www.csirts.com/advisory/cve-2026-53314-4395"},{"num":4531,"source_id":"msrc","external_id":"CVE-2026-10910","title":"CVE-2026-10910: Chromium: CVE-2026-10910 Type Confusion in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-10910"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10910","csirts_url":"https://www.csirts.com/advisory/cve-2026-10910-4531"},{"num":4703,"source_id":"msrc","external_id":"CVE-2026-11181","title":"CVE-2026-11181: Chromium: CVE-2026-11181 Inappropriate implementation in Media Session","severity":"unknown","cvss":null,"cves":["CVE-2026-11181"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11181","csirts_url":"https://www.csirts.com/advisory/cve-2026-11181-4703"},{"num":4241,"source_id":"msrc","external_id":"CVE-2026-48855","title":"CVE-2026-48855: SFTP READLINK Leaks Absolute Backend Filesystem Path When Root Is Configured","severity":"medium","cvss":6.5,"cves":["CVE-2026-48855"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48855","csirts_url":"https://www.csirts.com/advisory/cve-2026-48855-4241"},{"num":4705,"source_id":"msrc","external_id":"CVE-2026-11186","title":"CVE-2026-11186: Chromium: CVE-2026-11186 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11186"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11186","csirts_url":"https://www.csirts.com/advisory/cve-2026-11186-4705"},{"num":4710,"source_id":"msrc","external_id":"CVE-2026-11190","title":"CVE-2026-11190: Chromium: CVE-2026-11190 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11190"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11190","csirts_url":"https://www.csirts.com/advisory/cve-2026-11190-4710"},{"num":4745,"source_id":"msrc","external_id":"CVE-2026-11233","title":"CVE-2026-11233: Chromium: CVE-2026-11233 Insufficient validation of untrusted input in FoldableAPIs","severity":"unknown","cvss":null,"cves":["CVE-2026-11233"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11233","csirts_url":"https://www.csirts.com/advisory/cve-2026-11233-4745"},{"num":5109,"source_id":"msrc","external_id":"CVE-2026-50521","title":"CVE-2026-50521: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.3,"cves":["CVE-2026-50521"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50521","csirts_url":"https://www.csirts.com/advisory/cve-2026-50521-5109"},{"num":4473,"source_id":"msrc","external_id":"CVE-2026-45583","title":"CVE-2026-45583: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-45583"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45583","csirts_url":"https://www.csirts.com/advisory/cve-2026-45583-4473"},{"num":4501,"source_id":"msrc","external_id":"CVE-2026-47636","title":"CVE-2026-47636: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-47636"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47636","csirts_url":"https://www.csirts.com/advisory/cve-2026-47636-4501"},{"num":4134,"source_id":"msrc","external_id":"CVE-2026-52955","title":"CVE-2026-52955: libceph: Fix potential out-of-bounds access in crush_decode()","severity":"high","cvss":7.5,"cves":["CVE-2026-52955"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52955","csirts_url":"https://www.csirts.com/advisory/cve-2026-52955-4134"},{"num":4188,"source_id":"msrc","external_id":"CVE-2026-46289","title":"CVE-2026-46289: lib/scatterlist: fix length calculations in extract_kvec_to_sg","severity":"medium","cvss":5.5,"cves":["CVE-2026-46289"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46289","csirts_url":"https://www.csirts.com/advisory/cve-2026-46289-4188"},{"num":4479,"source_id":"msrc","external_id":"CVE-2026-45641","title":"CVE-2026-45641: Windows Hyper-V Remote Code Execution Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-45641"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45641","csirts_url":"https://www.csirts.com/advisory/cve-2026-45641-4479"},{"num":4557,"source_id":"msrc","external_id":"CVE-2026-10954","title":"CVE-2026-10954: Chromium: CVE-2026-10954 Use after free in Actor","severity":"unknown","cvss":null,"cves":["CVE-2026-10954"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10954","csirts_url":"https://www.csirts.com/advisory/cve-2026-10954-4557"},{"num":4490,"source_id":"msrc","external_id":"CVE-2026-47287","title":"CVE-2026-47287: Visual Studio Code Tampering Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-47287"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47287","csirts_url":"https://www.csirts.com/advisory/cve-2026-47287-4490"},{"num":4203,"source_id":"msrc","external_id":"CVE-2026-10846","title":"CVE-2026-10846: Insufficient verification that responses belong to a query","severity":"unknown","cvss":null,"cves":["CVE-2026-10846"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10846","csirts_url":"https://www.csirts.com/advisory/cve-2026-10846-4203"},{"num":4527,"source_id":"msrc","external_id":"CVE-2026-10900","title":"CVE-2026-10900: Chromium: CVE-2026-10900 Use after free in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-10900"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10900","csirts_url":"https://www.csirts.com/advisory/cve-2026-10900-4527"},{"num":1552,"source_id":"msrc","external_id":"CVE-2026-53109","title":"CVE-2026-53109: powerpc/pgtable-frag: Fix bad page state in pte_frag_destroy","severity":"medium","cvss":5.5,"cves":["CVE-2026-53109"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53109","csirts_url":"https://www.csirts.com/advisory/cve-2026-53109-1552"},{"num":4462,"source_id":"msrc","external_id":"CVE-2026-45460","title":"CVE-2026-45460: Microsoft Office Information Disclosure Vulnerability","severity":"medium","cvss":4.7,"cves":["CVE-2026-45460"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45460","csirts_url":"https://www.csirts.com/advisory/cve-2026-45460-4462"},{"num":4472,"source_id":"msrc","external_id":"CVE-2026-45504","title":"CVE-2026-45504: Microsoft Exchange Server Elevation of Privilege Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-45504"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45504","csirts_url":"https://www.csirts.com/advisory/cve-2026-45504-4472"},{"num":4138,"source_id":"msrc","external_id":"CVE-2026-58012","title":"CVE-2026-58012: Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()","severity":"medium","cvss":6.5,"cves":["CVE-2026-58012"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58012","csirts_url":"https://www.csirts.com/advisory/cve-2026-58012-4138"},{"num":4285,"source_id":"msrc","external_id":"CVE-2026-53146","title":"CVE-2026-53146: thunderbolt: Limit XDomain response copy to actual frame size","severity":"medium","cvss":6.5,"cves":["CVE-2026-53146"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53146","csirts_url":"https://www.csirts.com/advisory/cve-2026-53146-4285"},{"num":4257,"source_id":"msrc","external_id":"CVE-2026-56404","title":"CVE-2026-56404: libexpat before 2.8.2 has an integer overflow in addBinding.","severity":"medium","cvss":6.9,"cves":["CVE-2026-56404"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56404","csirts_url":"https://www.csirts.com/advisory/cve-2026-56404-4257"},{"num":4128,"source_id":"msrc","external_id":"CVE-2026-55892","title":"CVE-2026-55892: Vim: Out-of-bounds Write in Spell File Prefix Dump","severity":"medium","cvss":5.5,"cves":["CVE-2026-55892"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55892","csirts_url":"https://www.csirts.com/advisory/cve-2026-55892-4128"},{"num":4171,"source_id":"msrc","external_id":"CVE-2026-46254","title":"CVE-2026-46254: AppArmor: Allow apparmor to handle unaligned dfa tables","severity":"medium","cvss":5.5,"cves":["CVE-2026-46254"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46254","csirts_url":"https://www.csirts.com/advisory/cve-2026-46254-4171"},{"num":5165,"source_id":"msrc","external_id":"CVE-2026-42993","title":"CVE-2026-42993: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-42993"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42993","csirts_url":"https://www.csirts.com/advisory/cve-2026-42993-5165"},{"num":4153,"source_id":"msrc","external_id":"CVE-2026-55961","title":"CVE-2026-55961: wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer","severity":"high","cvss":7.5,"cves":["CVE-2026-55961"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55961","csirts_url":"https://www.csirts.com/advisory/cve-2026-55961-4153"},{"num":4230,"source_id":"msrc","external_id":"CVE-2026-34180","title":"CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing","severity":"high","cvss":7.5,"cves":["CVE-2026-34180"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-34180","csirts_url":"https://www.csirts.com/advisory/cve-2026-34180-4230"},{"num":4317,"source_id":"msrc","external_id":"CVE-2026-53062","title":"CVE-2026-53062: dm cache policy smq: fix missing locks in invalidating cache blocks","severity":"critical","cvss":9.8,"cves":["CVE-2026-53062"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53062","csirts_url":"https://www.csirts.com/advisory/cve-2026-53062-4317"},{"num":4247,"source_id":"msrc","external_id":"CVE-2026-56116","title":"CVE-2026-56116: dhcpcd Memory Leak DoS via IPv6 Router Advertisement Handling","severity":"medium","cvss":6.5,"cves":["CVE-2026-56116"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56116","csirts_url":"https://www.csirts.com/advisory/cve-2026-56116-4247"},{"num":975,"source_id":"msrc","external_id":"CVE-2026-43966","title":"CVE-2026-43966: HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2","severity":"unknown","cvss":null,"cves":["CVE-2026-43966"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-43966","csirts_url":"https://www.csirts.com/advisory/cve-2026-43966-975"},{"num":4596,"source_id":"msrc","external_id":"CVE-2026-11021","title":"CVE-2026-11021: Chromium: CVE-2026-11021 Insufficient validation of untrusted input in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11021"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11021","csirts_url":"https://www.csirts.com/advisory/cve-2026-11021-4596"},{"num":4660,"source_id":"msrc","external_id":"CVE-2026-11132","title":"CVE-2026-11132: Chromium: CVE-2026-11132 Policy bypass in Paint","severity":"unknown","cvss":null,"cves":["CVE-2026-11132"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11132","csirts_url":"https://www.csirts.com/advisory/cve-2026-11132-4660"},{"num":3508,"source_id":"msrc","external_id":"CVE-2026-55204","title":"CVE-2026-55204: HAProxy - NULL Pointer Dereference in hpack_dht_insert Function","severity":"high","cvss":7.5,"cves":["CVE-2026-55204"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55204","csirts_url":"https://www.csirts.com/advisory/cve-2026-55204-3508"},{"num":5110,"source_id":"msrc","external_id":"CVE-2026-12028","title":"CVE-2026-12028: Chromium: CVE-2026-12028 Use after free GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-12028"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12028","csirts_url":"https://www.csirts.com/advisory/cve-2026-12028-5110"},{"num":5111,"source_id":"msrc","external_id":"CVE-2026-11647","title":"CVE-2026-11647: Chromium: CVE-2026-11647 Use after free in Printing","severity":"unknown","cvss":null,"cves":["CVE-2026-11647"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11647","csirts_url":"https://www.csirts.com/advisory/cve-2026-11647-5111"},{"num":4440,"source_id":"msrc","external_id":"CVE-2026-32174","title":"CVE-2026-32174: Azure Bot Service Elevation of Privilege Vulnerability","severity":"high","cvss":7.7,"cves":["CVE-2026-32174"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32174","csirts_url":"https://www.csirts.com/advisory/cve-2026-32174-4440"},{"num":2382,"source_id":"msrc","external_id":"CVE-2026-52996","title":"CVE-2026-52996: ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open","severity":"high","cvss":7.1,"cves":["CVE-2026-52996"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52996","csirts_url":"https://www.csirts.com/advisory/cve-2026-52996-2382"},{"num":5057,"source_id":"msrc","external_id":"CVE-2026-11097","title":"CVE-2026-11097: Chromium: CVE-2026-11097 Inappropriate implementation in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11097"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11097","csirts_url":"https://www.csirts.com/advisory/cve-2026-11097-5057"},{"num":5100,"source_id":"msrc","external_id":"CVE-2026-12437","title":"CVE-2026-12437: Chromium: CVE-2026-12437 Use after free in WebShare","severity":"unknown","cvss":null,"cves":["CVE-2026-12437"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12437","csirts_url":"https://www.csirts.com/advisory/cve-2026-12437-5100"},{"num":4157,"source_id":"msrc","external_id":"CVE-2026-6330","title":"CVE-2026-6330: ML-KEM ARM64 NEON ciphertext comparison only compares half of the input","severity":"medium","cvss":6.5,"cves":["CVE-2026-6330"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-6330","csirts_url":"https://www.csirts.com/advisory/cve-2026-6330-4157"},{"num":4441,"source_id":"msrc","external_id":"CVE-2026-45480","title":"CVE-2026-45480: Azure Active Directory Elevation of Privilege Vulnerability","severity":"critical","cvss":10,"cves":["CVE-2026-45480"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45480","csirts_url":"https://www.csirts.com/advisory/cve-2026-45480-4441"},{"num":5125,"source_id":"msrc","external_id":"CVE-2026-42908","title":"CVE-2026-42908: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-42908"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42908","csirts_url":"https://www.csirts.com/advisory/cve-2026-42908-5125"},{"num":5101,"source_id":"msrc","external_id":"CVE-2026-12461","title":"CVE-2026-12461: Chromium: CVE-2026-12461 Out of bounds read in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-12461"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12461","csirts_url":"https://www.csirts.com/advisory/cve-2026-12461-5101"},{"num":4130,"source_id":"msrc","external_id":"CVE-2026-52941","title":"CVE-2026-52941: net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint","severity":"medium","cvss":5.5,"cves":["CVE-2026-52941"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52941","csirts_url":"https://www.csirts.com/advisory/cve-2026-52941-4130"},{"num":5103,"source_id":"msrc","external_id":"CVE-2026-13036","title":"CVE-2026-13036: Chromium: CVE-2026-13036 Use after free in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-13036"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13036","csirts_url":"https://www.csirts.com/advisory/cve-2026-13036-5103"},{"num":4423,"source_id":"msrc","external_id":"CVE-2026-45469","title":"CVE-2026-45469: Microsoft Excel Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45469"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45469","csirts_url":"https://www.csirts.com/advisory/cve-2026-45469-4423"},{"num":4379,"source_id":"msrc","external_id":"CVE-2026-53252","title":"CVE-2026-53252: Bluetooth: fix memory leak in error path of hci_alloc_dev()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53252"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53252","csirts_url":"https://www.csirts.com/advisory/cve-2026-53252-4379"},{"num":4422,"source_id":"msrc","external_id":"CVE-2026-45468","title":"CVE-2026-45468: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":4.6,"cves":["CVE-2026-45468"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45468","csirts_url":"https://www.csirts.com/advisory/cve-2026-45468-4422"},{"num":5105,"source_id":"msrc","external_id":"CVE-2026-13034","title":"CVE-2026-13034: Chromium: CVE-2026-13034 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13034"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13034","csirts_url":"https://www.csirts.com/advisory/cve-2026-13034-5105"},{"num":4433,"source_id":"msrc","external_id":"CVE-2026-47655","title":"CVE-2026-47655: Microsoft Graph Information Disclosure Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-47655"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47655","csirts_url":"https://www.csirts.com/advisory/cve-2026-47655-4433"},{"num":5107,"source_id":"msrc","external_id":"CVE-2026-13031","title":"CVE-2026-13031: Chromium: CVE-2026-13031 Use after free in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-13031"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13031","csirts_url":"https://www.csirts.com/advisory/cve-2026-13031-5107"},{"num":4477,"source_id":"msrc","external_id":"CVE-2026-45606","title":"CVE-2026-45606: Microsoft UxTheme Library (uxtheme.dll) Denial of Service Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-45606"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45606","csirts_url":"https://www.csirts.com/advisory/cve-2026-45606-4477"},{"num":4234,"source_id":"msrc","external_id":"CVE-2026-46331","title":"CVE-2026-46331: net/sched: fix pedit partial COW leading to page cache corruption","severity":"high","cvss":8.1,"cves":["CVE-2026-46331"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46331","csirts_url":"https://www.csirts.com/advisory/cve-2026-46331-4234"},{"num":4226,"source_id":"msrc","external_id":"CVE-2026-45446","title":"CVE-2026-45446: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes","severity":"medium","cvss":4.8,"cves":["CVE-2026-45446"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45446","csirts_url":"https://www.csirts.com/advisory/cve-2026-45446-4226"},{"num":4115,"source_id":"msrc","external_id":"CVE-2026-56123","title":"CVE-2026-56123: socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser","severity":"high","cvss":8.1,"cves":["CVE-2026-56123"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56123","csirts_url":"https://www.csirts.com/advisory/cve-2026-56123-4115"},{"num":4693,"source_id":"msrc","external_id":"CVE-2026-11170","title":"CVE-2026-11170: Chromium: CVE-2026-11170 Inappropriate implementation in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11170"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11170","csirts_url":"https://www.csirts.com/advisory/cve-2026-11170-4693"},{"num":1522,"source_id":"msrc","external_id":"CVE-2026-52916","title":"CVE-2026-52916: batman-adv: frag: disallow unicast fragment in fragment","severity":"medium","cvss":5.5,"cves":["CVE-2026-52916"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52916","csirts_url":"https://www.csirts.com/advisory/cve-2026-52916-1522"},{"num":4676,"source_id":"msrc","external_id":"CVE-2026-11150","title":"CVE-2026-11150: Chromium: CVE-2026-11150 Inappropriate implementation in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-11150"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11150","csirts_url":"https://www.csirts.com/advisory/cve-2026-11150-4676"},{"num":4677,"source_id":"msrc","external_id":"CVE-2026-11151","title":"CVE-2026-11151: Chromium: CVE-2026-11151 Insufficient validation of untrusted input in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11151"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11151","csirts_url":"https://www.csirts.com/advisory/cve-2026-11151-4677"},{"num":4678,"source_id":"msrc","external_id":"CVE-2026-11153","title":"CVE-2026-11153: Chromium: CVE-2026-11153 Side-channel information leakage in Forms","severity":"unknown","cvss":null,"cves":["CVE-2026-11153"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11153","csirts_url":"https://www.csirts.com/advisory/cve-2026-11153-4678"},{"num":4679,"source_id":"msrc","external_id":"CVE-2026-11152","title":"CVE-2026-11152: Chromium: CVE-2026-11152 Object lifecycle issue in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11152"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11152","csirts_url":"https://www.csirts.com/advisory/cve-2026-11152-4679"},{"num":4680,"source_id":"msrc","external_id":"CVE-2026-11154","title":"CVE-2026-11154: Chromium: CVE-2026-11154 Use after free in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11154"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11154","csirts_url":"https://www.csirts.com/advisory/cve-2026-11154-4680"},{"num":4681,"source_id":"msrc","external_id":"CVE-2026-11155","title":"CVE-2026-11155: Chromium: CVE-2026-11155 Insufficient policy enforcement in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11155"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11155","csirts_url":"https://www.csirts.com/advisory/cve-2026-11155-4681"},{"num":4682,"source_id":"msrc","external_id":"CVE-2026-11156","title":"CVE-2026-11156: Chromium: CVE-2026-11156 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11156"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11156","csirts_url":"https://www.csirts.com/advisory/cve-2026-11156-4682"},{"num":4683,"source_id":"msrc","external_id":"CVE-2026-11157","title":"CVE-2026-11157: Chromium: CVE-2026-11157 Script injection in Accessibility","severity":"unknown","cvss":null,"cves":["CVE-2026-11157"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11157","csirts_url":"https://www.csirts.com/advisory/cve-2026-11157-4683"},{"num":4684,"source_id":"msrc","external_id":"CVE-2026-11159","title":"CVE-2026-11159: Chromium: CVE-2026-11159 Uninitialized Use in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-11159"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11159","csirts_url":"https://www.csirts.com/advisory/cve-2026-11159-4684"},{"num":5173,"source_id":"msrc","external_id":"CVE-2026-48582","title":"CVE-2026-48582: Microsoft Exchange Online Elevation of Privilege Vulnerability","severity":"critical","cvss":9.6,"cves":["CVE-2026-48582"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48582","csirts_url":"https://www.csirts.com/advisory/cve-2026-48582-5173"},{"num":4685,"source_id":"msrc","external_id":"CVE-2026-11160","title":"CVE-2026-11160: Chromium: CVE-2026-11160 Out of bounds read in Input","severity":"unknown","cvss":null,"cves":["CVE-2026-11160"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11160","csirts_url":"https://www.csirts.com/advisory/cve-2026-11160-4685"},{"num":4686,"source_id":"msrc","external_id":"CVE-2026-11158","title":"CVE-2026-11158: Chromium: CVE-2026-11158 Insufficient validation of untrusted input in Downloads","severity":"unknown","cvss":null,"cves":["CVE-2026-11158"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11158","csirts_url":"https://www.csirts.com/advisory/cve-2026-11158-4686"},{"num":4687,"source_id":"msrc","external_id":"CVE-2026-11161","title":"CVE-2026-11161: Chromium: CVE-2026-11161 Insufficient data validation in DataTransfer","severity":"unknown","cvss":null,"cves":["CVE-2026-11161"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11161","csirts_url":"https://www.csirts.com/advisory/cve-2026-11161-4687"},{"num":4688,"source_id":"msrc","external_id":"CVE-2026-11162","title":"CVE-2026-11162: Chromium: CVE-2026-11162 Insufficient policy enforcement in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11162"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11162","csirts_url":"https://www.csirts.com/advisory/cve-2026-11162-4688"},{"num":4689,"source_id":"msrc","external_id":"CVE-2026-11168","title":"CVE-2026-11168: Chromium: CVE-2026-11168 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11168"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11168","csirts_url":"https://www.csirts.com/advisory/cve-2026-11168-4689"},{"num":4690,"source_id":"msrc","external_id":"CVE-2026-11169","title":"CVE-2026-11169: Chromium: CVE-2026-11169 Inappropriate implementation in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-11169"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11169","csirts_url":"https://www.csirts.com/advisory/cve-2026-11169-4690"},{"num":4691,"source_id":"msrc","external_id":"CVE-2026-11164","title":"CVE-2026-11164: Chromium: CVE-2026-11164 Use after free in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-11164"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11164","csirts_url":"https://www.csirts.com/advisory/cve-2026-11164-4691"},{"num":4692,"source_id":"msrc","external_id":"CVE-2026-11166","title":"CVE-2026-11166: Chromium: CVE-2026-11166 Inappropriate implementation in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-11166"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11166","csirts_url":"https://www.csirts.com/advisory/cve-2026-11166-4692"},{"num":4693,"source_id":"msrc","external_id":"CVE-2026-11170","title":"CVE-2026-11170: Chromium: CVE-2026-11170 Inappropriate implementation in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11170"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11170","csirts_url":"https://www.csirts.com/advisory/cve-2026-11170-4693"},{"num":4694,"source_id":"msrc","external_id":"CVE-2026-11171","title":"CVE-2026-11171: Chromium: CVE-2026-11171 Integer overflow in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-11171"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11171","csirts_url":"https://www.csirts.com/advisory/cve-2026-11171-4694"},{"num":4695,"source_id":"msrc","external_id":"CVE-2026-11174","title":"CVE-2026-11174: Chromium: CVE-2026-11174 Insufficient policy enforcement in Site Isolation","severity":"unknown","cvss":null,"cves":["CVE-2026-11174"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11174","csirts_url":"https://www.csirts.com/advisory/cve-2026-11174-4695"},{"num":4696,"source_id":"msrc","external_id":"CVE-2026-11176","title":"CVE-2026-11176: Chromium: CVE-2026-11176 Inappropriate implementation in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11176"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11176","csirts_url":"https://www.csirts.com/advisory/cve-2026-11176-4696"},{"num":4697,"source_id":"msrc","external_id":"CVE-2026-11173","title":"CVE-2026-11173: Chromium: CVE-2026-11173 Out of bounds write in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11173"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11173","csirts_url":"https://www.csirts.com/advisory/cve-2026-11173-4697"},{"num":4698,"source_id":"msrc","external_id":"CVE-2026-11177","title":"CVE-2026-11177: Chromium: CVE-2026-11177 Use after free in Omnibox","severity":"unknown","cvss":null,"cves":["CVE-2026-11177"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11177","csirts_url":"https://www.csirts.com/advisory/cve-2026-11177-4698"},{"num":4699,"source_id":"msrc","external_id":"CVE-2026-11179","title":"CVE-2026-11179: Chromium: CVE-2026-11179 Inappropriate implementation in ORB","severity":"unknown","cvss":null,"cves":["CVE-2026-11179"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11179","csirts_url":"https://www.csirts.com/advisory/cve-2026-11179-4699"},{"num":4700,"source_id":"msrc","external_id":"CVE-2026-11180","title":"CVE-2026-11180: Chromium: CVE-2026-11180 Policy bypass in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-11180"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11180","csirts_url":"https://www.csirts.com/advisory/cve-2026-11180-4700"},{"num":4701,"source_id":"msrc","external_id":"CVE-2026-11182","title":"CVE-2026-11182: Chromium: CVE-2026-11182 Inappropriate implementation in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-11182"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11182","csirts_url":"https://www.csirts.com/advisory/cve-2026-11182-4701"},{"num":4702,"source_id":"msrc","external_id":"CVE-2026-11184","title":"CVE-2026-11184: Chromium: CVE-2026-11184 Insufficient policy enforcement in Actor","severity":"unknown","cvss":null,"cves":["CVE-2026-11184"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11184","csirts_url":"https://www.csirts.com/advisory/cve-2026-11184-4702"},{"num":4703,"source_id":"msrc","external_id":"CVE-2026-11181","title":"CVE-2026-11181: Chromium: CVE-2026-11181 Inappropriate implementation in Media Session","severity":"unknown","cvss":null,"cves":["CVE-2026-11181"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11181","csirts_url":"https://www.csirts.com/advisory/cve-2026-11181-4703"},{"num":4704,"source_id":"msrc","external_id":"CVE-2026-11185","title":"CVE-2026-11185: Chromium: CVE-2026-11185 Use after free in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11185"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11185","csirts_url":"https://www.csirts.com/advisory/cve-2026-11185-4704"},{"num":4705,"source_id":"msrc","external_id":"CVE-2026-11186","title":"CVE-2026-11186: Chromium: CVE-2026-11186 Inappropriate implementation in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11186"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11186","csirts_url":"https://www.csirts.com/advisory/cve-2026-11186-4705"},{"num":4706,"source_id":"msrc","external_id":"CVE-2026-11187","title":"CVE-2026-11187: Chromium: CVE-2026-11187 Insufficient policy enforcement in Glic","severity":"unknown","cvss":null,"cves":["CVE-2026-11187"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11187","csirts_url":"https://www.csirts.com/advisory/cve-2026-11187-4706"},{"num":4707,"source_id":"msrc","external_id":"CVE-2026-11192","title":"CVE-2026-11192: Chromium: CVE-2026-11192 Insufficient validation of untrusted input in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11192"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11192","csirts_url":"https://www.csirts.com/advisory/cve-2026-11192-4707"},{"num":4708,"source_id":"msrc","external_id":"CVE-2026-11189","title":"CVE-2026-11189: Chromium: CVE-2026-11189 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11189"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11189","csirts_url":"https://www.csirts.com/advisory/cve-2026-11189-4708"},{"num":4709,"source_id":"msrc","external_id":"CVE-2026-11191","title":"CVE-2026-11191: Chromium: CVE-2026-11191 Out of bounds memory access in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11191"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11191","csirts_url":"https://www.csirts.com/advisory/cve-2026-11191-4709"},{"num":4710,"source_id":"msrc","external_id":"CVE-2026-11190","title":"CVE-2026-11190: Chromium: CVE-2026-11190 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11190"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11190","csirts_url":"https://www.csirts.com/advisory/cve-2026-11190-4710"},{"num":4711,"source_id":"msrc","external_id":"CVE-2026-11193","title":"CVE-2026-11193: Chromium: CVE-2026-11193 Insufficient policy enforcement in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11193"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11193","csirts_url":"https://www.csirts.com/advisory/cve-2026-11193-4711"},{"num":4712,"source_id":"msrc","external_id":"CVE-2026-11194","title":"CVE-2026-11194: Chromium: CVE-2026-11194 Inappropriate implementation in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11194"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11194","csirts_url":"https://www.csirts.com/advisory/cve-2026-11194-4712"},{"num":4713,"source_id":"msrc","external_id":"CVE-2026-11196","title":"CVE-2026-11196: Chromium: CVE-2026-11196 Type Confusion in XML","severity":"unknown","cvss":null,"cves":["CVE-2026-11196"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11196","csirts_url":"https://www.csirts.com/advisory/cve-2026-11196-4713"},{"num":4714,"source_id":"msrc","external_id":"CVE-2026-11195","title":"CVE-2026-11195: Chromium: CVE-2026-11195 Inappropriate implementation in MHTML","severity":"unknown","cvss":null,"cves":["CVE-2026-11195"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11195","csirts_url":"https://www.csirts.com/advisory/cve-2026-11195-4714"},{"num":4715,"source_id":"msrc","external_id":"CVE-2026-11197","title":"CVE-2026-11197: Chromium: CVE-2026-11197 Insufficient policy enforcement in Workers","severity":"unknown","cvss":null,"cves":["CVE-2026-11197"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11197","csirts_url":"https://www.csirts.com/advisory/cve-2026-11197-4715"},{"num":4716,"source_id":"msrc","external_id":"CVE-2026-11198","title":"CVE-2026-11198: Chromium: CVE-2026-11198 Insufficient validation of untrusted input in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11198"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11198","csirts_url":"https://www.csirts.com/advisory/cve-2026-11198-4716"},{"num":4717,"source_id":"msrc","external_id":"CVE-2026-11199","title":"CVE-2026-11199: Chromium: CVE-2026-11199 Insufficient validation of untrusted input in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11199"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11199","csirts_url":"https://www.csirts.com/advisory/cve-2026-11199-4717"},{"num":4718,"source_id":"msrc","external_id":"CVE-2026-11201","title":"CVE-2026-11201: Chromium: CVE-2026-11201 Use after free in ServiceWorker","severity":"unknown","cvss":null,"cves":["CVE-2026-11201"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11201","csirts_url":"https://www.csirts.com/advisory/cve-2026-11201-4718"},{"num":4719,"source_id":"msrc","external_id":"CVE-2026-11203","title":"CVE-2026-11203: Chromium: CVE-2026-11203 Policy bypass in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11203"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11203","csirts_url":"https://www.csirts.com/advisory/cve-2026-11203-4719"},{"num":4720,"source_id":"msrc","external_id":"CVE-2026-11200","title":"CVE-2026-11200: Chromium: CVE-2026-11200 Inappropriate implementation in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11200"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11200","csirts_url":"https://www.csirts.com/advisory/cve-2026-11200-4720"},{"num":4721,"source_id":"msrc","external_id":"CVE-2026-11207","title":"CVE-2026-11207: Chromium: CVE-2026-11207 Insufficient validation of untrusted input in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-11207"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11207","csirts_url":"https://www.csirts.com/advisory/cve-2026-11207-4721"},{"num":4722,"source_id":"msrc","external_id":"CVE-2026-11206","title":"CVE-2026-11206: Chromium: CVE-2026-11206 Policy bypass in ServiceWorker","severity":"unknown","cvss":null,"cves":["CVE-2026-11206"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11206","csirts_url":"https://www.csirts.com/advisory/cve-2026-11206-4722"},{"num":4723,"source_id":"msrc","external_id":"CVE-2026-11208","title":"CVE-2026-11208: Chromium: CVE-2026-11208 Use after free in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11208"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11208","csirts_url":"https://www.csirts.com/advisory/cve-2026-11208-4723"},{"num":4724,"source_id":"msrc","external_id":"CVE-2026-11209","title":"CVE-2026-11209: Chromium: CVE-2026-11209 Insufficient policy enforcement in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-11209"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11209","csirts_url":"https://www.csirts.com/advisory/cve-2026-11209-4724"},{"num":4725,"source_id":"msrc","external_id":"CVE-2026-11210","title":"CVE-2026-11210: Chromium: CVE-2026-11210 Insufficient policy enforcement in Safe Browsing","severity":"unknown","cvss":null,"cves":["CVE-2026-11210"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11210","csirts_url":"https://www.csirts.com/advisory/cve-2026-11210-4725"},{"num":4726,"source_id":"msrc","external_id":"CVE-2026-11211","title":"CVE-2026-11211: Chromium: CVE-2026-11211 Integer overflow in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11211"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11211","csirts_url":"https://www.csirts.com/advisory/cve-2026-11211-4726"},{"num":4727,"source_id":"msrc","external_id":"CVE-2026-11212","title":"CVE-2026-11212: Chromium: CVE-2026-11212 Insufficient policy enforcement in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11212"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11212","csirts_url":"https://www.csirts.com/advisory/cve-2026-11212-4727"},{"num":4728,"source_id":"msrc","external_id":"CVE-2026-11213","title":"CVE-2026-11213: Chromium: CVE-2026-11213 Insufficient validation of untrusted input in Reading Mode","severity":"unknown","cvss":null,"cves":["CVE-2026-11213"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11213","csirts_url":"https://www.csirts.com/advisory/cve-2026-11213-4728"},{"num":4729,"source_id":"msrc","external_id":"CVE-2026-11216","title":"CVE-2026-11216: Chromium: CVE-2026-11216 Incorrect security UI in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-11216"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11216","csirts_url":"https://www.csirts.com/advisory/cve-2026-11216-4729"},{"num":4730,"source_id":"msrc","external_id":"CVE-2026-11217","title":"CVE-2026-11217: Chromium: CVE-2026-11217 Insufficient policy enforcement in Fenced Frames","severity":"unknown","cvss":null,"cves":["CVE-2026-11217"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11217","csirts_url":"https://www.csirts.com/advisory/cve-2026-11217-4730"},{"num":4731,"source_id":"msrc","external_id":"CVE-2026-11218","title":"CVE-2026-11218: Chromium: CVE-2026-11218 Inappropriate implementation in PlatformIntegration","severity":"unknown","cvss":null,"cves":["CVE-2026-11218"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11218","csirts_url":"https://www.csirts.com/advisory/cve-2026-11218-4731"},{"num":4732,"source_id":"msrc","external_id":"CVE-2026-11219","title":"CVE-2026-11219: Chromium: CVE-2026-11219 Insufficient data validation in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-11219"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11219","csirts_url":"https://www.csirts.com/advisory/cve-2026-11219-4732"},{"num":4733,"source_id":"msrc","external_id":"CVE-2026-11221","title":"CVE-2026-11221: Chromium: CVE-2026-11221 Insufficient validation of untrusted input in PointerLock","severity":"unknown","cvss":null,"cves":["CVE-2026-11221"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11221","csirts_url":"https://www.csirts.com/advisory/cve-2026-11221-4733"},{"num":4734,"source_id":"msrc","external_id":"CVE-2026-11220","title":"CVE-2026-11220: Chromium: CVE-2026-11220 Insufficient validation of untrusted input in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-11220"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11220","csirts_url":"https://www.csirts.com/advisory/cve-2026-11220-4734"},{"num":4735,"source_id":"msrc","external_id":"CVE-2026-11222","title":"CVE-2026-11222: Chromium: CVE-2026-11222 Incorrect security UI in Tab Strip","severity":"unknown","cvss":null,"cves":["CVE-2026-11222"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11222","csirts_url":"https://www.csirts.com/advisory/cve-2026-11222-4735"},{"num":4736,"source_id":"msrc","external_id":"CVE-2026-11223","title":"CVE-2026-11223: Chromium: CVE-2026-11223 Insufficient validation of untrusted input in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11223"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11223","csirts_url":"https://www.csirts.com/advisory/cve-2026-11223-4736"},{"num":4737,"source_id":"msrc","external_id":"CVE-2026-11224","title":"CVE-2026-11224: Chromium: CVE-2026-11224 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11224"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11224","csirts_url":"https://www.csirts.com/advisory/cve-2026-11224-4737"},{"num":4738,"source_id":"msrc","external_id":"CVE-2026-11229","title":"CVE-2026-11229: Chromium: CVE-2026-11229 Insufficient policy enforcement in Enterprise","severity":"unknown","cvss":null,"cves":["CVE-2026-11229"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11229","csirts_url":"https://www.csirts.com/advisory/cve-2026-11229-4738"},{"num":4739,"source_id":"msrc","external_id":"CVE-2026-11230","title":"CVE-2026-11230: Chromium: CVE-2026-11230 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11230"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11230","csirts_url":"https://www.csirts.com/advisory/cve-2026-11230-4739"},{"num":4740,"source_id":"msrc","external_id":"CVE-2026-11231","title":"CVE-2026-11231: Chromium: CVE-2026-11231 Inappropriate implementation in Safe Browsing","severity":"unknown","cvss":null,"cves":["CVE-2026-11231"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11231","csirts_url":"https://www.csirts.com/advisory/cve-2026-11231-4740"},{"num":4741,"source_id":"msrc","external_id":"CVE-2026-11225","title":"CVE-2026-11225: Chromium: CVE-2026-11225 Incorrect security UI in WebUI","severity":"unknown","cvss":null,"cves":["CVE-2026-11225"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11225","csirts_url":"https://www.csirts.com/advisory/cve-2026-11225-4741"},{"num":4742,"source_id":"msrc","external_id":"CVE-2026-11228","title":"CVE-2026-11228: Chromium: CVE-2026-11228 Incorrect security UI in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-11228"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11228","csirts_url":"https://www.csirts.com/advisory/cve-2026-11228-4742"},{"num":4743,"source_id":"msrc","external_id":"CVE-2026-11227","title":"CVE-2026-11227: Chromium: CVE-2026-11227 Incorrect security UI in Tab Hover Cards","severity":"unknown","cvss":null,"cves":["CVE-2026-11227"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11227","csirts_url":"https://www.csirts.com/advisory/cve-2026-11227-4743"},{"num":4744,"source_id":"msrc","external_id":"CVE-2026-11232","title":"CVE-2026-11232: Chromium: CVE-2026-11232 Inappropriate implementation in TabGroups","severity":"unknown","cvss":null,"cves":["CVE-2026-11232"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11232","csirts_url":"https://www.csirts.com/advisory/cve-2026-11232-4744"},{"num":4745,"source_id":"msrc","external_id":"CVE-2026-11233","title":"CVE-2026-11233: Chromium: CVE-2026-11233 Insufficient validation of untrusted input in FoldableAPIs","severity":"unknown","cvss":null,"cves":["CVE-2026-11233"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11233","csirts_url":"https://www.csirts.com/advisory/cve-2026-11233-4745"},{"num":4746,"source_id":"msrc","external_id":"CVE-2026-11234","title":"CVE-2026-11234: Chromium: CVE-2026-11234 Insufficient policy enforcement in FoldableAPIs","severity":"unknown","cvss":null,"cves":["CVE-2026-11234"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11234","csirts_url":"https://www.csirts.com/advisory/cve-2026-11234-4746"},{"num":4747,"source_id":"msrc","external_id":"CVE-2026-11238","title":"CVE-2026-11238: Chromium: CVE-2026-11238 Inappropriate implementation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11238"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11238","csirts_url":"https://www.csirts.com/advisory/cve-2026-11238-4747"},{"num":4748,"source_id":"msrc","external_id":"CVE-2026-11235","title":"CVE-2026-11235: Chromium: CVE-2026-11235 Insufficient validation of untrusted input in Compositing","severity":"unknown","cvss":null,"cves":["CVE-2026-11235"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11235","csirts_url":"https://www.csirts.com/advisory/cve-2026-11235-4748"},{"num":4749,"source_id":"msrc","external_id":"CVE-2026-11237","title":"CVE-2026-11237: Chromium: CVE-2026-11237 Insufficient validation of untrusted input in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11237"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11237","csirts_url":"https://www.csirts.com/advisory/cve-2026-11237-4749"},{"num":4750,"source_id":"msrc","external_id":"CVE-2026-11236","title":"CVE-2026-11236: Chromium: CVE-2026-11236 Insufficient policy enforcement in Web Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-11236"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11236","csirts_url":"https://www.csirts.com/advisory/cve-2026-11236-4750"},{"num":4751,"source_id":"msrc","external_id":"CVE-2026-11239","title":"CVE-2026-11239: Chromium: CVE-2026-11239 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11239"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11239","csirts_url":"https://www.csirts.com/advisory/cve-2026-11239-4751"},{"num":4752,"source_id":"msrc","external_id":"CVE-2026-11240","title":"CVE-2026-11240: Chromium: CVE-2026-11240 Insufficient validation of untrusted input in Loader","severity":"unknown","cvss":null,"cves":["CVE-2026-11240"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11240","csirts_url":"https://www.csirts.com/advisory/cve-2026-11240-4752"},{"num":4753,"source_id":"msrc","external_id":"CVE-2026-11244","title":"CVE-2026-11244: Chromium: CVE-2026-11244 Insufficient validation of untrusted input in WebAuthentication","severity":"unknown","cvss":null,"cves":["CVE-2026-11244"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11244","csirts_url":"https://www.csirts.com/advisory/cve-2026-11244-4753"},{"num":4754,"source_id":"msrc","external_id":"CVE-2026-11242","title":"CVE-2026-11242: Chromium: CVE-2026-11242 Insufficient validation of untrusted input in Plugins","severity":"unknown","cvss":null,"cves":["CVE-2026-11242"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11242","csirts_url":"https://www.csirts.com/advisory/cve-2026-11242-4754"},{"num":4755,"source_id":"msrc","external_id":"CVE-2026-11243","title":"CVE-2026-11243: Chromium: CVE-2026-11243 Incorrect security UI in Downloads","severity":"unknown","cvss":null,"cves":["CVE-2026-11243"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11243","csirts_url":"https://www.csirts.com/advisory/cve-2026-11243-4755"},{"num":4756,"source_id":"msrc","external_id":"CVE-2026-11241","title":"CVE-2026-11241: Chromium: CVE-2026-11241 Insufficient validation of untrusted input in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-11241"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11241","csirts_url":"https://www.csirts.com/advisory/cve-2026-11241-4756"},{"num":4757,"source_id":"msrc","external_id":"CVE-2026-11245","title":"CVE-2026-11245: Chromium: CVE-2026-11245 Inappropriate implementation in Payments","severity":"unknown","cvss":null,"cves":["CVE-2026-11245"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11245","csirts_url":"https://www.csirts.com/advisory/cve-2026-11245-4757"},{"num":4758,"source_id":"msrc","external_id":"CVE-2026-11249","title":"CVE-2026-11249: Chromium: CVE-2026-11249 Use after free in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11249"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11249","csirts_url":"https://www.csirts.com/advisory/cve-2026-11249-4758"},{"num":4759,"source_id":"msrc","external_id":"CVE-2026-11251","title":"CVE-2026-11251: Chromium: CVE-2026-11251 Insufficient validation of untrusted input in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11251"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11251","csirts_url":"https://www.csirts.com/advisory/cve-2026-11251-4759"},{"num":4760,"source_id":"msrc","external_id":"CVE-2026-11250","title":"CVE-2026-11250: Chromium: CVE-2026-11250 Inappropriate implementation in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11250"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11250","csirts_url":"https://www.csirts.com/advisory/cve-2026-11250-4760"},{"num":4761,"source_id":"msrc","external_id":"CVE-2026-11248","title":"CVE-2026-11248: Chromium: CVE-2026-11248 Policy bypass in Google Lens","severity":"unknown","cvss":null,"cves":["CVE-2026-11248"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11248","csirts_url":"https://www.csirts.com/advisory/cve-2026-11248-4761"},{"num":4762,"source_id":"msrc","external_id":"CVE-2026-11252","title":"CVE-2026-11252: Chromium: CVE-2026-11252 Policy bypass in Content Settings","severity":"unknown","cvss":null,"cves":["CVE-2026-11252"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11252","csirts_url":"https://www.csirts.com/advisory/cve-2026-11252-4762"},{"num":4763,"source_id":"msrc","external_id":"CVE-2026-11246","title":"CVE-2026-11246: Chromium: CVE-2026-11246 Insufficient validation of untrusted input in IndexedDB","severity":"unknown","cvss":null,"cves":["CVE-2026-11246"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11246","csirts_url":"https://www.csirts.com/advisory/cve-2026-11246-4763"},{"num":4764,"source_id":"msrc","external_id":"CVE-2026-11253","title":"CVE-2026-11253: Chromium: CVE-2026-11253 Race in Permissions","severity":"unknown","cvss":null,"cves":["CVE-2026-11253"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11253","csirts_url":"https://www.csirts.com/advisory/cve-2026-11253-4764"},{"num":4765,"source_id":"msrc","external_id":"CVE-2026-11254","title":"CVE-2026-11254: Chromium: CVE-2026-11254 Inappropriate implementation in Permissions","severity":"unknown","cvss":null,"cves":["CVE-2026-11254"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11254","csirts_url":"https://www.csirts.com/advisory/cve-2026-11254-4765"},{"num":4766,"source_id":"msrc","external_id":"CVE-2026-11255","title":"CVE-2026-11255: Chromium: CVE-2026-11255 Insufficient validation of untrusted input in Storage Access API","severity":"unknown","cvss":null,"cves":["CVE-2026-11255"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11255","csirts_url":"https://www.csirts.com/advisory/cve-2026-11255-4766"},{"num":4767,"source_id":"msrc","external_id":"CVE-2026-11257","title":"CVE-2026-11257: Chromium: CVE-2026-11257 Inappropriate implementation in Browser","severity":"unknown","cvss":null,"cves":["CVE-2026-11257"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11257","csirts_url":"https://www.csirts.com/advisory/cve-2026-11257-4767"},{"num":4768,"source_id":"msrc","external_id":"CVE-2026-11256","title":"CVE-2026-11256: Chromium: CVE-2026-11256 Out of bounds read in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11256"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11256","csirts_url":"https://www.csirts.com/advisory/cve-2026-11256-4768"},{"num":4769,"source_id":"msrc","external_id":"CVE-2026-11258","title":"CVE-2026-11258: Chromium: CVE-2026-11258 Inappropriate implementation in File System Access","severity":"unknown","cvss":null,"cves":["CVE-2026-11258"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11258","csirts_url":"https://www.csirts.com/advisory/cve-2026-11258-4769"},{"num":4770,"source_id":"msrc","external_id":"CVE-2026-11259","title":"CVE-2026-11259: Chromium: CVE-2026-11259 Insufficient validation of untrusted input in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-11259"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11259","csirts_url":"https://www.csirts.com/advisory/cve-2026-11259-4770"},{"num":4771,"source_id":"msrc","external_id":"CVE-2026-11260","title":"CVE-2026-11260: Chromium: CVE-2026-11260 Policy bypass in Permissions","severity":"unknown","cvss":null,"cves":["CVE-2026-11260"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11260","csirts_url":"https://www.csirts.com/advisory/cve-2026-11260-4771"},{"num":4772,"source_id":"msrc","external_id":"CVE-2026-11261","title":"CVE-2026-11261: Chromium: CVE-2026-11261 Insufficient validation of untrusted input in PDF","severity":"unknown","cvss":null,"cves":["CVE-2026-11261"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11261","csirts_url":"https://www.csirts.com/advisory/cve-2026-11261-4772"},{"num":4773,"source_id":"msrc","external_id":"CVE-2026-11262","title":"CVE-2026-11262: Chromium: CVE-2026-11262 Use after free in TabStrip","severity":"unknown","cvss":null,"cves":["CVE-2026-11262"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11262","csirts_url":"https://www.csirts.com/advisory/cve-2026-11262-4773"},{"num":4774,"source_id":"msrc","external_id":"CVE-2026-11265","title":"CVE-2026-11265: Chromium: CVE-2026-11265 Insufficient data validation in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-11265"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11265","csirts_url":"https://www.csirts.com/advisory/cve-2026-11265-4774"},{"num":4775,"source_id":"msrc","external_id":"CVE-2026-11264","title":"CVE-2026-11264: Chromium: CVE-2026-11264 Policy bypass in Content Security Policy","severity":"unknown","cvss":null,"cves":["CVE-2026-11264"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11264","csirts_url":"https://www.csirts.com/advisory/cve-2026-11264-4775"},{"num":4776,"source_id":"msrc","external_id":"CVE-2026-11266","title":"CVE-2026-11266: Chromium: CVE-2026-11266 Policy bypass in SafeBrowsing","severity":"unknown","cvss":null,"cves":["CVE-2026-11266"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11266","csirts_url":"https://www.csirts.com/advisory/cve-2026-11266-4776"},{"num":4777,"source_id":"msrc","external_id":"CVE-2026-11267","title":"CVE-2026-11267: Chromium: CVE-2026-11267 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11267"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11267","csirts_url":"https://www.csirts.com/advisory/cve-2026-11267-4777"},{"num":4778,"source_id":"msrc","external_id":"CVE-2026-11268","title":"CVE-2026-11268: Chromium: CVE-2026-11268 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11268"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11268","csirts_url":"https://www.csirts.com/advisory/cve-2026-11268-4778"},{"num":4779,"source_id":"msrc","external_id":"CVE-2026-11269","title":"CVE-2026-11269: Chromium: CVE-2026-11269 Inappropriate implementation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11269"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11269","csirts_url":"https://www.csirts.com/advisory/cve-2026-11269-4779"},{"num":4780,"source_id":"msrc","external_id":"CVE-2026-11271","title":"CVE-2026-11271: Chromium: CVE-2026-11271 Incorrect security UI in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-11271"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11271","csirts_url":"https://www.csirts.com/advisory/cve-2026-11271-4780"},{"num":4781,"source_id":"msrc","external_id":"CVE-2026-11273","title":"CVE-2026-11273: Chromium: CVE-2026-11273 Insufficient validation of untrusted input in Omnibox","severity":"unknown","cvss":null,"cves":["CVE-2026-11273"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11273","csirts_url":"https://www.csirts.com/advisory/cve-2026-11273-4781"},{"num":4782,"source_id":"msrc","external_id":"CVE-2026-50508","title":"CVE-2026-50508: Windows NTLM Spoofing Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-50508"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50508","csirts_url":"https://www.csirts.com/advisory/cve-2026-50508-4782"},{"num":4783,"source_id":"msrc","external_id":"CVE-2026-26142","title":"CVE-2026-26142: Nuance PowerScribe Remote Code Execution Vulnerability","severity":"critical","cvss":9.8,"cves":["CVE-2026-26142"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26142","csirts_url":"https://www.csirts.com/advisory/cve-2026-26142-4783"},{"num":4784,"source_id":"msrc","external_id":"CVE-2026-11012","title":"CVE-2026-11012: Chromium: CVE-2026-11012 Use after free in Serial","severity":"unknown","cvss":null,"cves":["CVE-2026-11012"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11012","csirts_url":"https://www.csirts.com/advisory/cve-2026-11012-4784"},{"num":4785,"source_id":"msrc","external_id":"CVE-2026-11029","title":"CVE-2026-11029: Chromium: CVE-2026-11029 Insufficient validation of untrusted input in Drag and Drop","severity":"unknown","cvss":null,"cves":["CVE-2026-11029"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11029","csirts_url":"https://www.csirts.com/advisory/cve-2026-11029-4785"},{"num":4786,"source_id":"msrc","external_id":"CVE-2026-11045","title":"CVE-2026-11045: Chromium: CVE-2026-11045 Insufficient validation of untrusted input in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11045"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11045","csirts_url":"https://www.csirts.com/advisory/cve-2026-11045-4786"},{"num":4787,"source_id":"msrc","external_id":"CVE-2026-11065","title":"CVE-2026-11065: Chromium: CVE-2026-11065 Use after free in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11065"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11065","csirts_url":"https://www.csirts.com/advisory/cve-2026-11065-4787"},{"num":4788,"source_id":"msrc","external_id":"CVE-2026-11072","title":"CVE-2026-11072: Chromium: CVE-2026-11072 Use after free in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11072"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11072","csirts_url":"https://www.csirts.com/advisory/cve-2026-11072-4788"},{"num":4789,"source_id":"msrc","external_id":"CVE-2026-11080","title":"CVE-2026-11080: Chromium: CVE-2026-11080 Use after free in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11080"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11080","csirts_url":"https://www.csirts.com/advisory/cve-2026-11080-4789"},{"num":4790,"source_id":"msrc","external_id":"CVE-2026-11082","title":"CVE-2026-11082: Chromium: CVE-2026-11082 Use after free in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11082"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11082","csirts_url":"https://www.csirts.com/advisory/cve-2026-11082-4790"},{"num":4791,"source_id":"msrc","external_id":"CVE-2026-11108","title":"CVE-2026-11108: Chromium: CVE-2026-11108 Inappropriate implementation in NFC","severity":"unknown","cvss":null,"cves":["CVE-2026-11108"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11108","csirts_url":"https://www.csirts.com/advisory/cve-2026-11108-4791"},{"num":4792,"source_id":"msrc","external_id":"CVE-2026-11119","title":"CVE-2026-11119: Chromium: CVE-2026-11119 Insufficient validation of untrusted input in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11119"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11119","csirts_url":"https://www.csirts.com/advisory/cve-2026-11119-4792"},{"num":4793,"source_id":"msrc","external_id":"CVE-2026-11131","title":"CVE-2026-11131: Chromium: CVE-2026-11131 Use after free in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-11131"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11131","csirts_url":"https://www.csirts.com/advisory/cve-2026-11131-4793"},{"num":4794,"source_id":"msrc","external_id":"CVE-2026-11145","title":"CVE-2026-11145: Chromium: CVE-2026-11145 Race in Geolocation","severity":"unknown","cvss":null,"cves":["CVE-2026-11145"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11145","csirts_url":"https://www.csirts.com/advisory/cve-2026-11145-4794"},{"num":4795,"source_id":"msrc","external_id":"CVE-2026-11148","title":"CVE-2026-11148: Chromium: CVE-2026-11148 Inappropriate implementation in Payments","severity":"unknown","cvss":null,"cves":["CVE-2026-11148"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11148","csirts_url":"https://www.csirts.com/advisory/cve-2026-11148-4795"},{"num":4796,"source_id":"msrc","external_id":"CVE-2026-11175","title":"CVE-2026-11175: Chromium: CVE-2026-11175 Incorrect security UI in Messages","severity":"unknown","cvss":null,"cves":["CVE-2026-11175"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11175","csirts_url":"https://www.csirts.com/advisory/cve-2026-11175-4796"},{"num":4797,"source_id":"msrc","external_id":"CVE-2026-11188","title":"CVE-2026-11188: Chromium: CVE-2026-11188 Use after free in USB","severity":"unknown","cvss":null,"cves":["CVE-2026-11188"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11188","csirts_url":"https://www.csirts.com/advisory/cve-2026-11188-4797"},{"num":4798,"source_id":"msrc","external_id":"CVE-2026-11226","title":"CVE-2026-11226: Chromium: CVE-2026-11226 Insufficient policy enforcement in PreviewTab","severity":"unknown","cvss":null,"cves":["CVE-2026-11226"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11226","csirts_url":"https://www.csirts.com/advisory/cve-2026-11226-4798"},{"num":4799,"source_id":"msrc","external_id":"CVE-2026-11263","title":"CVE-2026-11263: Chromium: CVE-2026-11263 Insufficient policy enforcement in WebAuthentication","severity":"unknown","cvss":null,"cves":["CVE-2026-11263"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11263","csirts_url":"https://www.csirts.com/advisory/cve-2026-11263-4799"},{"num":4800,"source_id":"msrc","external_id":"CVE-2026-11287","title":"CVE-2026-11287: Chromium: CVE-2026-11287 Insufficient validation of untrusted input in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-11287"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11287","csirts_url":"https://www.csirts.com/advisory/cve-2026-11287-4800"},{"num":4801,"source_id":"msrc","external_id":"CVE-2026-11295","title":"CVE-2026-11295: Chromium: CVE-2026-11295 Inappropriate implementation in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-11295"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11295","csirts_url":"https://www.csirts.com/advisory/cve-2026-11295-4801"},{"num":4802,"source_id":"msrc","external_id":"CVE-2026-12019","title":"CVE-2026-12019: Chromium: CVE-2026-12019 Out of bounds write Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-12019"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12019","csirts_url":"https://www.csirts.com/advisory/cve-2026-12019-4802"},{"num":4803,"source_id":"msrc","external_id":"CVE-2026-12016","title":"CVE-2026-12016: Chromium: CVE-2026-12016 Insufficient validation of untrusted input DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-12016"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12016","csirts_url":"https://www.csirts.com/advisory/cve-2026-12016-4803"},{"num":4804,"source_id":"msrc","external_id":"CVE-2026-12015","title":"CVE-2026-12015: Chromium: CVE-2026-12015 Use after free Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-12015"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12015","csirts_url":"https://www.csirts.com/advisory/cve-2026-12015-4804"},{"num":4805,"source_id":"msrc","external_id":"CVE-2026-11628","title":"CVE-2026-11628: Chromium: CVE-2026-11628 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-11628"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11628","csirts_url":"https://www.csirts.com/advisory/cve-2026-11628-4805"},{"num":4806,"source_id":"msrc","external_id":"CVE-2026-11629","title":"CVE-2026-11629: Chromium: CVE-2026-11629 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-11629"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11629","csirts_url":"https://www.csirts.com/advisory/cve-2026-11629-4806"},{"num":4807,"source_id":"msrc","external_id":"CVE-2026-11631","title":"CVE-2026-11631: Chromium: CVE-2026-11631 Use after free in Aura","severity":"unknown","cvss":null,"cves":["CVE-2026-11631"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11631","csirts_url":"https://www.csirts.com/advisory/cve-2026-11631-4807"},{"num":4808,"source_id":"msrc","external_id":"CVE-2026-11630","title":"CVE-2026-11630: Chromium: CVE-2026-11630 Use after free in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-11630"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11630","csirts_url":"https://www.csirts.com/advisory/cve-2026-11630-4808"},{"num":4809,"source_id":"msrc","external_id":"CVE-2026-11632","title":"CVE-2026-11632: Chromium: CVE-2026-11632 Use after free in TabStrip","severity":"unknown","cvss":null,"cves":["CVE-2026-11632"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11632","csirts_url":"https://www.csirts.com/advisory/cve-2026-11632-4809"},{"num":4810,"source_id":"msrc","external_id":"CVE-2026-11633","title":"CVE-2026-11633: Chromium: CVE-2026-11633 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-11633"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11633","csirts_url":"https://www.csirts.com/advisory/cve-2026-11633-4810"},{"num":4811,"source_id":"msrc","external_id":"CVE-2026-11634","title":"CVE-2026-11634: Chromium: CVE-2026-11634 Use after free in Gamepad","severity":"unknown","cvss":null,"cves":["CVE-2026-11634"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11634","csirts_url":"https://www.csirts.com/advisory/cve-2026-11634-4811"},{"num":4812,"source_id":"msrc","external_id":"CVE-2026-11635","title":"CVE-2026-11635: Chromium: CVE-2026-11635 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-11635"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11635","csirts_url":"https://www.csirts.com/advisory/cve-2026-11635-4812"},{"num":4813,"source_id":"msrc","external_id":"CVE-2026-11639","title":"CVE-2026-11639: Chromium: CVE-2026-11639 Use after free in Compositing","severity":"unknown","cvss":null,"cves":["CVE-2026-11639"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11639","csirts_url":"https://www.csirts.com/advisory/cve-2026-11639-4813"},{"num":4814,"source_id":"msrc","external_id":"CVE-2026-11637","title":"CVE-2026-11637: Chromium: CVE-2026-11637 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-11637"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11637","csirts_url":"https://www.csirts.com/advisory/cve-2026-11637-4814"},{"num":4815,"source_id":"msrc","external_id":"CVE-2026-11636","title":"CVE-2026-11636: Chromium: CVE-2026-11636 Use after free in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-11636"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11636","csirts_url":"https://www.csirts.com/advisory/cve-2026-11636-4815"},{"num":4816,"source_id":"msrc","external_id":"CVE-2026-11638","title":"CVE-2026-11638: Chromium: CVE-2026-11638 Use after free in Printing","severity":"unknown","cvss":null,"cves":["CVE-2026-11638"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11638","csirts_url":"https://www.csirts.com/advisory/cve-2026-11638-4816"},{"num":4817,"source_id":"msrc","external_id":"CVE-2026-11641","title":"CVE-2026-11641: Chromium: CVE-2026-11641 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-11641"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11641","csirts_url":"https://www.csirts.com/advisory/cve-2026-11641-4817"},{"num":4818,"source_id":"msrc","external_id":"CVE-2026-11640","title":"CVE-2026-11640: Chromium: CVE-2026-11640 Integer overflow in libyuv","severity":"unknown","cvss":null,"cves":["CVE-2026-11640"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11640","csirts_url":"https://www.csirts.com/advisory/cve-2026-11640-4818"},{"num":4819,"source_id":"msrc","external_id":"CVE-2026-11642","title":"CVE-2026-11642: Chromium: CVE-2026-11642 Use after free in Web Apps","severity":"unknown","cvss":null,"cves":["CVE-2026-11642"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11642","csirts_url":"https://www.csirts.com/advisory/cve-2026-11642-4819"},{"num":4820,"source_id":"msrc","external_id":"CVE-2026-11645","title":"CVE-2026-11645: Chromium: CVE-2026-11645 Out of bounds memory access in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11645"],"exploited":true,"has_exploit":true,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11645","csirts_url":"https://www.csirts.com/advisory/cve-2026-11645-4820"},{"num":4821,"source_id":"msrc","external_id":"CVE-2026-11643","title":"CVE-2026-11643: Chromium: CVE-2026-11643 Use after free in Proxy","severity":"unknown","cvss":null,"cves":["CVE-2026-11643"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11643","csirts_url":"https://www.csirts.com/advisory/cve-2026-11643-4821"},{"num":4822,"source_id":"msrc","external_id":"CVE-2026-11644","title":"CVE-2026-11644: Chromium: CVE-2026-11644 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-11644"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11644","csirts_url":"https://www.csirts.com/advisory/cve-2026-11644-4822"},{"num":4823,"source_id":"msrc","external_id":"CVE-2026-11646","title":"CVE-2026-11646: Chromium: CVE-2026-11646 Use after free in ViewTransitions","severity":"unknown","cvss":null,"cves":["CVE-2026-11646"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11646","csirts_url":"https://www.csirts.com/advisory/cve-2026-11646-4823"},{"num":4824,"source_id":"msrc","external_id":"CVE-2026-11658","title":"CVE-2026-11658: Chromium: CVE-2026-11657 Use after free in Payments","severity":"unknown","cvss":null,"cves":["CVE-2026-11658"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11658","csirts_url":"https://www.csirts.com/advisory/cve-2026-11658-4824"},{"num":4825,"source_id":"msrc","external_id":"CVE-2026-11659","title":"CVE-2026-11659: Chromium: CVE-2026-11658 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11659"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11659","csirts_url":"https://www.csirts.com/advisory/cve-2026-11659-4825"},{"num":4826,"source_id":"msrc","external_id":"CVE-2026-11661","title":"CVE-2026-11661: Chromium: CVE-2026-11660 Insufficient validation of untrusted input in New Tab Page","severity":"unknown","cvss":null,"cves":["CVE-2026-11661"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11661","csirts_url":"https://www.csirts.com/advisory/cve-2026-11661-4826"},{"num":4827,"source_id":"msrc","external_id":"CVE-2026-11662","title":"CVE-2026-11662: Chromium: CVE-2026-11661 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-11662"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11662","csirts_url":"https://www.csirts.com/advisory/cve-2026-11662-4827"},{"num":4828,"source_id":"msrc","external_id":"CVE-2026-11660","title":"CVE-2026-11660: Chromium: CVE-2026-11659 Insufficient validation of untrusted input in UI","severity":"unknown","cvss":null,"cves":["CVE-2026-11660"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11660","csirts_url":"https://www.csirts.com/advisory/cve-2026-11660-4828"},{"num":4829,"source_id":"msrc","external_id":"CVE-2026-11664","title":"CVE-2026-11664: Chromium: CVE-2026-11663 Use after free in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-11664"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11664","csirts_url":"https://www.csirts.com/advisory/cve-2026-11664-4829"},{"num":4830,"source_id":"msrc","external_id":"CVE-2026-11663","title":"CVE-2026-11663: Chromium: CVE-2026-11662 Type Confusion in Bindings","severity":"unknown","cvss":null,"cves":["CVE-2026-11663"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11663","csirts_url":"https://www.csirts.com/advisory/cve-2026-11663-4830"},{"num":4831,"source_id":"msrc","external_id":"CVE-2026-11665","title":"CVE-2026-11665: Chromium: CVE-2026-11664 Use after free in Payments","severity":"unknown","cvss":null,"cves":["CVE-2026-11665"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11665","csirts_url":"https://www.csirts.com/advisory/cve-2026-11665-4831"},{"num":4832,"source_id":"msrc","external_id":"CVE-2026-11666","title":"CVE-2026-11666: Chromium: CVE-2026-11665 Out of bounds read in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11666"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11666","csirts_url":"https://www.csirts.com/advisory/cve-2026-11666-4832"},{"num":4833,"source_id":"msrc","external_id":"CVE-2026-11667","title":"CVE-2026-11667: Chromium: CVE-2026-11666 Insufficient validation of untrusted input in Input","severity":"unknown","cvss":null,"cves":["CVE-2026-11667"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11667","csirts_url":"https://www.csirts.com/advisory/cve-2026-11667-4833"},{"num":4834,"source_id":"msrc","external_id":"CVE-2026-11669","title":"CVE-2026-11669: Chromium: CVE-2026-11668 Uninitialized Use in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11669"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11669","csirts_url":"https://www.csirts.com/advisory/cve-2026-11669-4834"},{"num":4835,"source_id":"msrc","external_id":"CVE-2026-11670","title":"CVE-2026-11670: Chromium: CVE-2026-11669 Integer overflow in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11670"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11670","csirts_url":"https://www.csirts.com/advisory/cve-2026-11670-4835"},{"num":4836,"source_id":"msrc","external_id":"CVE-2026-11668","title":"CVE-2026-11668: Chromium: CVE-2026-11667 Out of bounds read in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11668"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11668","csirts_url":"https://www.csirts.com/advisory/cve-2026-11668-4836"},{"num":4837,"source_id":"msrc","external_id":"CVE-2026-11671","title":"CVE-2026-11671: Chromium: CVE-2026-11670 Use after free in PDF","severity":"unknown","cvss":null,"cves":["CVE-2026-11671"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11671","csirts_url":"https://www.csirts.com/advisory/cve-2026-11671-4837"},{"num":4838,"source_id":"msrc","external_id":"CVE-2026-11672","title":"CVE-2026-11672: Chromium: CVE-2026-11671 Use after free in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-11672"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11672","csirts_url":"https://www.csirts.com/advisory/cve-2026-11672-4838"},{"num":4839,"source_id":"msrc","external_id":"CVE-2026-11673","title":"CVE-2026-11673: Chromium: CVE-2026-11672 Out of bounds write in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11673"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11673","csirts_url":"https://www.csirts.com/advisory/cve-2026-11673-4839"},{"num":4840,"source_id":"msrc","external_id":"CVE-2026-11674","title":"CVE-2026-11674: Chromium: CVE-2026-11673 Use after free in InterestGroups","severity":"unknown","cvss":null,"cves":["CVE-2026-11674"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11674","csirts_url":"https://www.csirts.com/advisory/cve-2026-11674-4840"},{"num":4841,"source_id":"msrc","external_id":"CVE-2026-11676","title":"CVE-2026-11676: Chromium: CVE-2026-11675 Insufficient validation of untrusted input in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-11676"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11676","csirts_url":"https://www.csirts.com/advisory/cve-2026-11676-4841"},{"num":4842,"source_id":"msrc","external_id":"CVE-2026-11675","title":"CVE-2026-11675: Chromium: CVE-2026-11674 Use after free in Guest View","severity":"unknown","cvss":null,"cves":["CVE-2026-11675"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11675","csirts_url":"https://www.csirts.com/advisory/cve-2026-11675-4842"},{"num":4843,"source_id":"msrc","external_id":"CVE-2026-11677","title":"CVE-2026-11677: Chromium: CVE-2026-11676 Insufficient validation of untrusted input in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11677"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11677","csirts_url":"https://www.csirts.com/advisory/cve-2026-11677-4843"},{"num":4844,"source_id":"msrc","external_id":"CVE-2026-11678","title":"CVE-2026-11678: Chromium: CVE-2026-11677 Race in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11678"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11678","csirts_url":"https://www.csirts.com/advisory/cve-2026-11678-4844"},{"num":4845,"source_id":"msrc","external_id":"CVE-2026-11679","title":"CVE-2026-11679: Chromium: CVE-2026-11678 Integer overflow in libyuv","severity":"unknown","cvss":null,"cves":["CVE-2026-11679"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11679","csirts_url":"https://www.csirts.com/advisory/cve-2026-11679-4845"},{"num":4846,"source_id":"msrc","external_id":"CVE-2026-11680","title":"CVE-2026-11680: Chromium: CVE-2026-11679 Use after free in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11680"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11680","csirts_url":"https://www.csirts.com/advisory/cve-2026-11680-4846"},{"num":4847,"source_id":"msrc","external_id":"CVE-2026-11682","title":"CVE-2026-11682: Chromium: CVE-2026-11681 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-11682"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11682","csirts_url":"https://www.csirts.com/advisory/cve-2026-11682-4847"},{"num":4848,"source_id":"msrc","external_id":"CVE-2026-11683","title":"CVE-2026-11683: Chromium: CVE-2026-11682 Insufficient validation of untrusted input in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-11683"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11683","csirts_url":"https://www.csirts.com/advisory/cve-2026-11683-4848"},{"num":4849,"source_id":"msrc","external_id":"CVE-2026-11681","title":"CVE-2026-11681: Chromium: CVE-2026-11680 Use after free in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11681"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11681","csirts_url":"https://www.csirts.com/advisory/cve-2026-11681-4849"},{"num":4850,"source_id":"msrc","external_id":"CVE-2026-11684","title":"CVE-2026-11684: Chromium: CVE-2026-11683 Use after free in WebCodecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11684"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11684","csirts_url":"https://www.csirts.com/advisory/cve-2026-11684-4850"},{"num":4851,"source_id":"msrc","external_id":"CVE-2026-11685","title":"CVE-2026-11685: Chromium: CVE-2026-11684 Insufficient policy enforcement in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11685"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11685","csirts_url":"https://www.csirts.com/advisory/cve-2026-11685-4851"},{"num":4852,"source_id":"msrc","external_id":"CVE-2026-11688","title":"CVE-2026-11688: Chromium: CVE-2026-11687 Use after free in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11688"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11688","csirts_url":"https://www.csirts.com/advisory/cve-2026-11688-4852"},{"num":4853,"source_id":"msrc","external_id":"CVE-2026-11687","title":"CVE-2026-11687: Chromium: CVE-2026-11686 Insufficient validation of untrusted input in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11687"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11687","csirts_url":"https://www.csirts.com/advisory/cve-2026-11687-4853"},{"num":4854,"source_id":"msrc","external_id":"CVE-2026-11689","title":"CVE-2026-11689: Chromium: CVE-2026-11688 Object lifecycle issue in SVG","severity":"unknown","cvss":null,"cves":["CVE-2026-11689"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11689","csirts_url":"https://www.csirts.com/advisory/cve-2026-11689-4854"},{"num":4855,"source_id":"msrc","external_id":"CVE-2026-11686","title":"CVE-2026-11686: Chromium: CVE-2026-11685 Insufficient data validation in MediaCapture","severity":"unknown","cvss":null,"cves":["CVE-2026-11686"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11686","csirts_url":"https://www.csirts.com/advisory/cve-2026-11686-4855"},{"num":4856,"source_id":"msrc","external_id":"CVE-2026-11690","title":"CVE-2026-11690: Chromium: CVE-2026-11689 Insufficient validation of untrusted input in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-11690"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11690","csirts_url":"https://www.csirts.com/advisory/cve-2026-11690-4856"},{"num":4857,"source_id":"msrc","external_id":"CVE-2026-11691","title":"CVE-2026-11691: Chromium: CVE-2026-11690 Out of bounds read and write in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11691"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11691","csirts_url":"https://www.csirts.com/advisory/cve-2026-11691-4857"},{"num":4858,"source_id":"msrc","external_id":"CVE-2026-11692","title":"CVE-2026-11692: Chromium: CVE-2026-11691 Insufficient validation of untrusted input in New Tab Page","severity":"unknown","cvss":null,"cves":["CVE-2026-11692"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11692","csirts_url":"https://www.csirts.com/advisory/cve-2026-11692-4858"},{"num":4859,"source_id":"msrc","external_id":"CVE-2026-11693","title":"CVE-2026-11693: Chromium: CVE-2026-11692 Use after free in Read Anything","severity":"unknown","cvss":null,"cves":["CVE-2026-11693"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11693","csirts_url":"https://www.csirts.com/advisory/cve-2026-11693-4859"},{"num":4860,"source_id":"msrc","external_id":"CVE-2026-11694","title":"CVE-2026-11694: Chromium: CVE-2026-11693 Inappropriate implementation in Plugins","severity":"unknown","cvss":null,"cves":["CVE-2026-11694"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11694","csirts_url":"https://www.csirts.com/advisory/cve-2026-11694-4860"},{"num":4861,"source_id":"msrc","external_id":"CVE-2026-11695","title":"CVE-2026-11695: Chromium: CVE-2026-11694 Use after free in ServiceWorker","severity":"unknown","cvss":null,"cves":["CVE-2026-11695"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11695","csirts_url":"https://www.csirts.com/advisory/cve-2026-11695-4861"},{"num":4862,"source_id":"msrc","external_id":"CVE-2026-11696","title":"CVE-2026-11696: Chromium: CVE-2026-11695 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-11696"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11696","csirts_url":"https://www.csirts.com/advisory/cve-2026-11696-4862"},{"num":4863,"source_id":"msrc","external_id":"CVE-2026-11697","title":"CVE-2026-11697: Chromium: CVE-2026-11696 Uninitialized Use in Video","severity":"unknown","cvss":null,"cves":["CVE-2026-11697"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11697","csirts_url":"https://www.csirts.com/advisory/cve-2026-11697-4863"},{"num":4864,"source_id":"msrc","external_id":"CVE-2026-11698","title":"CVE-2026-11698: Chromium: CVE-2026-11697 Insufficient validation of untrusted input in UI","severity":"unknown","cvss":null,"cves":["CVE-2026-11698"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11698","csirts_url":"https://www.csirts.com/advisory/cve-2026-11698-4864"},{"num":4865,"source_id":"msrc","external_id":"CVE-2026-11699","title":"CVE-2026-11699: Chromium: CVE-2026-11698 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-11699"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11699","csirts_url":"https://www.csirts.com/advisory/cve-2026-11699-4865"},{"num":4866,"source_id":"msrc","external_id":"CVE-2026-11700","title":"CVE-2026-11700: Chromium: CVE-2026-11699 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-11700"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11700","csirts_url":"https://www.csirts.com/advisory/cve-2026-11700-4866"},{"num":4867,"source_id":"msrc","external_id":"CVE-2026-11701","title":"CVE-2026-11701: Chromium: CVE-2026-11700 Use after free in Tracing","severity":"unknown","cvss":null,"cves":["CVE-2026-11701"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11701","csirts_url":"https://www.csirts.com/advisory/cve-2026-11701-4867"},{"num":4868,"source_id":"msrc","external_id":"CVE-2026-50656","title":"CVE-2026-50656: Microsoft Defender Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-50656"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50656","csirts_url":"https://www.csirts.com/advisory/cve-2026-50656-4868"},{"num":4869,"source_id":"msrc","external_id":"CVE-2026-50519","title":"CVE-2026-50519: Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-50519"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50519","csirts_url":"https://www.csirts.com/advisory/cve-2026-50519-4869"},{"num":4870,"source_id":"msrc","external_id":"CVE-2026-13027","title":"CVE-2026-13027: Chromium: CVE-2026-13027 Use after free in FileSystem","severity":"unknown","cvss":null,"cves":["CVE-2026-13027"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13027","csirts_url":"https://www.csirts.com/advisory/cve-2026-13027-4870"},{"num":4871,"source_id":"msrc","external_id":"CVE-2026-13026","title":"CVE-2026-13026: Chromium: CVE-2026-13026 Use after free in Digital Credentials","severity":"unknown","cvss":null,"cves":["CVE-2026-13026"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13026","csirts_url":"https://www.csirts.com/advisory/cve-2026-13026-4871"},{"num":4872,"source_id":"msrc","external_id":"CVE-2026-13025","title":"CVE-2026-13025: Chromium: CVE-2026-13025 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-13025"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13025","csirts_url":"https://www.csirts.com/advisory/cve-2026-13025-4872"},{"num":4873,"source_id":"msrc","external_id":"CVE-2026-13024","title":"CVE-2026-13024: Chromium: CVE-2026-13024 Insufficient validation of untrusted input in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-13024"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13024","csirts_url":"https://www.csirts.com/advisory/cve-2026-13024-4873"},{"num":4874,"source_id":"msrc","external_id":"CVE-2026-13023","title":"CVE-2026-13023: Chromium: CVE-2026-13023 Uninitialized Use in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-13023"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13023","csirts_url":"https://www.csirts.com/advisory/cve-2026-13023-4874"},{"num":4875,"source_id":"msrc","external_id":"CVE-2026-13022","title":"CVE-2026-13022: Chromium: CVE-2026-13022 Inappropriate implementation in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-13022"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13022","csirts_url":"https://www.csirts.com/advisory/cve-2026-13022-4875"},{"num":4876,"source_id":"msrc","external_id":"CVE-2026-13021","title":"CVE-2026-13021: Chromium: CVE-2026-13021 Inappropriate implementation in DeviceBoundSessionCredentials","severity":"unknown","cvss":null,"cves":["CVE-2026-13021"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13021","csirts_url":"https://www.csirts.com/advisory/cve-2026-13021-4876"},{"num":4877,"source_id":"msrc","external_id":"CVE-2026-33113","title":"CVE-2026-33113: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-33113"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33113","csirts_url":"https://www.csirts.com/advisory/cve-2026-33113-4877"},{"num":4878,"source_id":"msrc","external_id":"CVE-2026-40371","title":"CVE-2026-40371: Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-40371"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40371","csirts_url":"https://www.csirts.com/advisory/cve-2026-40371-4878"},{"num":4879,"source_id":"msrc","external_id":"CVE-2026-42828","title":"CVE-2026-42828: Windows Projected File System Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42828"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42828","csirts_url":"https://www.csirts.com/advisory/cve-2026-42828-4879"},{"num":4880,"source_id":"msrc","external_id":"CVE-2026-42829","title":"CVE-2026-42829: Windows Administrator Protection Secure Feature Bypass Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42829"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42829","csirts_url":"https://www.csirts.com/advisory/cve-2026-42829-4880"},{"num":4881,"source_id":"msrc","external_id":"CVE-2026-42835","title":"CVE-2026-42835: Microsoft Teams for Android Information Disclosure Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-42835"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42835","csirts_url":"https://www.csirts.com/advisory/cve-2026-42835-4881"},{"num":4882,"source_id":"msrc","external_id":"CVE-2026-40376","title":"CVE-2026-40376: Visual Studio Code Elevation of Privilege Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-40376"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40376","csirts_url":"https://www.csirts.com/advisory/cve-2026-40376-4882"},{"num":4883,"source_id":"msrc","external_id":"CVE-2026-44822","title":"CVE-2026-44822: Microsoft Excel Information Disclosure Vulnerability","severity":"high","cvss":8.2,"cves":["CVE-2026-44822"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44822","csirts_url":"https://www.csirts.com/advisory/cve-2026-44822-4883"},{"num":4884,"source_id":"msrc","external_id":"CVE-2026-45454","title":"CVE-2026-45454: Microsoft SharePoint Remote Code Execution Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-45454"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45454","csirts_url":"https://www.csirts.com/advisory/cve-2026-45454-4884"},{"num":4885,"source_id":"msrc","external_id":"CVE-2026-45455","title":"CVE-2026-45455: Microsoft Excel Information Disclosure Vulnerability","severity":"low","cvss":3.3,"cves":["CVE-2026-45455"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45455","csirts_url":"https://www.csirts.com/advisory/cve-2026-45455-4885"},{"num":4886,"source_id":"msrc","external_id":"CVE-2026-45457","title":"CVE-2026-45457: Microsoft Word Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45457"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45457","csirts_url":"https://www.csirts.com/advisory/cve-2026-45457-4886"},{"num":4887,"source_id":"msrc","external_id":"CVE-2026-45459","title":"CVE-2026-45459: Microsoft Excel Security Feature Bypass Vulnerability","severity":"low","cvss":3.3,"cves":["CVE-2026-45459"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45459","csirts_url":"https://www.csirts.com/advisory/cve-2026-45459-4887"},{"num":4888,"source_id":"msrc","external_id":"CVE-2026-45462","title":"CVE-2026-45462: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":4.6,"cves":["CVE-2026-45462"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45462","csirts_url":"https://www.csirts.com/advisory/cve-2026-45462-4888"},{"num":4889,"source_id":"msrc","external_id":"CVE-2026-45463","title":"CVE-2026-45463: Microsoft Office Remote Code Execution Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-45463"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45463","csirts_url":"https://www.csirts.com/advisory/cve-2026-45463-4889"},{"num":4890,"source_id":"msrc","external_id":"CVE-2026-45464","title":"CVE-2026-45464: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-45464"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45464","csirts_url":"https://www.csirts.com/advisory/cve-2026-45464-4890"},{"num":4891,"source_id":"msrc","external_id":"CVE-2026-45465","title":"CVE-2026-45465: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-45465"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45465","csirts_url":"https://www.csirts.com/advisory/cve-2026-45465-4891"},{"num":4892,"source_id":"msrc","external_id":"CVE-2026-45476","title":"CVE-2026-45476: Microsoft Azure Network Adapter Elevation of Privilege Vulnerability","severity":"high","cvss":8.2,"cves":["CVE-2026-45476"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45476","csirts_url":"https://www.csirts.com/advisory/cve-2026-45476-4892"},{"num":4893,"source_id":"msrc","external_id":"CVE-2026-45482","title":"CVE-2026-45482: Microsoft Visual Studio Code CoPilot Chat Security Feature Bypass Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-45482"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45482","csirts_url":"https://www.csirts.com/advisory/cve-2026-45482-4893"},{"num":4894,"source_id":"msrc","external_id":"CVE-2026-45586","title":"CVE-2026-45586: Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45586"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45586","csirts_url":"https://www.csirts.com/advisory/cve-2026-45586-4894"},{"num":4895,"source_id":"msrc","external_id":"CVE-2026-45591","title":"CVE-2026-45591: ASP.NET Core Denial of Service Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-45591"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45591","csirts_url":"https://www.csirts.com/advisory/cve-2026-45591-4895"},{"num":4896,"source_id":"msrc","external_id":"CVE-2026-45592","title":"CVE-2026-45592: Windows Internet (wininet.dll) Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45592"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45592","csirts_url":"https://www.csirts.com/advisory/cve-2026-45592-4896"},{"num":4897,"source_id":"msrc","external_id":"CVE-2026-45593","title":"CVE-2026-45593: Windows SDK Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45593"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45593","csirts_url":"https://www.csirts.com/advisory/cve-2026-45593-4897"},{"num":4898,"source_id":"msrc","external_id":"CVE-2026-45594","title":"CVE-2026-45594: Windows Application Identity (AppID) Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-45594"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45594","csirts_url":"https://www.csirts.com/advisory/cve-2026-45594-4898"},{"num":4899,"source_id":"msrc","external_id":"CVE-2026-45604","title":"CVE-2026-45604: Windows Managed Installer Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-45604"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45604","csirts_url":"https://www.csirts.com/advisory/cve-2026-45604-4899"},{"num":4900,"source_id":"msrc","external_id":"CVE-2026-45595","title":"CVE-2026-45595: Windows Mark of the Web Security Feature Bypass Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-45595"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45595","csirts_url":"https://www.csirts.com/advisory/cve-2026-45595-4900"},{"num":4901,"source_id":"msrc","external_id":"CVE-2026-45597","title":"CVE-2026-45597: Windows UI Automation Manager (uiamanager.dll) Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-45597"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45597","csirts_url":"https://www.csirts.com/advisory/cve-2026-45597-4901"},{"num":4902,"source_id":"msrc","external_id":"CVE-2026-45599","title":"CVE-2026-45599: Windows UPnP Device Host Remote Code Execution Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-45599"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45599","csirts_url":"https://www.csirts.com/advisory/cve-2026-45599-4902"},{"num":4903,"source_id":"msrc","external_id":"CVE-2026-45601","title":"CVE-2026-45601: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-45601"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45601","csirts_url":"https://www.csirts.com/advisory/cve-2026-45601-4903"},{"num":4904,"source_id":"msrc","external_id":"CVE-2026-45598","title":"CVE-2026-45598: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-45598"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45598","csirts_url":"https://www.csirts.com/advisory/cve-2026-45598-4904"},{"num":4905,"source_id":"msrc","external_id":"CVE-2026-45636","title":"CVE-2026-45636: Windows NTFS Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45636"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45636","csirts_url":"https://www.csirts.com/advisory/cve-2026-45636-4905"},{"num":4906,"source_id":"msrc","external_id":"CVE-2026-45596","title":"CVE-2026-45596: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-45596"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45596","csirts_url":"https://www.csirts.com/advisory/cve-2026-45596-4906"},{"num":4907,"source_id":"msrc","external_id":"CVE-2026-45600","title":"CVE-2026-45600: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45600"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45600","csirts_url":"https://www.csirts.com/advisory/cve-2026-45600-4907"},{"num":4908,"source_id":"msrc","external_id":"CVE-2026-45602","title":"CVE-2026-45602: Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability","severity":"critical","cvss":9.1,"cves":["CVE-2026-45602"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45602","csirts_url":"https://www.csirts.com/advisory/cve-2026-45602-4908"},{"num":4909,"source_id":"msrc","external_id":"CVE-2026-45635","title":"CVE-2026-45635: Windows UPnP Device Host Remote Code Execution Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-45635"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45635","csirts_url":"https://www.csirts.com/advisory/cve-2026-45635-4909"},{"num":4910,"source_id":"msrc","external_id":"CVE-2026-45603","title":"CVE-2026-45603: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-45603"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45603","csirts_url":"https://www.csirts.com/advisory/cve-2026-45603-4910"},{"num":4911,"source_id":"msrc","external_id":"CVE-2026-45637","title":"CVE-2026-45637: Microsoft DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45637"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45637","csirts_url":"https://www.csirts.com/advisory/cve-2026-45637-4911"},{"num":4912,"source_id":"msrc","external_id":"CVE-2026-45608","title":"CVE-2026-45608: Windows DHCP Client Information Disclosure Vulnerability","severity":"medium","cvss":6.8,"cves":["CVE-2026-45608"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45608","csirts_url":"https://www.csirts.com/advisory/cve-2026-45608-4912"},{"num":4913,"source_id":"msrc","external_id":"CVE-2026-45644","title":"CVE-2026-45644: Microsoft Live Share Canvas SDK Elevation of Privilege Vulnerability","severity":"high","cvss":8,"cves":["CVE-2026-45644"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45644","csirts_url":"https://www.csirts.com/advisory/cve-2026-45644-4913"},{"num":4914,"source_id":"msrc","external_id":"CVE-2026-45653","title":"CVE-2026-45653: Windows Kernel Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-45653"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45653","csirts_url":"https://www.csirts.com/advisory/cve-2026-45653-4914"},{"num":4915,"source_id":"msrc","external_id":"CVE-2026-45654","title":"CVE-2026-45654: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-45654"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45654","csirts_url":"https://www.csirts.com/advisory/cve-2026-45654-4915"},{"num":4916,"source_id":"msrc","external_id":"CVE-2026-45647","title":"CVE-2026-45647: Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-45647"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45647","csirts_url":"https://www.csirts.com/advisory/cve-2026-45647-4916"},{"num":4917,"source_id":"msrc","external_id":"CVE-2026-45658","title":"CVE-2026-45658: Windows BitLocker Security Feature Bypass Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45658"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45658","csirts_url":"https://www.csirts.com/advisory/cve-2026-45658-4917"},{"num":4918,"source_id":"msrc","external_id":"CVE-2026-47281","title":"CVE-2026-47281: Visual Studio Code Elevation of Privilege Vulnerability","severity":"critical","cvss":9.6,"cves":["CVE-2026-47281"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47281","csirts_url":"https://www.csirts.com/advisory/cve-2026-47281-4918"},{"num":4919,"source_id":"msrc","external_id":"CVE-2026-47284","title":"CVE-2026-47284: Visual Studio Code Information Disclosure Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-47284"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47284","csirts_url":"https://www.csirts.com/advisory/cve-2026-47284-4919"},{"num":4920,"source_id":"msrc","external_id":"CVE-2026-47293","title":"CVE-2026-47293: Microsoft Office Click-To-Run Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-47293"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47293","csirts_url":"https://www.csirts.com/advisory/cve-2026-47293-4920"},{"num":4921,"source_id":"msrc","external_id":"CVE-2026-47634","title":"CVE-2026-47634: Microsoft SharePoint Server Spoofing Vulnerability","severity":"high","cvss":7.3,"cves":["CVE-2026-47634"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47634","csirts_url":"https://www.csirts.com/advisory/cve-2026-47634-4921"},{"num":4922,"source_id":"msrc","external_id":"CVE-2026-47640","title":"CVE-2026-47640: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":4.6,"cves":["CVE-2026-47640"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47640","csirts_url":"https://www.csirts.com/advisory/cve-2026-47640-4922"},{"num":4923,"source_id":"msrc","external_id":"CVE-2026-47643","title":"CVE-2026-47643: Azure Stack Edge Remote Code Execution Vulnerability","severity":"critical","cvss":9.8,"cves":["CVE-2026-47643"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47643","csirts_url":"https://www.csirts.com/advisory/cve-2026-47643-4923"},{"num":4924,"source_id":"msrc","external_id":"CVE-2026-45481","title":"CVE-2026-45481: Microsoft SharePoint Server Spoofing Vulnerability","severity":"high","cvss":7.3,"cves":["CVE-2026-45481"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45481","csirts_url":"https://www.csirts.com/advisory/cve-2026-45481-4924"},{"num":4925,"source_id":"msrc","external_id":"CVE-2026-45484","title":"CVE-2026-45484: Microsoft SharePoint Elevation of Privilege Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-45484"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45484","csirts_url":"https://www.csirts.com/advisory/cve-2026-45484-4925"},{"num":4926,"source_id":"msrc","external_id":"CVE-2026-47656","title":"CVE-2026-47656: Windows Boot Manager Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-47656"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47656","csirts_url":"https://www.csirts.com/advisory/cve-2026-47656-4926"},{"num":4927,"source_id":"msrc","external_id":"CVE-2026-48560","title":"CVE-2026-48560: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":5.4,"cves":["CVE-2026-48560"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48560","csirts_url":"https://www.csirts.com/advisory/cve-2026-48560-4927"},{"num":4928,"source_id":"msrc","external_id":"CVE-2026-48562","title":"CVE-2026-48562: Microsoft SharePoint Server Spoofing Vulnerability","severity":"medium","cvss":4.6,"cves":["CVE-2026-48562"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48562","csirts_url":"https://www.csirts.com/advisory/cve-2026-48562-4928"},{"num":4929,"source_id":"msrc","external_id":"CVE-2026-48565","title":"CVE-2026-48565: Windows Narrator Braille Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-48565"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48565","csirts_url":"https://www.csirts.com/advisory/cve-2026-48565-4929"},{"num":4930,"source_id":"msrc","external_id":"CVE-2026-48569","title":"CVE-2026-48569: Visual Studio Code Security Feature Bypass Vulnerability","severity":"high","cvss":7.1,"cves":["CVE-2026-48569"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48569","csirts_url":"https://www.csirts.com/advisory/cve-2026-48569-4930"},{"num":4932,"source_id":"msrc","external_id":"CVE-2026-49160","title":"CVE-2026-49160: HTTP.sys Denial of Service Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-49160"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49160","csirts_url":"https://www.csirts.com/advisory/cve-2026-49160-4932"},{"num":4933,"source_id":"msrc","external_id":"CVE-2026-10882","title":"CVE-2026-10882: Chromium: CVE-2026-10882 Use after free in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-10882"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10882","csirts_url":"https://www.csirts.com/advisory/cve-2026-10882-4933"},{"num":4934,"source_id":"msrc","external_id":"CVE-2026-10886","title":"CVE-2026-10886: Chromium: CVE-2026-10886 Use after free in FileSystem","severity":"unknown","cvss":null,"cves":["CVE-2026-10886"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10886","csirts_url":"https://www.csirts.com/advisory/cve-2026-10886-4934"},{"num":4935,"source_id":"msrc","external_id":"CVE-2026-10891","title":"CVE-2026-10891: Chromium: CVE-2026-10891 Use after free in GFX","severity":"unknown","cvss":null,"cves":["CVE-2026-10891"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10891","csirts_url":"https://www.csirts.com/advisory/cve-2026-10891-4935"},{"num":4936,"source_id":"msrc","external_id":"CVE-2026-10893","title":"CVE-2026-10893: Chromium: CVE-2026-10893 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-10893"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10893","csirts_url":"https://www.csirts.com/advisory/cve-2026-10893-4936"},{"num":4937,"source_id":"msrc","external_id":"CVE-2026-10894","title":"CVE-2026-10894: Chromium: CVE-2026-10894 Use after free in Printing","severity":"unknown","cvss":null,"cves":["CVE-2026-10894"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10894","csirts_url":"https://www.csirts.com/advisory/cve-2026-10894-4937"},{"num":4938,"source_id":"msrc","external_id":"CVE-2026-10901","title":"CVE-2026-10901: Chromium: CVE-2026-10901 Use after free in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-10901"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10901","csirts_url":"https://www.csirts.com/advisory/cve-2026-10901-4938"},{"num":4939,"source_id":"msrc","external_id":"CVE-2026-10902","title":"CVE-2026-10902: Chromium: CVE-2026-10902 Use after free in Ozone","severity":"unknown","cvss":null,"cves":["CVE-2026-10902"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10902","csirts_url":"https://www.csirts.com/advisory/cve-2026-10902-4939"},{"num":4940,"source_id":"msrc","external_id":"CVE-2026-10904","title":"CVE-2026-10904: Chromium: CVE-2026-10904 Inappropriate implementation in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-10904"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10904","csirts_url":"https://www.csirts.com/advisory/cve-2026-10904-4940"},{"num":4941,"source_id":"msrc","external_id":"CVE-2026-10905","title":"CVE-2026-10905: Chromium: CVE-2026-10905 Use after free in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-10905"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10905","csirts_url":"https://www.csirts.com/advisory/cve-2026-10905-4941"},{"num":4942,"source_id":"msrc","external_id":"CVE-2026-10906","title":"CVE-2026-10906: Chromium: CVE-2026-10906 Use after free in WebAuthentication","severity":"unknown","cvss":null,"cves":["CVE-2026-10906"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10906","csirts_url":"https://www.csirts.com/advisory/cve-2026-10906-4942"},{"num":4943,"source_id":"msrc","external_id":"CVE-2026-10907","title":"CVE-2026-10907: Chromium: CVE-2026-10907 Out of bounds write in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10907"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10907","csirts_url":"https://www.csirts.com/advisory/cve-2026-10907-4943"},{"num":4944,"source_id":"msrc","external_id":"CVE-2026-10913","title":"CVE-2026-10913: Chromium: CVE-2026-10913 Use after free in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10913"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10913","csirts_url":"https://www.csirts.com/advisory/cve-2026-10913-4944"},{"num":4945,"source_id":"msrc","external_id":"CVE-2026-10917","title":"CVE-2026-10917: Chromium: CVE-2026-10917 Insufficient validation of untrusted input in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-10917"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10917","csirts_url":"https://www.csirts.com/advisory/cve-2026-10917-4945"},{"num":4946,"source_id":"msrc","external_id":"CVE-2026-10920","title":"CVE-2026-10920: Chromium: CVE-2026-10920 Insufficient validation of untrusted input in WebShare","severity":"unknown","cvss":null,"cves":["CVE-2026-10920"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10920","csirts_url":"https://www.csirts.com/advisory/cve-2026-10920-4946"},{"num":4947,"source_id":"msrc","external_id":"CVE-2026-10926","title":"CVE-2026-10926: Chromium: CVE-2026-10926 Use after free in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-10926"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10926","csirts_url":"https://www.csirts.com/advisory/cve-2026-10926-4947"},{"num":4948,"source_id":"msrc","external_id":"CVE-2026-10930","title":"CVE-2026-10930: Chromium: CVE-2026-10930 Out of bounds read in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10930"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10930","csirts_url":"https://www.csirts.com/advisory/cve-2026-10930-4948"},{"num":4949,"source_id":"msrc","external_id":"CVE-2026-10937","title":"CVE-2026-10937: Chromium: CVE-2026-10937 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-10937"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10937","csirts_url":"https://www.csirts.com/advisory/cve-2026-10937-4949"},{"num":4950,"source_id":"msrc","external_id":"CVE-2026-10938","title":"CVE-2026-10938: Chromium: CVE-2026-10938 Insufficient validation of untrusted input in Input","severity":"unknown","cvss":null,"cves":["CVE-2026-10938"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10938","csirts_url":"https://www.csirts.com/advisory/cve-2026-10938-4950"},{"num":4951,"source_id":"msrc","external_id":"CVE-2026-10945","title":"CVE-2026-10945: Chromium: CVE-2026-10945 Use after free in PDF","severity":"unknown","cvss":null,"cves":["CVE-2026-10945"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10945","csirts_url":"https://www.csirts.com/advisory/cve-2026-10945-4951"},{"num":4952,"source_id":"msrc","external_id":"CVE-2026-10948","title":"CVE-2026-10948: Chromium: CVE-2026-10948 Use after free in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-10948"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10948","csirts_url":"https://www.csirts.com/advisory/cve-2026-10948-4952"},{"num":4953,"source_id":"msrc","external_id":"CVE-2026-10955","title":"CVE-2026-10955: Chromium: CVE-2026-10955 Type Confusion in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10955"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10955","csirts_url":"https://www.csirts.com/advisory/cve-2026-10955-4953"},{"num":4954,"source_id":"msrc","external_id":"CVE-2026-10963","title":"CVE-2026-10963: Chromium: CVE-2026-10963 Integer overflow in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-10963"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10963","csirts_url":"https://www.csirts.com/advisory/cve-2026-10963-4954"},{"num":4955,"source_id":"msrc","external_id":"CVE-2026-10968","title":"CVE-2026-10968: Chromium: CVE-2026-10968 Insufficient validation of untrusted input in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-10968"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10968","csirts_url":"https://www.csirts.com/advisory/cve-2026-10968-4955"},{"num":4956,"source_id":"msrc","external_id":"CVE-2026-10979","title":"CVE-2026-10979: Chromium: CVE-2026-10979 Out of bounds read in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10979"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10979","csirts_url":"https://www.csirts.com/advisory/cve-2026-10979-4956"},{"num":4957,"source_id":"msrc","external_id":"CVE-2026-10980","title":"CVE-2026-10980: Chromium: CVE-2026-10980 Insufficient validation of untrusted input in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-10980"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10980","csirts_url":"https://www.csirts.com/advisory/cve-2026-10980-4957"},{"num":4958,"source_id":"msrc","external_id":"CVE-2026-10985","title":"CVE-2026-10985: Chromium: CVE-2026-10985 Out of bounds read in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-10985"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10985","csirts_url":"https://www.csirts.com/advisory/cve-2026-10985-4958"},{"num":4959,"source_id":"msrc","external_id":"CVE-2026-10986","title":"CVE-2026-10986: Chromium: CVE-2026-10986 Integer overflow in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-10986"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10986","csirts_url":"https://www.csirts.com/advisory/cve-2026-10986-4959"},{"num":4960,"source_id":"msrc","external_id":"CVE-2026-10987","title":"CVE-2026-10987: Chromium: CVE-2026-10987 Integer overflow in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-10987"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10987","csirts_url":"https://www.csirts.com/advisory/cve-2026-10987-4960"},{"num":4961,"source_id":"msrc","external_id":"CVE-2026-10988","title":"CVE-2026-10988: Chromium: CVE-2026-10988 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-10988"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10988","csirts_url":"https://www.csirts.com/advisory/cve-2026-10988-4961"},{"num":4962,"source_id":"msrc","external_id":"CVE-2026-10999","title":"CVE-2026-10999: Chromium: CVE-2026-10999 Out of bounds memory access in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10999"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10999","csirts_url":"https://www.csirts.com/advisory/cve-2026-10999-4962"},{"num":4963,"source_id":"msrc","external_id":"CVE-2026-11001","title":"CVE-2026-11001: Chromium: CVE-2026-11001 Incorrect security UI in Payments","severity":"unknown","cvss":null,"cves":["CVE-2026-11001"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11001","csirts_url":"https://www.csirts.com/advisory/cve-2026-11001-4963"},{"num":4964,"source_id":"msrc","external_id":"CVE-2026-11002","title":"CVE-2026-11002: Chromium: CVE-2026-11002 Use after free in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-11002"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11002","csirts_url":"https://www.csirts.com/advisory/cve-2026-11002-4964"},{"num":4965,"source_id":"msrc","external_id":"CVE-2026-11003","title":"CVE-2026-11003: Chromium: CVE-2026-11003 Use after free in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11003"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11003","csirts_url":"https://www.csirts.com/advisory/cve-2026-11003-4965"},{"num":4966,"source_id":"msrc","external_id":"CVE-2026-11004","title":"CVE-2026-11004: Chromium: CVE-2026-11004 Out of bounds read in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11004"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11004","csirts_url":"https://www.csirts.com/advisory/cve-2026-11004-4966"},{"num":4967,"source_id":"msrc","external_id":"CVE-2026-11005","title":"CVE-2026-11005: Chromium: CVE-2026-11005 Out of bounds read in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11005"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11005","csirts_url":"https://www.csirts.com/advisory/cve-2026-11005-4967"},{"num":4968,"source_id":"msrc","external_id":"CVE-2026-11011","title":"CVE-2026-11011: Chromium: CVE-2026-11011 Insufficient policy enforcement in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11011"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11011","csirts_url":"https://www.csirts.com/advisory/cve-2026-11011-4968"},{"num":4969,"source_id":"msrc","external_id":"CVE-2026-11014","title":"CVE-2026-11014: Chromium: CVE-2026-11014 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11014"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11014","csirts_url":"https://www.csirts.com/advisory/cve-2026-11014-4969"},{"num":4970,"source_id":"msrc","external_id":"CVE-2026-11017","title":"CVE-2026-11017: Chromium: CVE-2026-11017 Inappropriate implementation in Link Preview","severity":"unknown","cvss":null,"cves":["CVE-2026-11017"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11017","csirts_url":"https://www.csirts.com/advisory/cve-2026-11017-4970"},{"num":4971,"source_id":"msrc","external_id":"CVE-2026-11018","title":"CVE-2026-11018: Chromium: CVE-2026-11018 Insufficient policy enforcement in Actor","severity":"unknown","cvss":null,"cves":["CVE-2026-11018"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11018","csirts_url":"https://www.csirts.com/advisory/cve-2026-11018-4971"},{"num":4972,"source_id":"msrc","external_id":"CVE-2026-11023","title":"CVE-2026-11023: Chromium: CVE-2026-11023 Insufficient validation of untrusted input in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-11023"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11023","csirts_url":"https://www.csirts.com/advisory/cve-2026-11023-4972"},{"num":4973,"source_id":"msrc","external_id":"CVE-2026-11025","title":"CVE-2026-11025: Chromium: CVE-2026-11025 Insufficient policy enforcement in Navigation","severity":"unknown","cvss":null,"cves":["CVE-2026-11025"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11025","csirts_url":"https://www.csirts.com/advisory/cve-2026-11025-4973"},{"num":4974,"source_id":"msrc","external_id":"CVE-2026-11026","title":"CVE-2026-11026: Chromium: CVE-2026-11026 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11026"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11026","csirts_url":"https://www.csirts.com/advisory/cve-2026-11026-4974"},{"num":4975,"source_id":"msrc","external_id":"CVE-2026-11027","title":"CVE-2026-11027: Chromium: CVE-2026-11027 Insufficient validation of untrusted input in Glic","severity":"unknown","cvss":null,"cves":["CVE-2026-11027"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11027","csirts_url":"https://www.csirts.com/advisory/cve-2026-11027-4975"},{"num":4976,"source_id":"msrc","external_id":"CVE-2026-11030","title":"CVE-2026-11030: Chromium: CVE-2026-11030 Use after free in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11030"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11030","csirts_url":"https://www.csirts.com/advisory/cve-2026-11030-4976"},{"num":4977,"source_id":"msrc","external_id":"CVE-2026-11031","title":"CVE-2026-11031: Chromium: CVE-2026-11031 Insufficient validation of untrusted input in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11031"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11031","csirts_url":"https://www.csirts.com/advisory/cve-2026-11031-4977"},{"num":4978,"source_id":"msrc","external_id":"CVE-2026-11032","title":"CVE-2026-11032: Chromium: CVE-2026-11032 Insufficient data validation in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11032"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11032","csirts_url":"https://www.csirts.com/advisory/cve-2026-11032-4978"},{"num":4979,"source_id":"msrc","external_id":"CVE-2026-11039","title":"CVE-2026-11039: Chromium: CVE-2026-11039 Uninitialized Use in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-11039"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11039","csirts_url":"https://www.csirts.com/advisory/cve-2026-11039-4979"},{"num":4980,"source_id":"msrc","external_id":"CVE-2026-11042","title":"CVE-2026-11042: Chromium: CVE-2026-11042 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-11042"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11042","csirts_url":"https://www.csirts.com/advisory/cve-2026-11042-4980"},{"num":4981,"source_id":"msrc","external_id":"CVE-2026-11043","title":"CVE-2026-11043: Chromium: CVE-2026-11043 Out of bounds write in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11043"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11043","csirts_url":"https://www.csirts.com/advisory/cve-2026-11043-4981"},{"num":4982,"source_id":"msrc","external_id":"CVE-2026-11054","title":"CVE-2026-11054: Chromium: CVE-2026-11054 Use after free in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11054"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11054","csirts_url":"https://www.csirts.com/advisory/cve-2026-11054-4982"},{"num":4983,"source_id":"msrc","external_id":"CVE-2026-11062","title":"CVE-2026-11062: Chromium: CVE-2026-11062 Insufficient policy enforcement in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11062"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11062","csirts_url":"https://www.csirts.com/advisory/cve-2026-11062-4983"},{"num":4984,"source_id":"msrc","external_id":"CVE-2026-11063","title":"CVE-2026-11063: Chromium: CVE-2026-11063 Insufficient validation of untrusted input in WebNN","severity":"unknown","cvss":null,"cves":["CVE-2026-11063"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11063","csirts_url":"https://www.csirts.com/advisory/cve-2026-11063-4984"},{"num":4985,"source_id":"msrc","external_id":"CVE-2026-11066","title":"CVE-2026-11066: Chromium: CVE-2026-11066 Insufficient validation of untrusted input in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11066"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11066","csirts_url":"https://www.csirts.com/advisory/cve-2026-11066-4985"},{"num":4986,"source_id":"msrc","external_id":"CVE-2026-11068","title":"CVE-2026-11068: Chromium: CVE-2026-11068 Use after free in WebSockets","severity":"unknown","cvss":null,"cves":["CVE-2026-11068"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11068","csirts_url":"https://www.csirts.com/advisory/cve-2026-11068-4986"},{"num":4987,"source_id":"msrc","external_id":"CVE-2026-11070","title":"CVE-2026-11070: Chromium: CVE-2026-11070 Insufficient validation of untrusted input in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11070"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11070","csirts_url":"https://www.csirts.com/advisory/cve-2026-11070-4987"},{"num":4988,"source_id":"msrc","external_id":"CVE-2026-11071","title":"CVE-2026-11071: Chromium: CVE-2026-11071 Use after free in Base","severity":"unknown","cvss":null,"cves":["CVE-2026-11071"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11071","csirts_url":"https://www.csirts.com/advisory/cve-2026-11071-4988"},{"num":4989,"source_id":"msrc","external_id":"CVE-2026-11073","title":"CVE-2026-11073: Chromium: CVE-2026-11073 Use after free in WebGL","severity":"unknown","cvss":null,"cves":["CVE-2026-11073"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11073","csirts_url":"https://www.csirts.com/advisory/cve-2026-11073-4989"},{"num":4990,"source_id":"msrc","external_id":"CVE-2026-11083","title":"CVE-2026-11083: Chromium: CVE-2026-11083 Inappropriate implementation in Password Manager","severity":"unknown","cvss":null,"cves":["CVE-2026-11083"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11083","csirts_url":"https://www.csirts.com/advisory/cve-2026-11083-4990"},{"num":4991,"source_id":"msrc","external_id":"CVE-2026-11085","title":"CVE-2026-11085: Chromium: CVE-2026-11085 Integer overflow in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-11085"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11085","csirts_url":"https://www.csirts.com/advisory/cve-2026-11085-4991"},{"num":4992,"source_id":"msrc","external_id":"CVE-2026-11091","title":"CVE-2026-11091: Chromium: CVE-2026-11091 Inappropriate implementation in Dawn","severity":"unknown","cvss":null,"cves":["CVE-2026-11091"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11091","csirts_url":"https://www.csirts.com/advisory/cve-2026-11091-4992"},{"num":4993,"source_id":"msrc","external_id":"CVE-2026-11092","title":"CVE-2026-11092: Chromium: CVE-2026-11092 Insufficient policy enforcement in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11092"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11092","csirts_url":"https://www.csirts.com/advisory/cve-2026-11092-4993"},{"num":4994,"source_id":"msrc","external_id":"CVE-2026-11094","title":"CVE-2026-11094: Chromium: CVE-2026-11094 Use after free in Codecs","severity":"unknown","cvss":null,"cves":["CVE-2026-11094"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11094","csirts_url":"https://www.csirts.com/advisory/cve-2026-11094-4994"},{"num":4995,"source_id":"msrc","external_id":"CVE-2026-11104","title":"CVE-2026-11104: Chromium: CVE-2026-11104 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11104"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11104","csirts_url":"https://www.csirts.com/advisory/cve-2026-11104-4995"},{"num":4996,"source_id":"msrc","external_id":"CVE-2026-11110","title":"CVE-2026-11110: Chromium: CVE-2026-11110 Uninitialized Use in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-11110"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11110","csirts_url":"https://www.csirts.com/advisory/cve-2026-11110-4996"},{"num":4997,"source_id":"msrc","external_id":"CVE-2026-11112","title":"CVE-2026-11112: Chromium: CVE-2026-11112 Insufficient validation of untrusted input in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11112"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11112","csirts_url":"https://www.csirts.com/advisory/cve-2026-11112-4997"},{"num":4998,"source_id":"msrc","external_id":"CVE-2026-11115","title":"CVE-2026-11115: Chromium: CVE-2026-11115 Use after free in Updater","severity":"unknown","cvss":null,"cves":["CVE-2026-11115"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11115","csirts_url":"https://www.csirts.com/advisory/cve-2026-11115-4998"},{"num":4999,"source_id":"msrc","external_id":"CVE-2026-11116","title":"CVE-2026-11116: Chromium: CVE-2026-11116 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11116"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11116","csirts_url":"https://www.csirts.com/advisory/cve-2026-11116-4999"},{"num":5000,"source_id":"msrc","external_id":"CVE-2026-11117","title":"CVE-2026-11117: Chromium: CVE-2026-11117 Use after free in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-11117"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11117","csirts_url":"https://www.csirts.com/advisory/cve-2026-11117-5000"},{"num":5001,"source_id":"msrc","external_id":"CVE-2026-11118","title":"CVE-2026-11118: Chromium: CVE-2026-11118 Use after free in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-11118"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11118","csirts_url":"https://www.csirts.com/advisory/cve-2026-11118-5001"},{"num":5002,"source_id":"msrc","external_id":"CVE-2026-11120","title":"CVE-2026-11120: Chromium: CVE-2026-11120 Insufficient validation of untrusted input in Enterprise Reporting","severity":"unknown","cvss":null,"cves":["CVE-2026-11120"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11120","csirts_url":"https://www.csirts.com/advisory/cve-2026-11120-5002"},{"num":5003,"source_id":"msrc","external_id":"CVE-2026-11121","title":"CVE-2026-11121: Chromium: CVE-2026-11121 Insufficient validation of untrusted input in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-11121"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11121","csirts_url":"https://www.csirts.com/advisory/cve-2026-11121-5003"},{"num":5004,"source_id":"msrc","external_id":"CVE-2026-11124","title":"CVE-2026-11124: Chromium: CVE-2026-11124 Heap buffer overflow in Skia","severity":"unknown","cvss":null,"cves":["CVE-2026-11124"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11124","csirts_url":"https://www.csirts.com/advisory/cve-2026-11124-5004"},{"num":5005,"source_id":"msrc","external_id":"CVE-2026-11275","title":"CVE-2026-11275: Chromium: CVE-2026-11275 Insufficient policy enforcement in Page Info","severity":"unknown","cvss":null,"cves":["CVE-2026-11275"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11275","csirts_url":"https://www.csirts.com/advisory/cve-2026-11275-5005"},{"num":5006,"source_id":"msrc","external_id":"CVE-2026-11276","title":"CVE-2026-11276: Chromium: CVE-2026-11276 Inappropriate implementation in Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-11276"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11276","csirts_url":"https://www.csirts.com/advisory/cve-2026-11276-5006"},{"num":5007,"source_id":"msrc","external_id":"CVE-2026-11283","title":"CVE-2026-11283: Chromium: CVE-2026-11283 Policy bypass in Shortcuts","severity":"unknown","cvss":null,"cves":["CVE-2026-11283"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11283","csirts_url":"https://www.csirts.com/advisory/cve-2026-11283-5007"},{"num":5008,"source_id":"msrc","external_id":"CVE-2026-11284","title":"CVE-2026-11284: Chromium: CVE-2026-11284 Side-channel information leakage in PerformanceAPIs","severity":"unknown","cvss":null,"cves":["CVE-2026-11284"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11284","csirts_url":"https://www.csirts.com/advisory/cve-2026-11284-5008"},{"num":5009,"source_id":"msrc","external_id":"CVE-2026-11282","title":"CVE-2026-11282: Chromium: CVE-2026-11282 Policy bypass in Sandbox","severity":"unknown","cvss":null,"cves":["CVE-2026-11282"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11282","csirts_url":"https://www.csirts.com/advisory/cve-2026-11282-5009"},{"num":5010,"source_id":"msrc","external_id":"CVE-2026-11281","title":"CVE-2026-11281: Chromium: CVE-2026-11281 Integer overflow in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-11281"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11281","csirts_url":"https://www.csirts.com/advisory/cve-2026-11281-5010"},{"num":5011,"source_id":"msrc","external_id":"CVE-2026-11279","title":"CVE-2026-11279: Chromium: CVE-2026-11279 Out of bounds read in DevTools","severity":"unknown","cvss":null,"cves":["CVE-2026-11279"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11279","csirts_url":"https://www.csirts.com/advisory/cve-2026-11279-5011"},{"num":5012,"source_id":"msrc","external_id":"CVE-2026-11286","title":"CVE-2026-11286: Chromium: CVE-2026-11286 Insufficient validation of untrusted input in Wallet","severity":"unknown","cvss":null,"cves":["CVE-2026-11286"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11286","csirts_url":"https://www.csirts.com/advisory/cve-2026-11286-5012"},{"num":5013,"source_id":"msrc","external_id":"CVE-2026-11288","title":"CVE-2026-11288: Chromium: CVE-2026-11288 Policy bypass in CSS","severity":"unknown","cvss":null,"cves":["CVE-2026-11288"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11288","csirts_url":"https://www.csirts.com/advisory/cve-2026-11288-5013"},{"num":5014,"source_id":"msrc","external_id":"CVE-2026-11292","title":"CVE-2026-11292: Chromium: CVE-2026-11292 Policy bypass in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-11292"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11292","csirts_url":"https://www.csirts.com/advisory/cve-2026-11292-5014"},{"num":5015,"source_id":"msrc","external_id":"CVE-2026-11289","title":"CVE-2026-11289: Chromium: CVE-2026-11289 Side-channel information leakage in Paint","severity":"unknown","cvss":null,"cves":["CVE-2026-11289"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11289","csirts_url":"https://www.csirts.com/advisory/cve-2026-11289-5015"},{"num":5016,"source_id":"msrc","external_id":"CVE-2026-11294","title":"CVE-2026-11294: Chromium: CVE-2026-11294 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-11294"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11294","csirts_url":"https://www.csirts.com/advisory/cve-2026-11294-5016"},{"num":5017,"source_id":"msrc","external_id":"CVE-2026-11293","title":"CVE-2026-11293: Chromium: CVE-2026-11293 Use after free in Input","severity":"unknown","cvss":null,"cves":["CVE-2026-11293"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11293","csirts_url":"https://www.csirts.com/advisory/cve-2026-11293-5017"},{"num":5018,"source_id":"msrc","external_id":"CVE-2026-11296","title":"CVE-2026-11296: Chromium: CVE-2026-11296 Inappropriate implementation in ImageCapture","severity":"unknown","cvss":null,"cves":["CVE-2026-11296"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11296","csirts_url":"https://www.csirts.com/advisory/cve-2026-11296-5018"},{"num":5019,"source_id":"msrc","external_id":"CVE-2026-11299","title":"CVE-2026-11299: Chromium: CVE-2026-11299 Out of bounds read in Fonts","severity":"unknown","cvss":null,"cves":["CVE-2026-11299"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11299","csirts_url":"https://www.csirts.com/advisory/cve-2026-11299-5019"},{"num":5020,"source_id":"msrc","external_id":"CVE-2026-11300","title":"CVE-2026-11300: Chromium: CVE-2026-11300 Inappropriate implementation in Permissions","severity":"unknown","cvss":null,"cves":["CVE-2026-11300"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11300","csirts_url":"https://www.csirts.com/advisory/cve-2026-11300-5020"},{"num":5021,"source_id":"msrc","external_id":"CVE-2026-11301","title":"CVE-2026-11301: Chromium: CVE-2026-11301 Out of bounds read in LiveCaption","severity":"unknown","cvss":null,"cves":["CVE-2026-11301"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11301","csirts_url":"https://www.csirts.com/advisory/cve-2026-11301-5021"},{"num":5022,"source_id":"msrc","external_id":"CVE-2026-11303","title":"CVE-2026-11303: Chromium: CVE-2026-11303 Use after free in PDFium","severity":"unknown","cvss":null,"cves":["CVE-2026-11303"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11303","csirts_url":"https://www.csirts.com/advisory/cve-2026-11303-5022"},{"num":5023,"source_id":"msrc","external_id":"CVE-2026-11304","title":"CVE-2026-11304: Chromium: CVE-2026-11304 Use after free in PDFium","severity":"unknown","cvss":null,"cves":["CVE-2026-11304"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11304","csirts_url":"https://www.csirts.com/advisory/cve-2026-11304-5023"},{"num":5024,"source_id":"msrc","external_id":"CVE-2026-11305","title":"CVE-2026-11305: Chromium: CVE-2026-11305 Use after free in PDFium","severity":"unknown","cvss":null,"cves":["CVE-2026-11305"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11305","csirts_url":"https://www.csirts.com/advisory/cve-2026-11305-5024"},{"num":5025,"source_id":"msrc","external_id":"CVE-2026-11306","title":"CVE-2026-11306: Chromium: CVE-2026-11306 Use after free in PDFium","severity":"unknown","cvss":null,"cves":["CVE-2026-11306"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11306","csirts_url":"https://www.csirts.com/advisory/cve-2026-11306-5025"},{"num":5026,"source_id":"msrc","external_id":"CVE-2026-11309","title":"CVE-2026-11309: Chromium: CVE-2026-11309 Insufficient policy enforcement in History","severity":"unknown","cvss":null,"cves":["CVE-2026-11309"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11309","csirts_url":"https://www.csirts.com/advisory/cve-2026-11309-5026"},{"num":5027,"source_id":"msrc","external_id":"CVE-2026-11308","title":"CVE-2026-11308: Chromium: CVE-2026-11308 Inappropriate implementation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11308"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11308","csirts_url":"https://www.csirts.com/advisory/cve-2026-11308-5027"},{"num":5028,"source_id":"msrc","external_id":"CVE-2026-11307","title":"CVE-2026-11307: Chromium: CVE-2026-11307 Use after free in PDFium","severity":"unknown","cvss":null,"cves":["CVE-2026-11307"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11307","csirts_url":"https://www.csirts.com/advisory/cve-2026-11307-5028"},{"num":5029,"source_id":"msrc","external_id":"CVE-2026-50507","title":"CVE-2026-50507: Windows BitLocker Security Feature Bypass Vulnerability","severity":"medium","cvss":6.8,"cves":["CVE-2026-50507"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50507","csirts_url":"https://www.csirts.com/advisory/cve-2026-50507-5029"},{"num":5030,"source_id":"msrc","external_id":"CVE-2026-50511","title":"CVE-2026-50511: Microsoft PC Manager Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-50511"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50511","csirts_url":"https://www.csirts.com/advisory/cve-2026-50511-5030"},{"num":5031,"source_id":"msrc","external_id":"CVE-2026-50512","title":"CVE-2026-50512: Microsoft PC Manager Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-50512"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50512","csirts_url":"https://www.csirts.com/advisory/cve-2026-50512-5031"},{"num":5032,"source_id":"msrc","external_id":"CVE-2026-11297","title":"CVE-2026-11297: Chromium: CVE-2026-11297 Insufficient validation of untrusted input in Reader Mode","severity":"unknown","cvss":null,"cves":["CVE-2026-11297"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11297","csirts_url":"https://www.csirts.com/advisory/cve-2026-11297-5032"},{"num":5033,"source_id":"msrc","external_id":"CVE-2026-10883","title":"CVE-2026-10883: Chromium: CVE-2026-10883 Out of bounds write in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10883"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10883","csirts_url":"https://www.csirts.com/advisory/cve-2026-10883-5033"},{"num":5034,"source_id":"msrc","external_id":"CVE-2026-10892","title":"CVE-2026-10892: Chromium: CVE-2026-10892 Out of bounds write in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-10892"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10892","csirts_url":"https://www.csirts.com/advisory/cve-2026-10892-5034"},{"num":5035,"source_id":"msrc","external_id":"CVE-2026-10923","title":"CVE-2026-10923: Chromium: CVE-2026-10923 Use after free in WebAppInstalls","severity":"unknown","cvss":null,"cves":["CVE-2026-10923"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10923","csirts_url":"https://www.csirts.com/advisory/cve-2026-10923-5035"},{"num":5036,"source_id":"msrc","external_id":"CVE-2026-10929","title":"CVE-2026-10929: Chromium: CVE-2026-10929 Heap buffer overflow in ANGLE","severity":"unknown","cvss":null,"cves":["CVE-2026-10929"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10929","csirts_url":"https://www.csirts.com/advisory/cve-2026-10929-5036"},{"num":5037,"source_id":"msrc","external_id":"CVE-2026-10934","title":"CVE-2026-10934: Chromium: CVE-2026-10934 Use after free in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-10934"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10934","csirts_url":"https://www.csirts.com/advisory/cve-2026-10934-5037"},{"num":5174,"source_id":"msrc","external_id":"CVE-2026-47645","title":"CVE-2026-47645: Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-47645"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47645","csirts_url":"https://www.csirts.com/advisory/cve-2026-47645-5174"},{"num":5175,"source_id":"msrc","external_id":"CVE-2026-47646","title":"CVE-2026-47646: Dynamics 365 Customer Voice Spoofing Vulnerability","severity":"critical","cvss":9.3,"cves":["CVE-2026-47646"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47646","csirts_url":"https://www.csirts.com/advisory/cve-2026-47646-5175"},{"num":5176,"source_id":"msrc","external_id":"CVE-2026-13038","title":"CVE-2026-13038: Chromium: CVE-2026-13038 Use after free in Autofill","severity":"unknown","cvss":null,"cves":["CVE-2026-13038"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13038","csirts_url":"https://www.csirts.com/advisory/cve-2026-13038-5176"},{"num":5177,"source_id":"msrc","external_id":"CVE-2026-42910","title":"CVE-2026-42910: Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42910"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42910","csirts_url":"https://www.csirts.com/advisory/cve-2026-42910-5177"},{"num":5178,"source_id":"msrc","external_id":"CVE-2026-44802","title":"CVE-2026-44802: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44802"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44802","csirts_url":"https://www.csirts.com/advisory/cve-2026-44802-5178"},{"num":5179,"source_id":"msrc","external_id":"CVE-2026-45638","title":"CVE-2026-45638: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-45638"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45638","csirts_url":"https://www.csirts.com/advisory/cve-2026-45638-5179"},{"num":5180,"source_id":"msrc","external_id":"CVE-2026-32208","title":"CVE-2026-32208: Microsoft Entra ID Spoofing Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-32208"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32208","csirts_url":"https://www.csirts.com/advisory/cve-2026-32208-5180"},{"num":1804,"source_id":"msrc","external_id":"CVE-2026-52912","title":"CVE-2026-52912: netfilter: nf_queue: hold bridge skb->dev while queued","severity":"high","cvss":7.8,"cves":["CVE-2026-52912"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52912","csirts_url":"https://www.csirts.com/advisory/cve-2026-52912-1804"},{"num":1805,"source_id":"msrc","external_id":"CVE-2026-53059","title":"CVE-2026-53059: dm log: fix out-of-bounds write due to region_count overflow","severity":"high","cvss":7,"cves":["CVE-2026-53059"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53059","csirts_url":"https://www.csirts.com/advisory/cve-2026-53059-1805"},{"num":1814,"source_id":"msrc","external_id":"CVE-2026-53021","title":"CVE-2026-53021: scsi: target: core: Fix integer overflow in UNMAP bounds check","severity":"medium","cvss":6.1,"cves":["CVE-2026-53021"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53021","csirts_url":"https://www.csirts.com/advisory/cve-2026-53021-1814"},{"num":1821,"source_id":"msrc","external_id":"CVE-2026-53212","title":"CVE-2026-53212: netfilter: nft_tunnel: fix use-after-free on object destroy","severity":"high","cvss":7.1,"cves":["CVE-2026-53212"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53212","csirts_url":"https://www.csirts.com/advisory/cve-2026-53212-1821"},{"num":1822,"source_id":"msrc","external_id":"CVE-2026-57062","title":"CVE-2026-57062: CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182.","severity":"low","cvss":2.9,"cves":["CVE-2026-57062"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57062","csirts_url":"https://www.csirts.com/advisory/cve-2026-57062-1822"},{"num":5061,"source_id":"msrc","external_id":"CVE-2026-12014","title":"CVE-2026-12014: Chromium: CVE-2026-12014 Use after free Cast","severity":"unknown","cvss":null,"cves":["CVE-2026-12014"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12014","csirts_url":"https://www.csirts.com/advisory/cve-2026-12014-5061"},{"num":1838,"source_id":"msrc","external_id":"CVE-2026-53043","title":"CVE-2026-53043: ocfs2/dlm: validate qr_numregions in dlm_match_regions()","severity":"critical","cvss":9.8,"cves":["CVE-2026-53043"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53043","csirts_url":"https://www.csirts.com/advisory/cve-2026-53043-1838"},{"num":5062,"source_id":"msrc","external_id":"CVE-2026-12013","title":"CVE-2026-12013: Chromium: CVE-2026-12013 Use after free Media","severity":"unknown","cvss":null,"cves":["CVE-2026-12013"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12013","csirts_url":"https://www.csirts.com/advisory/cve-2026-12013-5062"},{"num":1871,"source_id":"msrc","external_id":"CVE-2026-10722","title":"CVE-2026-10722: cilium ebpf LoadCollectionSpec/LoadCollectionSpecFromReader btf.go loadRawSpec integer overflow","severity":"low","cvss":3.3,"cves":["CVE-2026-10722"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10722","csirts_url":"https://www.csirts.com/advisory/cve-2026-10722-1871"},{"num":1900,"source_id":"msrc","external_id":"CVE-2026-40930","title":"CVE-2026-40930: LIBPNG: Chunk smuggling in push-mode APNG parser via unconsumed chunk body","severity":"medium","cvss":5.4,"cves":["CVE-2026-40930"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-40930","csirts_url":"https://www.csirts.com/advisory/cve-2026-40930-1900"},{"num":1906,"source_id":"msrc","external_id":"CVE-2026-53177","title":"CVE-2026-53177: bnxt_en: Fix NULL pointer dereference","severity":"medium","cvss":5.5,"cves":["CVE-2026-53177"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53177","csirts_url":"https://www.csirts.com/advisory/cve-2026-53177-1906"},{"num":5063,"source_id":"msrc","external_id":"CVE-2026-12010","title":"CVE-2026-12010: Chromium: CVE-2026-12010 Heap buffer overflow GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-12010"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12010","csirts_url":"https://www.csirts.com/advisory/cve-2026-12010-5063"},{"num":2015,"source_id":"msrc","external_id":"CVE-2026-52910","title":"CVE-2026-52910: bpf: Free reuseport cBPF prog after RCU grace period.","severity":"high","cvss":7.8,"cves":["CVE-2026-52910"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52910","csirts_url":"https://www.csirts.com/advisory/cve-2026-52910-2015"},{"num":2016,"source_id":"msrc","external_id":"CVE-2026-52908","title":"CVE-2026-52908: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible","severity":"high","cvss":7.8,"cves":["CVE-2026-52908"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52908","csirts_url":"https://www.csirts.com/advisory/cve-2026-52908-2016"},{"num":2017,"source_id":"msrc","external_id":"CVE-2026-58050","title":"CVE-2026-58050: libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation","severity":"high","cvss":7,"cves":["CVE-2026-58050"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58050","csirts_url":"https://www.csirts.com/advisory/cve-2026-58050-2017"},{"num":2018,"source_id":"msrc","external_id":"CVE-2026-58051","title":"CVE-2026-58051: libssh2 - Free of Uninitialized Pointer in publickey List Cleanup","severity":"medium","cvss":6.5,"cves":["CVE-2026-58051"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58051","csirts_url":"https://www.csirts.com/advisory/cve-2026-58051-2018"},{"num":2019,"source_id":"msrc","external_id":"CVE-2026-58058","title":"CVE-2026-58058: Nmap - Integer Underflow in IPv6 Extension Header Parsing","severity":"medium","cvss":6.5,"cves":["CVE-2026-58058"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58058","csirts_url":"https://www.csirts.com/advisory/cve-2026-58058-2019"},{"num":2020,"source_id":"msrc","external_id":"CVE-2026-54369","title":"CVE-2026-54369: acl < 2.4.0 Symlink Traversal Privilege Escalation via libacl Functions","severity":"high","cvss":7.1,"cves":["CVE-2026-54369"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54369","csirts_url":"https://www.csirts.com/advisory/cve-2026-54369-2020"},{"num":2021,"source_id":"msrc","external_id":"CVE-2026-42055","title":"CVE-2026-42055: NGINX ngx_http_proxy_v2_module and ngx_http_grpc_module vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-42055"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42055","csirts_url":"https://www.csirts.com/advisory/cve-2026-42055-2021"},{"num":5064,"source_id":"msrc","external_id":"CVE-2026-12009","title":"CVE-2026-12009: Chromium: CVE-2026-12009 Insufficient validation of untrusted input Accessibility","severity":"unknown","cvss":null,"cves":["CVE-2026-12009"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12009","csirts_url":"https://www.csirts.com/advisory/cve-2026-12009-5064"},{"num":5065,"source_id":"msrc","external_id":"CVE-2026-11648","title":"CVE-2026-11648: Chromium: CVE-2026-11647 Use after free in Printing","severity":"unknown","cvss":null,"cves":["CVE-2026-11648"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11648","csirts_url":"https://www.csirts.com/advisory/cve-2026-11648-5065"},{"num":2069,"source_id":"msrc","external_id":"CVE-2026-53113","title":"CVE-2026-53113: wifi: ath11k: fix memory leaks in beacon template setup","severity":"medium","cvss":5.5,"cves":["CVE-2026-53113"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53113","csirts_url":"https://www.csirts.com/advisory/cve-2026-53113-2069"},{"num":2075,"source_id":"msrc","external_id":"CVE-2026-52954","title":"CVE-2026-52954: libceph: handle rbtree insertion error in decode_choose_args()","severity":"medium","cvss":5.5,"cves":["CVE-2026-52954"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52954","csirts_url":"https://www.csirts.com/advisory/cve-2026-52954-2075"},{"num":2076,"source_id":"msrc","external_id":"CVE-2026-53148","title":"CVE-2026-53148: thunderbolt: Clamp XDomain response data copy to allocation size","severity":"high","cvss":7,"cves":["CVE-2026-53148"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53148","csirts_url":"https://www.csirts.com/advisory/cve-2026-53148-2076"},{"num":2077,"source_id":"msrc","external_id":"CVE-2026-53093","title":"CVE-2026-53093: wifi: brcmfmac: Fix error pointer dereference","severity":"medium","cvss":5.5,"cves":["CVE-2026-53093"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53093","csirts_url":"https://www.csirts.com/advisory/cve-2026-53093-2077"},{"num":2083,"source_id":"msrc","external_id":"CVE-2026-53006","title":"CVE-2026-53006: ipv6: fix possible UAF in icmpv6_rcv()","severity":"high","cvss":7,"cves":["CVE-2026-53006"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53006","csirts_url":"https://www.csirts.com/advisory/cve-2026-53006-2083"},{"num":5066,"source_id":"msrc","external_id":"CVE-2026-11649","title":"CVE-2026-11649: Chromium: CVE-2026-11648 Use after free in FullScreen","severity":"unknown","cvss":null,"cves":["CVE-2026-11649"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11649","csirts_url":"https://www.csirts.com/advisory/cve-2026-11649-5066"},{"num":2118,"source_id":"msrc","external_id":"CVE-2026-53147","title":"CVE-2026-53147: thunderbolt: Validate XDomain request packet size before type cast","severity":"medium","cvss":5.5,"cves":["CVE-2026-53147"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53147","csirts_url":"https://www.csirts.com/advisory/cve-2026-53147-2118"},{"num":2123,"source_id":"msrc","external_id":"CVE-2026-9675","title":"CVE-2026-9675: undici WebSocket client vulnerable to denial of service via cumulative fragment bypass","severity":"high","cvss":7.5,"cves":["CVE-2026-9675"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9675","csirts_url":"https://www.csirts.com/advisory/cve-2026-9675-2123"},{"num":2133,"source_id":"msrc","external_id":"CVE-2026-48563","title":"CVE-2026-48563: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-48563"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48563","csirts_url":"https://www.csirts.com/advisory/cve-2026-48563-2133"},{"num":2134,"source_id":"msrc","external_id":"CVE-2026-48566","title":"CVE-2026-48566: Windows DWM Core Library Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-48566"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48566","csirts_url":"https://www.csirts.com/advisory/cve-2026-48566-2134"},{"num":2135,"source_id":"msrc","external_id":"CVE-2026-48568","title":"CVE-2026-48568: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-48568"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48568","csirts_url":"https://www.csirts.com/advisory/cve-2026-48568-2135"},{"num":2136,"source_id":"msrc","external_id":"CVE-2026-48570","title":"CVE-2026-48570: Secure Boot Security Feature Bypass Vulnerability","severity":"high","cvss":7.9,"cves":["CVE-2026-48570"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48570","csirts_url":"https://www.csirts.com/advisory/cve-2026-48570-2136"},{"num":2148,"source_id":"msrc","external_id":"CVE-2026-52975","title":"CVE-2026-52975: bonding: 3ad: implement proper RCU rules for port->aggregator","severity":"medium","cvss":5.5,"cves":["CVE-2026-52975"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52975","csirts_url":"https://www.csirts.com/advisory/cve-2026-52975-2148"},{"num":5067,"source_id":"msrc","external_id":"CVE-2026-11652","title":"CVE-2026-11652: Chromium: CVE-2026-11651 Use after free in Network","severity":"unknown","cvss":null,"cves":["CVE-2026-11652"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11652","csirts_url":"https://www.csirts.com/advisory/cve-2026-11652-5067"},{"num":5068,"source_id":"msrc","external_id":"CVE-2026-11650","title":"CVE-2026-11650: Chromium: CVE-2026-11649 Use after free in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11650"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11650","csirts_url":"https://www.csirts.com/advisory/cve-2026-11650-5068"},{"num":5069,"source_id":"msrc","external_id":"CVE-2026-11653","title":"CVE-2026-11653: Chromium: CVE-2026-11652 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11653"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11653","csirts_url":"https://www.csirts.com/advisory/cve-2026-11653-5069"},{"num":5070,"source_id":"msrc","external_id":"CVE-2026-11651","title":"CVE-2026-11651: Chromium: CVE-2026-11650 Use after free in V8","severity":"unknown","cvss":null,"cves":["CVE-2026-11651"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11651","csirts_url":"https://www.csirts.com/advisory/cve-2026-11651-5070"},{"num":5071,"source_id":"msrc","external_id":"CVE-2026-11654","title":"CVE-2026-11654: Chromium: CVE-2026-11653 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-11654"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11654","csirts_url":"https://www.csirts.com/advisory/cve-2026-11654-5071"},{"num":2214,"source_id":"msrc","external_id":"CVE-2026-53159","title":"CVE-2026-53159: misc: fastrpc: fix DMA address corruption due to find_vma misuse","severity":"high","cvss":7.8,"cves":["CVE-2026-53159"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53159","csirts_url":"https://www.csirts.com/advisory/cve-2026-53159-2214"},{"num":2248,"source_id":"msrc","external_id":"CVE-2026-53060","title":"CVE-2026-53060: dm cache metadata: fix memory leak on metadata abort retry","severity":"medium","cvss":5.5,"cves":["CVE-2026-53060"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53060","csirts_url":"https://www.csirts.com/advisory/cve-2026-53060-2248"},{"num":5072,"source_id":"msrc","external_id":"CVE-2026-11655","title":"CVE-2026-11655: Chromium: CVE-2026-11654 Use after free in CameraCapture","severity":"unknown","cvss":null,"cves":["CVE-2026-11655"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11655","csirts_url":"https://www.csirts.com/advisory/cve-2026-11655-5072"},{"num":5073,"source_id":"msrc","external_id":"CVE-2026-11657","title":"CVE-2026-11657: Chromium: CVE-2026-11656 Use after free in ServiceWorker","severity":"unknown","cvss":null,"cves":["CVE-2026-11657"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11657","csirts_url":"https://www.csirts.com/advisory/cve-2026-11657-5073"},{"num":5074,"source_id":"msrc","external_id":"CVE-2026-11656","title":"CVE-2026-11656: Chromium: CVE-2026-11655 Integer overflow in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-11656"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11656","csirts_url":"https://www.csirts.com/advisory/cve-2026-11656-5074"},{"num":5075,"source_id":"msrc","external_id":"CVE-2026-12439","title":"CVE-2026-12439: Chromium: CVE-2026-12439 Use after free in Digital Credentials","severity":"unknown","cvss":null,"cves":["CVE-2026-12439"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12439","csirts_url":"https://www.csirts.com/advisory/cve-2026-12439-5075"},{"num":5076,"source_id":"msrc","external_id":"CVE-2026-12440","title":"CVE-2026-12440: Chromium: CVE-2026-12440 Use after free in DigitalCredentials","severity":"unknown","cvss":null,"cves":["CVE-2026-12440"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12440","csirts_url":"https://www.csirts.com/advisory/cve-2026-12440-5076"},{"num":5077,"source_id":"msrc","external_id":"CVE-2026-12445","title":"CVE-2026-12445: Chromium: CVE-2026-12445 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12445"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12445","csirts_url":"https://www.csirts.com/advisory/cve-2026-12445-5077"},{"num":5078,"source_id":"msrc","external_id":"CVE-2026-12446","title":"CVE-2026-12446: Chromium: CVE-2026-12446 Insufficient data validation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-12446"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12446","csirts_url":"https://www.csirts.com/advisory/cve-2026-12446-5078"},{"num":5079,"source_id":"msrc","external_id":"CVE-2026-12451","title":"CVE-2026-12451: Chromium: CVE-2026-12451 Use after free in DigitalCredentials","severity":"unknown","cvss":null,"cves":["CVE-2026-12451"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12451","csirts_url":"https://www.csirts.com/advisory/cve-2026-12451-5079"},{"num":5080,"source_id":"msrc","external_id":"CVE-2026-12441","title":"CVE-2026-12441: Chromium: CVE-2026-12441 Use after free in File Input","severity":"unknown","cvss":null,"cves":["CVE-2026-12441"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12441","csirts_url":"https://www.csirts.com/advisory/cve-2026-12441-5080"},{"num":5081,"source_id":"msrc","external_id":"CVE-2026-12447","title":"CVE-2026-12447: Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-12447"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12447","csirts_url":"https://www.csirts.com/advisory/cve-2026-12447-5081"},{"num":5082,"source_id":"msrc","external_id":"CVE-2026-12443","title":"CVE-2026-12443: Chromium: CVE-2026-12443 Use after free in Web Authentication","severity":"unknown","cvss":null,"cves":["CVE-2026-12443"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12443","csirts_url":"https://www.csirts.com/advisory/cve-2026-12443-5082"},{"num":5083,"source_id":"msrc","external_id":"CVE-2026-12452","title":"CVE-2026-12452: Chromium: CVE-2026-12452 Use after free in Downloads","severity":"unknown","cvss":null,"cves":["CVE-2026-12452"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12452","csirts_url":"https://www.csirts.com/advisory/cve-2026-12452-5083"},{"num":5084,"source_id":"msrc","external_id":"CVE-2026-12453","title":"CVE-2026-12453: Chromium: CVE-2026-12453 Insufficient validation of untrusted input in Input","severity":"unknown","cvss":null,"cves":["CVE-2026-12453"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12453","csirts_url":"https://www.csirts.com/advisory/cve-2026-12453-5084"},{"num":5085,"source_id":"msrc","external_id":"CVE-2026-12455","title":"CVE-2026-12455: Chromium: CVE-2026-12455 Use after free in Tab Strip","severity":"unknown","cvss":null,"cves":["CVE-2026-12455"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12455","csirts_url":"https://www.csirts.com/advisory/cve-2026-12455-5085"},{"num":5086,"source_id":"msrc","external_id":"CVE-2026-12456","title":"CVE-2026-12456: Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12456"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12456","csirts_url":"https://www.csirts.com/advisory/cve-2026-12456-5086"},{"num":2324,"source_id":"msrc","external_id":"CVE-2026-52974","title":"CVE-2026-52974: net: tls: fix strparser anchor skb leak on offload RX setup failure","severity":"medium","cvss":5.5,"cves":["CVE-2026-52974"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52974","csirts_url":"https://www.csirts.com/advisory/cve-2026-52974-2324"},{"num":5087,"source_id":"msrc","external_id":"CVE-2026-12458","title":"CVE-2026-12458: Chromium: CVE-2026-12458 Incorrect security UI in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-12458"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12458","csirts_url":"https://www.csirts.com/advisory/cve-2026-12458-5087"},{"num":5088,"source_id":"msrc","external_id":"CVE-2026-12457","title":"CVE-2026-12457: Chromium: CVE-2026-12457 Insufficient data validation in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12457"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12457","csirts_url":"https://www.csirts.com/advisory/cve-2026-12457-5088"},{"num":2366,"source_id":"msrc","external_id":"CVE-2026-52911","title":"CVE-2026-52911: ksmbd: scope conn->binding slowpath to bound sessions only","severity":"high","cvss":8.4,"cves":["CVE-2026-52911"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52911","csirts_url":"https://www.csirts.com/advisory/cve-2026-52911-2366"},{"num":5089,"source_id":"msrc","external_id":"CVE-2026-12459","title":"CVE-2026-12459: Chromium: CVE-2026-12459 Inappropriate implementation in Serial","severity":"unknown","cvss":null,"cves":["CVE-2026-12459"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12459","csirts_url":"https://www.csirts.com/advisory/cve-2026-12459-5089"},{"num":5090,"source_id":"msrc","external_id":"CVE-2026-12460","title":"CVE-2026-12460: Chromium: CVE-2026-12460 Insufficient policy enforcement in File System Access","severity":"unknown","cvss":null,"cves":["CVE-2026-12460"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12460","csirts_url":"https://www.csirts.com/advisory/cve-2026-12460-5090"},{"num":5091,"source_id":"msrc","external_id":"CVE-2026-12462","title":"CVE-2026-12462: Chromium: CVE-2026-12462 Use after free in Media","severity":"unknown","cvss":null,"cves":["CVE-2026-12462"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12462","csirts_url":"https://www.csirts.com/advisory/cve-2026-12462-5091"},{"num":2415,"source_id":"msrc","external_id":"CVE-2026-53076","title":"CVE-2026-53076: bpf: Fix OOB in pcpu_init_value","severity":"medium","cvss":5.5,"cves":["CVE-2026-53076"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53076","csirts_url":"https://www.csirts.com/advisory/cve-2026-53076-2415"},{"num":5092,"source_id":"msrc","external_id":"CVE-2026-12464","title":"CVE-2026-12464: Chromium: CVE-2026-12464 Use after free in Browser","severity":"unknown","cvss":null,"cves":["CVE-2026-12464"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12464","csirts_url":"https://www.csirts.com/advisory/cve-2026-12464-5092"},{"num":2430,"source_id":"msrc","external_id":"CVE-2026-53049","title":"CVE-2026-53049: gfs2: add some missing log locking","severity":"critical","cvss":9.8,"cves":["CVE-2026-53049"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53049","csirts_url":"https://www.csirts.com/advisory/cve-2026-53049-2430"},{"num":2432,"source_id":"msrc","external_id":"CVE-2026-53198","title":"CVE-2026-53198: ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL","severity":"high","cvss":7.8,"cves":["CVE-2026-53198"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53198","csirts_url":"https://www.csirts.com/advisory/cve-2026-53198-2432"},{"num":5093,"source_id":"msrc","external_id":"CVE-2026-12463","title":"CVE-2026-12463: Chromium: CVE-2026-12463 Inappropriate implementation in Views","severity":"unknown","cvss":null,"cves":["CVE-2026-12463"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12463","csirts_url":"https://www.csirts.com/advisory/cve-2026-12463-5093"},{"num":5094,"source_id":"msrc","external_id":"CVE-2026-12465","title":"CVE-2026-12465: Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics","severity":"unknown","cvss":null,"cves":["CVE-2026-12465"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12465","csirts_url":"https://www.csirts.com/advisory/cve-2026-12465-5094"},{"num":5095,"source_id":"msrc","external_id":"CVE-2026-12454","title":"CVE-2026-12454: Chromium: CVE-2026-12454 Race in Safe Browsing","severity":"unknown","cvss":null,"cves":["CVE-2026-12454"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12454","csirts_url":"https://www.csirts.com/advisory/cve-2026-12454-5095"},{"num":5096,"source_id":"msrc","external_id":"CVE-2026-12467","title":"CVE-2026-12467: Chromium: CVE-2026-12467 Use after free in Extensions","severity":"unknown","cvss":null,"cves":["CVE-2026-12467"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12467","csirts_url":"https://www.csirts.com/advisory/cve-2026-12467-5096"},{"num":5097,"source_id":"msrc","external_id":"CVE-2026-12468","title":"CVE-2026-12468: Chromium: CVE-2026-12468 Inappropriate implementation in Updater","severity":"unknown","cvss":null,"cves":["CVE-2026-12468"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12468","csirts_url":"https://www.csirts.com/advisory/cve-2026-12468-5097"},{"num":2451,"source_id":"msrc","external_id":"CVE-2026-53214","title":"CVE-2026-53214: ipv6: Fix a potential NPD in cleanup_prefix_route()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53214"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53214","csirts_url":"https://www.csirts.com/advisory/cve-2026-53214-2451"},{"num":2461,"source_id":"msrc","external_id":"CVE-2026-52929","title":"CVE-2026-52929: sctp: stream: fully roll back denied add-stream state","severity":"medium","cvss":5.5,"cves":["CVE-2026-52929"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52929","csirts_url":"https://www.csirts.com/advisory/cve-2026-52929-2461"},{"num":2479,"source_id":"msrc","external_id":"CVE-2026-53073","title":"CVE-2026-53073: Bluetooth: hci_ldisc: Clear HCI_UART_PROTO_INIT on error","severity":"high","cvss":7,"cves":["CVE-2026-53073"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53073","csirts_url":"https://www.csirts.com/advisory/cve-2026-53073-2479"},{"num":5098,"source_id":"msrc","external_id":"CVE-2026-12449","title":"CVE-2026-12449: Chromium: CVE-2026-12449 Use after free in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-12449"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12449","csirts_url":"https://www.csirts.com/advisory/cve-2026-12449-5098"},{"num":5099,"source_id":"msrc","external_id":"CVE-2026-12444","title":"CVE-2026-12444: Chromium: CVE-2026-12444 Out of bounds read in Chromoting","severity":"unknown","cvss":null,"cves":["CVE-2026-12444"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12444","csirts_url":"https://www.csirts.com/advisory/cve-2026-12444-5099"},{"num":2534,"source_id":"msrc","external_id":"CVE-2026-53045","title":"CVE-2026-53045: memory: tegra124-emc: Fix dll_change check","severity":"critical","cvss":9.8,"cves":["CVE-2026-53045"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53045","csirts_url":"https://www.csirts.com/advisory/cve-2026-53045-2534"},{"num":5100,"source_id":"msrc","external_id":"CVE-2026-12437","title":"CVE-2026-12437: Chromium: CVE-2026-12437 Use after free in WebShare","severity":"unknown","cvss":null,"cves":["CVE-2026-12437"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12437","csirts_url":"https://www.csirts.com/advisory/cve-2026-12437-5100"},{"num":5101,"source_id":"msrc","external_id":"CVE-2026-12461","title":"CVE-2026-12461: Chromium: CVE-2026-12461 Out of bounds read in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-12461"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12461","csirts_url":"https://www.csirts.com/advisory/cve-2026-12461-5101"},{"num":5102,"source_id":"msrc","external_id":"CVE-2026-12466","title":"CVE-2026-12466: Chromium: CVE-2026-12466 Heap buffer overflow in WebRTC","severity":"unknown","cvss":null,"cves":["CVE-2026-12466"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12466","csirts_url":"https://www.csirts.com/advisory/cve-2026-12466-5102"},{"num":5103,"source_id":"msrc","external_id":"CVE-2026-13036","title":"CVE-2026-13036: Chromium: CVE-2026-13036 Use after free in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-13036"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13036","csirts_url":"https://www.csirts.com/advisory/cve-2026-13036-5103"},{"num":5104,"source_id":"msrc","external_id":"CVE-2026-13035","title":"CVE-2026-13035: Chromium: CVE-2026-13035 Use after free in Bluetooth","severity":"unknown","cvss":null,"cves":["CVE-2026-13035"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13035","csirts_url":"https://www.csirts.com/advisory/cve-2026-13035-5104"},{"num":5105,"source_id":"msrc","external_id":"CVE-2026-13034","title":"CVE-2026-13034: Chromium: CVE-2026-13034 Inappropriate implementation in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-13034"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13034","csirts_url":"https://www.csirts.com/advisory/cve-2026-13034-5105"},{"num":5106,"source_id":"msrc","external_id":"CVE-2026-13033","title":"CVE-2026-13033: Chromium: CVE-2026-13033 Out of bounds read in Blink>InterestGroups","severity":"unknown","cvss":null,"cves":["CVE-2026-13033"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13033","csirts_url":"https://www.csirts.com/advisory/cve-2026-13033-5106"},{"num":5107,"source_id":"msrc","external_id":"CVE-2026-13031","title":"CVE-2026-13031: Chromium: CVE-2026-13031 Use after free in Blink","severity":"unknown","cvss":null,"cves":["CVE-2026-13031"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13031","csirts_url":"https://www.csirts.com/advisory/cve-2026-13031-5107"},{"num":2605,"source_id":"msrc","external_id":"CVE-2026-52936","title":"CVE-2026-52936: crypto: jitterentropy - replace long-held spinlock with mutex","severity":"medium","cvss":5.5,"cves":["CVE-2026-52936"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52936","csirts_url":"https://www.csirts.com/advisory/cve-2026-52936-2605"},{"num":5108,"source_id":"msrc","external_id":"CVE-2026-13029","title":"CVE-2026-13029: Chromium: CVE-2026-13029 Use after free in Web Authentication","severity":"unknown","cvss":null,"cves":["CVE-2026-13029"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-13029","csirts_url":"https://www.csirts.com/advisory/cve-2026-13029-5108"},{"num":5109,"source_id":"msrc","external_id":"CVE-2026-50521","title":"CVE-2026-50521: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability","severity":"high","cvss":8.3,"cves":["CVE-2026-50521"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50521","csirts_url":"https://www.csirts.com/advisory/cve-2026-50521-5109"},{"num":5110,"source_id":"msrc","external_id":"CVE-2026-12028","title":"CVE-2026-12028: Chromium: CVE-2026-12028 Use after free GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-12028"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12028","csirts_url":"https://www.csirts.com/advisory/cve-2026-12028-5110"},{"num":5111,"source_id":"msrc","external_id":"CVE-2026-11647","title":"CVE-2026-11647: Chromium: CVE-2026-11647 Use after free in Printing","severity":"unknown","cvss":null,"cves":["CVE-2026-11647"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11647","csirts_url":"https://www.csirts.com/advisory/cve-2026-11647-5111"},{"num":2662,"source_id":"msrc","external_id":"CVE-2026-53107","title":"CVE-2026-53107: wifi: libertas: don't kill URBs in interrupt context","severity":"critical","cvss":9.8,"cves":["CVE-2026-53107"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53107","csirts_url":"https://www.csirts.com/advisory/cve-2026-53107-2662"},{"num":5112,"source_id":"msrc","external_id":"CVE-2026-12030","title":"CVE-2026-12030: Chromium: CVE-2026-12031 Inappropriate implementation Views","severity":"unknown","cvss":null,"cves":["CVE-2026-12030"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12030","csirts_url":"https://www.csirts.com/advisory/cve-2026-12030-5112"},{"num":5113,"source_id":"msrc","external_id":"CVE-2026-12032","title":"CVE-2026-12032: Chromium: CVE-2026-12032 Inappropriate implementation Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-12032"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12032","csirts_url":"https://www.csirts.com/advisory/cve-2026-12032-5113"},{"num":5114,"source_id":"msrc","external_id":"CVE-2026-12438","title":"CVE-2026-12438: Chromium: CVE-2026-12438 Inappropriate implementation in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-12438"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12438","csirts_url":"https://www.csirts.com/advisory/cve-2026-12438-5114"},{"num":5115,"source_id":"msrc","external_id":"CVE-2026-12469","title":"CVE-2026-12469: Chromium: CVE-2026-12469 Uninitialized Use in GPU","severity":"unknown","cvss":null,"cves":["CVE-2026-12469"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12469","csirts_url":"https://www.csirts.com/advisory/cve-2026-12469-5115"},{"num":5116,"source_id":"msrc","external_id":"CVE-2026-12448","title":"CVE-2026-12448: Chromium: CVE-2026-12448 Inappropriate implementation in WebView","severity":"unknown","cvss":null,"cves":["CVE-2026-12448"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12448","csirts_url":"https://www.csirts.com/advisory/cve-2026-12448-5116"},{"num":5117,"source_id":"msrc","external_id":"CVE-2026-12442","title":"CVE-2026-12442: Chromium: CVE-2026-12442 Use after free in Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-12442"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-12442","csirts_url":"https://www.csirts.com/advisory/cve-2026-12442-5117"},{"num":5118,"source_id":"msrc","external_id":"CVE-2026-42836","title":"CVE-2026-42836: Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-42836"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42836","csirts_url":"https://www.csirts.com/advisory/cve-2026-42836-5118"},{"num":5119,"source_id":"msrc","external_id":"CVE-2026-42837","title":"CVE-2026-42837: Windows Projected File System Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42837"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42837","csirts_url":"https://www.csirts.com/advisory/cve-2026-42837-5119"},{"num":5120,"source_id":"msrc","external_id":"CVE-2026-42903","title":"CVE-2026-42903: Windows Kerberos Denial of Service Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-42903"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42903","csirts_url":"https://www.csirts.com/advisory/cve-2026-42903-5120"},{"num":5121,"source_id":"msrc","external_id":"CVE-2026-42904","title":"CVE-2026-42904: Windows TCP/IP Elevation of Privilege Vulnerability","severity":"critical","cvss":9.6,"cves":["CVE-2026-42904"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42904","csirts_url":"https://www.csirts.com/advisory/cve-2026-42904-5121"},{"num":5122,"source_id":"msrc","external_id":"CVE-2026-42905","title":"CVE-2026-42905: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42905"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42905","csirts_url":"https://www.csirts.com/advisory/cve-2026-42905-5122"},{"num":5123,"source_id":"msrc","external_id":"CVE-2026-42906","title":"CVE-2026-42906: Windows Shell Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42906"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42906","csirts_url":"https://www.csirts.com/advisory/cve-2026-42906-5123"},{"num":5124,"source_id":"msrc","external_id":"CVE-2026-42907","title":"CVE-2026-42907: Windows Shell Information Disclosure Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-42907"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42907","csirts_url":"https://www.csirts.com/advisory/cve-2026-42907-5124"},{"num":5125,"source_id":"msrc","external_id":"CVE-2026-42908","title":"CVE-2026-42908: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-42908"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42908","csirts_url":"https://www.csirts.com/advisory/cve-2026-42908-5125"},{"num":5126,"source_id":"msrc","external_id":"CVE-2026-42980","title":"CVE-2026-42980: NT OS Kernel Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42980"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42980","csirts_url":"https://www.csirts.com/advisory/cve-2026-42980-5126"},{"num":5127,"source_id":"msrc","external_id":"CVE-2026-42909","title":"CVE-2026-42909: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-42909"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42909","csirts_url":"https://www.csirts.com/advisory/cve-2026-42909-5127"},{"num":5128,"source_id":"msrc","external_id":"CVE-2026-42916","title":"CVE-2026-42916: NT OS Kernel Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42916"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42916","csirts_url":"https://www.csirts.com/advisory/cve-2026-42916-5128"},{"num":5129,"source_id":"msrc","external_id":"CVE-2026-42911","title":"CVE-2026-42911: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-42911"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42911","csirts_url":"https://www.csirts.com/advisory/cve-2026-42911-5129"},{"num":3047,"source_id":"msrc","external_id":"CVE-2026-53039","title":"CVE-2026-53039: ocfs2: validate group add input before caching","severity":"high","cvss":7.8,"cves":["CVE-2026-53039"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53039","csirts_url":"https://www.csirts.com/advisory/cve-2026-53039-3047"},{"num":3062,"source_id":"msrc","external_id":"CVE-2026-53220","title":"CVE-2026-53220: netfilter: revalidate bridge ports","severity":"medium","cvss":5.5,"cves":["CVE-2026-53220"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53220","csirts_url":"https://www.csirts.com/advisory/cve-2026-53220-3062"},{"num":3202,"source_id":"msrc","external_id":"CVE-2026-53258","title":"CVE-2026-53258: wifi: fix leak if split 6 GHz scanning fails","severity":"medium","cvss":5.5,"cves":["CVE-2026-53258"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53258","csirts_url":"https://www.csirts.com/advisory/cve-2026-53258-3202"},{"num":3222,"source_id":"msrc","external_id":"CVE-2026-49851","title":"CVE-2026-49851: Mistune: Potential DoS via quadratic-time parsing in parse_link_text","severity":"unknown","cvss":null,"cves":["CVE-2026-49851"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49851","csirts_url":"https://www.csirts.com/advisory/cve-2026-49851-3222"},{"num":3237,"source_id":"msrc","external_id":"CVE-2026-53096","title":"CVE-2026-53096: bpf: Use RCU-safe iteration in dev_map_redirect_multi() SKB path","severity":"medium","cvss":5.5,"cves":["CVE-2026-53096"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53096","csirts_url":"https://www.csirts.com/advisory/cve-2026-53096-3237"},{"num":5130,"source_id":"msrc","external_id":"CVE-2026-42913","title":"CVE-2026-42913: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-42913"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42913","csirts_url":"https://www.csirts.com/advisory/cve-2026-42913-5130"},{"num":3315,"source_id":"msrc","external_id":"CVE-2026-56131","title":"CVE-2026-56131: libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation).","severity":"medium","cvss":4.9,"cves":["CVE-2026-56131"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56131","csirts_url":"https://www.csirts.com/advisory/cve-2026-56131-3315"},{"num":5131,"source_id":"msrc","external_id":"CVE-2026-42912","title":"CVE-2026-42912: Windows Telephony Service Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-42912"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42912","csirts_url":"https://www.csirts.com/advisory/cve-2026-42912-5131"},{"num":5132,"source_id":"msrc","external_id":"CVE-2026-42914","title":"CVE-2026-42914: Windows Kerberos Denial of Service Vulnerability","severity":"medium","cvss":5.3,"cves":["CVE-2026-42914"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42914","csirts_url":"https://www.csirts.com/advisory/cve-2026-42914-5132"},{"num":3409,"source_id":"msrc","external_id":"CVE-2026-53274","title":"CVE-2026-53274: net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS","severity":"medium","cvss":5.5,"cves":["CVE-2026-53274"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53274","csirts_url":"https://www.csirts.com/advisory/cve-2026-53274-3409"},{"num":3431,"source_id":"msrc","external_id":"CVE-2026-53065","title":"CVE-2026-53065: ASoC: sti: use managed regmap_field allocations","severity":"medium","cvss":5.5,"cves":["CVE-2026-53065"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53065","csirts_url":"https://www.csirts.com/advisory/cve-2026-53065-3431"},{"num":3465,"source_id":"msrc","external_id":"CVE-2026-52915","title":"CVE-2026-52915: netfilter: ip6t_hbh: reject oversized option lists","severity":"medium","cvss":5.5,"cves":["CVE-2026-52915"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52915","csirts_url":"https://www.csirts.com/advisory/cve-2026-52915-3465"},{"num":3489,"source_id":"msrc","external_id":"CVE-2026-9697","title":"CVE-2026-9697: undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent","severity":"high","cvss":7.4,"cves":["CVE-2026-9697"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9697","csirts_url":"https://www.csirts.com/advisory/cve-2026-9697-3489"},{"num":3492,"source_id":"msrc","external_id":"CVE-2026-53112","title":"CVE-2026-53112: wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irq_prepare_bcn_tasklet","severity":"medium","cvss":4.7,"cves":["CVE-2026-53112"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53112","csirts_url":"https://www.csirts.com/advisory/cve-2026-53112-3492"},{"num":3493,"source_id":"msrc","external_id":"CVE-2026-9539","title":"CVE-2026-9539: libslirp TCP URG OOB Read Information Leak","severity":"medium","cvss":6.5,"cves":["CVE-2026-9539"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-9539","csirts_url":"https://www.csirts.com/advisory/cve-2026-9539-3493"},{"num":3497,"source_id":"msrc","external_id":"CVE-2026-53230","title":"CVE-2026-53230: net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list","severity":"high","cvss":7.1,"cves":["CVE-2026-53230"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53230","csirts_url":"https://www.csirts.com/advisory/cve-2026-53230-3497"},{"num":3501,"source_id":"msrc","external_id":"CVE-2026-53228","title":"CVE-2026-53228: ipv6: sit: reload inner IPv6 header after GSO offloads","severity":"high","cvss":7,"cves":["CVE-2026-53228"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53228","csirts_url":"https://www.csirts.com/advisory/cve-2026-53228-3501"},{"num":3504,"source_id":"msrc","external_id":"CVE-2026-52956","title":"CVE-2026-52956: libceph: Fix potential out-of-bounds access in __ceph_x_decrypt()","severity":"critical","cvss":9.8,"cves":["CVE-2026-52956"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52956","csirts_url":"https://www.csirts.com/advisory/cve-2026-52956-3504"},{"num":5133,"source_id":"msrc","external_id":"CVE-2026-42915","title":"CVE-2026-42915: Microsoft Windows VMSwitch Denial of Service Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42915"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42915","csirts_url":"https://www.csirts.com/advisory/cve-2026-42915-5133"},{"num":5134,"source_id":"msrc","external_id":"CVE-2026-42968","title":"CVE-2026-42968: Windows Telephony Server Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42968"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42968","csirts_url":"https://www.csirts.com/advisory/cve-2026-42968-5134"},{"num":3542,"source_id":"msrc","external_id":"CVE-2026-53194","title":"CVE-2026-53194: USB: serial: kl5kusb105: fix bulk-out buffer overflow","severity":"high","cvss":7.8,"cves":["CVE-2026-53194"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53194","csirts_url":"https://www.csirts.com/advisory/cve-2026-53194-3542"},{"num":3546,"source_id":"msrc","external_id":"CVE-2026-53013","title":"CVE-2026-53013: macvlan: fix macvlan_get_size() not reserving space for IFLA_MACVLAN_BC_CUTOFF","severity":"medium","cvss":5.5,"cves":["CVE-2026-53013"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53013","csirts_url":"https://www.csirts.com/advisory/cve-2026-53013-3546"},{"num":3563,"source_id":"msrc","external_id":"CVE-2026-52986","title":"CVE-2026-52986: netfilter: nf_conntrack_sip: don't use simple_strtoul","severity":"high","cvss":7.5,"cves":["CVE-2026-52986"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52986","csirts_url":"https://www.csirts.com/advisory/cve-2026-52986-3563"},{"num":3576,"source_id":"msrc","external_id":"CVE-2026-53115","title":"CVE-2026-53115: bus: fsl-mc: use generic driver_override infrastructure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53115"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53115","csirts_url":"https://www.csirts.com/advisory/cve-2026-53115-3576"},{"num":3586,"source_id":"msrc","external_id":"CVE-2026-53161","title":"CVE-2026-53161: misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context","severity":"high","cvss":7,"cves":["CVE-2026-53161"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53161","csirts_url":"https://www.csirts.com/advisory/cve-2026-53161-3586"},{"num":5135,"source_id":"msrc","external_id":"CVE-2026-42972","title":"CVE-2026-42972: Windows Hyper-V Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42972"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42972","csirts_url":"https://www.csirts.com/advisory/cve-2026-42972-5135"},{"num":5136,"source_id":"msrc","external_id":"CVE-2026-42969","title":"CVE-2026-42969: Windows Push Notification Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42969"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42969","csirts_url":"https://www.csirts.com/advisory/cve-2026-42969-5136"},{"num":5137,"source_id":"msrc","external_id":"CVE-2026-42971","title":"CVE-2026-42971: Windows Push Notification Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42971"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42971","csirts_url":"https://www.csirts.com/advisory/cve-2026-42971-5137"},{"num":5138,"source_id":"msrc","external_id":"CVE-2026-42970","title":"CVE-2026-42970: Windows Push Notification Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42970"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42970","csirts_url":"https://www.csirts.com/advisory/cve-2026-42970-5138"},{"num":5139,"source_id":"msrc","external_id":"CVE-2026-42973","title":"CVE-2026-42973: Windows Push Notification Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-42973"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42973","csirts_url":"https://www.csirts.com/advisory/cve-2026-42973-5139"},{"num":5140,"source_id":"msrc","external_id":"CVE-2026-42984","title":"CVE-2026-42984: Windows Kernel Elevation of Privilege Vulnerability","severity":"high","cvss":7,"cves":["CVE-2026-42984"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42984","csirts_url":"https://www.csirts.com/advisory/cve-2026-42984-5140"},{"num":5141,"source_id":"msrc","external_id":"CVE-2026-42981","title":"CVE-2026-42981: Windows Performance Monitor Remote Code Execution Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-42981"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42981","csirts_url":"https://www.csirts.com/advisory/cve-2026-42981-5141"},{"num":5142,"source_id":"msrc","external_id":"CVE-2026-42974","title":"CVE-2026-42974: Windows Performance Monitor Remote Code Execution Vulnerability","severity":"high","cvss":8.1,"cves":["CVE-2026-42974"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42974","csirts_url":"https://www.csirts.com/advisory/cve-2026-42974-5142"},{"num":3693,"source_id":"msrc","external_id":"CVE-2026-53163","title":"CVE-2026-53163: locking/rtmutex: Skip remove_waiter() when waiter is not enqueued","severity":"medium","cvss":5.5,"cves":["CVE-2026-53163"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53163","csirts_url":"https://www.csirts.com/advisory/cve-2026-53163-3693"},{"num":5143,"source_id":"msrc","external_id":"CVE-2026-42986","title":"CVE-2026-42986: Microsoft Graphics Component Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42986"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42986","csirts_url":"https://www.csirts.com/advisory/cve-2026-42986-5143"},{"num":3727,"source_id":"msrc","external_id":"CVE-2026-53022","title":"CVE-2026-53022: platform/x86: dell-wmi-sysman: bound enumeration string aggregation","severity":"medium","cvss":5.5,"cves":["CVE-2026-53022"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53022","csirts_url":"https://www.csirts.com/advisory/cve-2026-53022-3727"},{"num":5144,"source_id":"msrc","external_id":"CVE-2026-42978","title":"CVE-2026-42978: Windows Push Notifications Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42978"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42978","csirts_url":"https://www.csirts.com/advisory/cve-2026-42978-5144"},{"num":5145,"source_id":"msrc","external_id":"CVE-2026-42977","title":"CVE-2026-42977: Windows Push Notifications Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42977"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42977","csirts_url":"https://www.csirts.com/advisory/cve-2026-42977-5145"},{"num":5146,"source_id":"msrc","external_id":"CVE-2026-42979","title":"CVE-2026-42979: Windows Push Notifications Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42979"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42979","csirts_url":"https://www.csirts.com/advisory/cve-2026-42979-5146"},{"num":3819,"source_id":"msrc","external_id":"CVE-2026-53158","title":"CVE-2026-53158: misc: fastrpc: Fix NULL pointer dereference in rpmsg callback","severity":"medium","cvss":5.5,"cves":["CVE-2026-53158"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53158","csirts_url":"https://www.csirts.com/advisory/cve-2026-53158-3819"},{"num":5147,"source_id":"msrc","external_id":"CVE-2026-42991","title":"CVE-2026-42991: Windows Push Notifications Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42991"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42991","csirts_url":"https://www.csirts.com/advisory/cve-2026-42991-5147"},{"num":5148,"source_id":"msrc","external_id":"CVE-2026-42989","title":"CVE-2026-42989: Winlogon Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42989"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42989","csirts_url":"https://www.csirts.com/advisory/cve-2026-42989-5148"},{"num":5149,"source_id":"msrc","external_id":"CVE-2026-44809","title":"CVE-2026-44809: Windows Common Log File System Driver Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44809"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44809","csirts_url":"https://www.csirts.com/advisory/cve-2026-44809-5149"},{"num":3895,"source_id":"msrc","external_id":"CVE-2026-48779","title":"CVE-2026-48779: ws: Memory exhaustion DoS from tiny fragments and data chunks","severity":"high","cvss":7.5,"cves":["CVE-2026-48779"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48779","csirts_url":"https://www.csirts.com/advisory/cve-2026-48779-3895"},{"num":3920,"source_id":"msrc","external_id":"CVE-2026-54905","title":"CVE-2026-54905: concurrent-ruby: `ReentrantReadWriteLock` read-count overflow grants a write lock without exclusivity","severity":"medium","cvss":5.5,"cves":["CVE-2026-54905"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-54905","csirts_url":"https://www.csirts.com/advisory/cve-2026-54905-3920"},{"num":3930,"source_id":"msrc","external_id":"CVE-2026-53120","title":"CVE-2026-53120: PCI: use generic driver_override infrastructure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53120"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53120","csirts_url":"https://www.csirts.com/advisory/cve-2026-53120-3930"},{"num":3931,"source_id":"msrc","external_id":"CVE-2026-53151","title":"CVE-2026-53151: rxrpc: Fix the ACK parser to extract the SACK table for parsing","severity":"medium","cvss":5.5,"cves":["CVE-2026-53151"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53151","csirts_url":"https://www.csirts.com/advisory/cve-2026-53151-3931"},{"num":3940,"source_id":"msrc","external_id":"CVE-2026-52934","title":"CVE-2026-52934: batman-adv: tvlv: reject oversized TVLV packets","severity":"critical","cvss":9.8,"cves":["CVE-2026-52934"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52934","csirts_url":"https://www.csirts.com/advisory/cve-2026-52934-3940"},{"num":3941,"source_id":"msrc","external_id":"CVE-2026-52918","title":"CVE-2026-52918: Bluetooth: serialize accept_q access","severity":"high","cvss":7.1,"cves":["CVE-2026-52918"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52918","csirts_url":"https://www.csirts.com/advisory/cve-2026-52918-3941"},{"num":5150,"source_id":"msrc","external_id":"CVE-2026-44810","title":"CVE-2026-44810: Microsoft Cryptographic Services Elevation of Privilege Vulnerability","severity":"high","cvss":8.4,"cves":["CVE-2026-44810"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44810","csirts_url":"https://www.csirts.com/advisory/cve-2026-44810-5150"},{"num":5151,"source_id":"msrc","external_id":"CVE-2026-42992","title":"CVE-2026-42992: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-42992"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42992","csirts_url":"https://www.csirts.com/advisory/cve-2026-42992-5151"},{"num":5152,"source_id":"msrc","external_id":"CVE-2026-44805","title":"CVE-2026-44805: Windows Network Controller (NC) Host Agent Denial of Service Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-44805"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44805","csirts_url":"https://www.csirts.com/advisory/cve-2026-44805-5152"},{"num":3979,"source_id":"msrc","external_id":"CVE-2026-53249","title":"CVE-2026-53249: ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options","severity":"high","cvss":7,"cves":["CVE-2026-53249"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53249","csirts_url":"https://www.csirts.com/advisory/cve-2026-53249-3979"},{"num":5153,"source_id":"msrc","external_id":"CVE-2026-44811","title":"CVE-2026-44811: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44811"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44811","csirts_url":"https://www.csirts.com/advisory/cve-2026-44811-5153"},{"num":4004,"source_id":"msrc","external_id":"CVE-2026-52942","title":"CVE-2026-52942: netfilter: nf_log: validate MAC header was set before dumping it","severity":"high","cvss":7.1,"cves":["CVE-2026-52942"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52942","csirts_url":"https://www.csirts.com/advisory/cve-2026-52942-4004"},{"num":5154,"source_id":"msrc","external_id":"CVE-2026-44808","title":"CVE-2026-44808: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44808"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44808","csirts_url":"https://www.csirts.com/advisory/cve-2026-44808-5154"},{"num":5155,"source_id":"msrc","external_id":"CVE-2026-44807","title":"CVE-2026-44807: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44807"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44807","csirts_url":"https://www.csirts.com/advisory/cve-2026-44807-5155"},{"num":5156,"source_id":"msrc","external_id":"CVE-2026-44799","title":"CVE-2026-44799: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-44799"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44799","csirts_url":"https://www.csirts.com/advisory/cve-2026-44799-5156"},{"num":5157,"source_id":"msrc","external_id":"CVE-2026-44815","title":"CVE-2026-44815: DHCP Client Service Remote Code Execution Vulnerability","severity":"critical","cvss":9.8,"cves":["CVE-2026-44815"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44815","csirts_url":"https://www.csirts.com/advisory/cve-2026-44815-5157"},{"num":5158,"source_id":"msrc","external_id":"CVE-2026-42983","title":"CVE-2026-42983: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-42983"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42983","csirts_url":"https://www.csirts.com/advisory/cve-2026-42983-5158"},{"num":4016,"source_id":"msrc","external_id":"CVE-2026-46275","title":"CVE-2026-46275: Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths","severity":"high","cvss":7,"cves":["CVE-2026-46275"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46275","csirts_url":"https://www.csirts.com/advisory/cve-2026-46275-4016"},{"num":4017,"source_id":"msrc","external_id":"CVE-2026-46285","title":"CVE-2026-46285: mtd: docg3: fix use-after-free in docg3_release()","severity":"high","cvss":7.1,"cves":["CVE-2026-46285"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46285","csirts_url":"https://www.csirts.com/advisory/cve-2026-46285-4017"},{"num":4018,"source_id":"msrc","external_id":"CVE-2026-46280","title":"CVE-2026-46280: lib: test_hmm: evict device pages on file close to avoid use-after-free","severity":"medium","cvss":5.5,"cves":["CVE-2026-46280"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46280","csirts_url":"https://www.csirts.com/advisory/cve-2026-46280-4018"},{"num":5159,"source_id":"msrc","external_id":"CVE-2026-44814","title":"CVE-2026-44814: Windows DWM Core Library Information Disclosure Vulnerability","severity":"medium","cvss":5.5,"cves":["CVE-2026-44814"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44814","csirts_url":"https://www.csirts.com/advisory/cve-2026-44814-5159"},{"num":5160,"source_id":"msrc","external_id":"CVE-2026-44801","title":"CVE-2026-44801: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-44801"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44801","csirts_url":"https://www.csirts.com/advisory/cve-2026-44801-5160"},{"num":5161,"source_id":"msrc","external_id":"CVE-2026-42985","title":"CVE-2026-42985: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":8.8,"cves":["CVE-2026-42985"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42985","csirts_url":"https://www.csirts.com/advisory/cve-2026-42985-5161"},{"num":5162,"source_id":"msrc","external_id":"CVE-2026-42987","title":"CVE-2026-42987: Windows Deployment Services (WDS) Remote Code Execution","severity":"high","cvss":8.1,"cves":["CVE-2026-42987"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42987","csirts_url":"https://www.csirts.com/advisory/cve-2026-42987-5162"},{"num":5163,"source_id":"msrc","external_id":"CVE-2026-44803","title":"CVE-2026-44803: Windows Graphics Component Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44803"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44803","csirts_url":"https://www.csirts.com/advisory/cve-2026-44803-5163"},{"num":5164,"source_id":"msrc","external_id":"CVE-2026-44812","title":"CVE-2026-44812: Windows Graphics Component Remote Code Execution Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44812"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44812","csirts_url":"https://www.csirts.com/advisory/cve-2026-44812-5164"},{"num":4030,"source_id":"msrc","external_id":"CVE-2026-46312","title":"CVE-2026-46312: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap","severity":"medium","cvss":5.5,"cves":["CVE-2026-46312"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46312","csirts_url":"https://www.csirts.com/advisory/cve-2026-46312-4030"},{"num":4031,"source_id":"msrc","external_id":"CVE-2026-46301","title":"CVE-2026-46301: spi: topcliff-pch: fix use-after-free on unbind","severity":"high","cvss":7.8,"cves":["CVE-2026-46301"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46301","csirts_url":"https://www.csirts.com/advisory/cve-2026-46301-4031"},{"num":4032,"source_id":"msrc","external_id":"CVE-2026-46302","title":"CVE-2026-46302: selinux: allow multiple opens of /sys/fs/selinux/policy","severity":"medium","cvss":5.5,"cves":["CVE-2026-46302"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46302","csirts_url":"https://www.csirts.com/advisory/cve-2026-46302-4032"},{"num":4039,"source_id":"msrc","external_id":"CVE-2025-71315","title":"CVE-2025-71315: drm/vkms: Convert to DRM's vblank timer","severity":"medium","cvss":5.5,"cves":["CVE-2025-71315"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71315","csirts_url":"https://www.csirts.com/advisory/cve-2025-71315-4039"},{"num":4040,"source_id":"msrc","external_id":"CVE-2026-46296","title":"CVE-2026-46296: spi: s3c64xx: fix NULL-deref on driver unbind","severity":"medium","cvss":5.5,"cves":["CVE-2026-46296"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46296","csirts_url":"https://www.csirts.com/advisory/cve-2026-46296-4040"},{"num":4046,"source_id":"msrc","external_id":"CVE-2026-46287","title":"CVE-2026-46287: net: txgbe: fix RTNL assertion warning when remove module","severity":"medium","cvss":5.5,"cves":["CVE-2026-46287"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46287","csirts_url":"https://www.csirts.com/advisory/cve-2026-46287-4046"},{"num":4047,"source_id":"msrc","external_id":"CVE-2026-46299","title":"CVE-2026-46299: hfsplus: fix held lock freed on hfsplus_fill_super()","severity":"medium","cvss":5.5,"cves":["CVE-2026-46299"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46299","csirts_url":"https://www.csirts.com/advisory/cve-2026-46299-4047"},{"num":5165,"source_id":"msrc","external_id":"CVE-2026-42993","title":"CVE-2026-42993: Remote Desktop Client Remote Code Execution Vulnerability","severity":"high","cvss":7.5,"cves":["CVE-2026-42993"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42993","csirts_url":"https://www.csirts.com/advisory/cve-2026-42993-5165"},{"num":5166,"source_id":"msrc","external_id":"CVE-2026-44813","title":"CVE-2026-44813: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44813"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44813","csirts_url":"https://www.csirts.com/advisory/cve-2026-44813-5166"},{"num":5167,"source_id":"msrc","external_id":"CVE-2026-44804","title":"CVE-2026-44804: Windows DWM Core Library Elevation of Privilege Vulnerability","severity":"high","cvss":7.8,"cves":["CVE-2026-44804"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44804","csirts_url":"https://www.csirts.com/advisory/cve-2026-44804-5167"},{"num":4053,"source_id":"msrc","external_id":"CVE-2026-46321","title":"CVE-2026-46321: tun: free page on short-frame rejection in tun_xdp_one()","severity":"medium","cvss":5.5,"cves":["CVE-2026-46321"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46321","csirts_url":"https://www.csirts.com/advisory/cve-2026-46321-4053"},{"num":4054,"source_id":"msrc","external_id":"CVE-2026-46323","title":"CVE-2026-46323: net: gro: don't merge zcopy skbs","severity":"medium","cvss":6.6,"cves":["CVE-2026-46323"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46323","csirts_url":"https://www.csirts.com/advisory/cve-2026-46323-4054"},{"num":4055,"source_id":"msrc","external_id":"CVE-2026-46324","title":"CVE-2026-46324: netfilter: nf_tables: use list_del_rcu for netlink hooks","severity":"high","cvss":7.8,"cves":["CVE-2026-46324"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46324","csirts_url":"https://www.csirts.com/advisory/cve-2026-46324-4055"},{"num":4056,"source_id":"msrc","external_id":"CVE-2026-46320","title":"CVE-2026-46320: tap: free page on error paths in tap_get_user_xdp()","severity":"high","cvss":7.1,"cves":["CVE-2026-46320"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46320","csirts_url":"https://www.csirts.com/advisory/cve-2026-46320-4056"},{"num":5168,"source_id":"msrc","external_id":"CVE-2026-45497","title":"CVE-2026-45497: Microsoft M365 Copilot Remote Code Execution Vulnerability","severity":"high","cvss":7.7,"cves":["CVE-2026-45497"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45497","csirts_url":"https://www.csirts.com/advisory/cve-2026-45497-5168"},{"num":5169,"source_id":"msrc","external_id":"CVE-2026-42824","title":"CVE-2026-42824: M365 Copilot Information Disclosure Vulnerability","severity":"medium","cvss":6.5,"cves":["CVE-2026-42824"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42824","csirts_url":"https://www.csirts.com/advisory/cve-2026-42824-5169"},{"num":4067,"source_id":"msrc","external_id":"CVE-2026-46252","title":"CVE-2026-46252: regulator: core: fix locking in regulator_resolve_supply() error path","severity":"low","cvss":3.4,"cves":["CVE-2026-46252"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46252","csirts_url":"https://www.csirts.com/advisory/cve-2026-46252-4067"},{"num":4068,"source_id":"msrc","external_id":"CVE-2026-46244","title":"CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync","severity":"high","cvss":7,"cves":["CVE-2026-46244"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-46244","csirts_url":"https://www.csirts.com/advisory/cve-2026-46244-4068"},{"num":4069,"source_id":"msrc","external_id":"CVE-2026-42504","title":"CVE-2026-42504: Quadratic complexity in WordDecoder.DecodeHeader in mime","severity":"high","cvss":7.5,"cves":["CVE-2026-42504"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42504","csirts_url":"https://www.csirts.com/advisory/cve-2026-42504-4069"},{"num":4070,"source_id":"msrc","external_id":"CVE-2026-50219","title":"CVE-2026-50219: libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation. Thus, a use-after-free can occur,","severity":"medium","cvss":4.9,"cves":["CVE-2026-50219"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50219","csirts_url":"https://www.csirts.com/advisory/cve-2026-50219-4070"},{"num":4071,"source_id":"msrc","external_id":"CVE-2026-43958","title":"CVE-2026-43958: Rrdtool: rrdtool: stack buffer overflow allows local code execution or denial of service","severity":"high","cvss":7.8,"cves":["CVE-2026-43958"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-43958","csirts_url":"https://www.csirts.com/advisory/cve-2026-43958-4071"},{"num":4072,"source_id":"msrc","external_id":"CVE-2026-11463","title":"CVE-2026-11463: USCiLab Cereal Shared Pointer type confusion","severity":"high","cvss":7.3,"cves":["CVE-2026-11463"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-11463","csirts_url":"https://www.csirts.com/advisory/cve-2026-11463-4072"},{"num":4073,"source_id":"msrc","external_id":"CVE-2026-49975","title":"CVE-2026-49975: Apache HTTP Server: mod_http2 denial of service","severity":"high","cvss":7.5,"cves":["CVE-2026-49975"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-49975","csirts_url":"https://www.csirts.com/advisory/cve-2026-49975-4073"},{"num":4074,"source_id":"msrc","external_id":"CVE-2026-10879","title":"CVE-2026-10879: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders","severity":"high","cvss":8.6,"cves":["CVE-2026-10879"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-10879","csirts_url":"https://www.csirts.com/advisory/cve-2026-10879-4074"},{"num":4075,"source_id":"msrc","external_id":"CVE-2026-50256","title":"CVE-2026-50256: Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch","severity":"high","cvss":7.8,"cves":["CVE-2026-50256"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50256","csirts_url":"https://www.csirts.com/advisory/cve-2026-50256-4075"},{"num":4076,"source_id":"msrc","external_id":"CVE-2026-50262","title":"CVE-2026-50262: Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds read/write in glx changedrawableattributes","severity":"medium","cvss":5.5,"cves":["CVE-2026-50262"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50262","csirts_url":"https://www.csirts.com/advisory/cve-2026-50262-4076"},{"num":4077,"source_id":"msrc","external_id":"CVE-2026-50260","title":"CVE-2026-50260: Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in freecounter()","severity":"medium","cvss":6.6,"cves":["CVE-2026-50260"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50260","csirts_url":"https://www.csirts.com/advisory/cve-2026-50260-4077"},{"num":4078,"source_id":"msrc","external_id":"CVE-2026-50257","title":"CVE-2026-50257: Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in misyncdestroyfence()","severity":"medium","cvss":6.6,"cves":["CVE-2026-50257"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50257","csirts_url":"https://www.csirts.com/advisory/cve-2026-50257-4078"},{"num":4079,"source_id":"msrc","external_id":"CVE-2026-50258","title":"CVE-2026-50258: Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in xkb key types due to unchecked shift levels","severity":"high","cvss":7.8,"cves":["CVE-2026-50258"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50258","csirts_url":"https://www.csirts.com/advisory/cve-2026-50258-4079"},{"num":4080,"source_id":"msrc","external_id":"CVE-2026-50263","title":"CVE-2026-50263: Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free information disclosure in createsaverwindow()","severity":"medium","cvss":5.5,"cves":["CVE-2026-50263"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50263","csirts_url":"https://www.csirts.com/advisory/cve-2026-50263-4080"},{"num":4081,"source_id":"msrc","external_id":"CVE-2026-52977","title":"CVE-2026-52977: futex: Prevent lockup in requeue-PI during signal/ timeout wakeup","severity":"medium","cvss":5.5,"cves":["CVE-2026-52977"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52977","csirts_url":"https://www.csirts.com/advisory/cve-2026-52977-4081"},{"num":4082,"source_id":"msrc","external_id":"CVE-2026-53132","title":"CVE-2026-53132: vsock/virtio: fix potential unbounded skb queue","severity":"high","cvss":7,"cves":["CVE-2026-53132"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53132","csirts_url":"https://www.csirts.com/advisory/cve-2026-53132-4082"},{"num":4083,"source_id":"msrc","external_id":"CVE-2026-53190","title":"CVE-2026-53190: drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53190"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53190","csirts_url":"https://www.csirts.com/advisory/cve-2026-53190-4083"},{"num":4084,"source_id":"msrc","external_id":"CVE-2026-52961","title":"CVE-2026-52961: ceph: fix BUG_ON in __ceph_build_xattrs_blob() due to stale blob size","severity":"high","cvss":7.1,"cves":["CVE-2026-52961"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52961","csirts_url":"https://www.csirts.com/advisory/cve-2026-52961-4084"},{"num":4085,"source_id":"msrc","external_id":"CVE-2026-53011","title":"CVE-2026-53011: net/sched: taprio: fix use-after-free in advance_sched() on schedule switch","severity":"high","cvss":7,"cves":["CVE-2026-53011"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53011","csirts_url":"https://www.csirts.com/advisory/cve-2026-53011-4085"},{"num":4086,"source_id":"msrc","external_id":"CVE-2026-53041","title":"CVE-2026-53041: ocfs2: fix listxattr handling when the buffer is full","severity":"high","cvss":7.1,"cves":["CVE-2026-53041"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53041","csirts_url":"https://www.csirts.com/advisory/cve-2026-53041-4086"},{"num":4087,"source_id":"msrc","external_id":"CVE-2026-53208","title":"CVE-2026-53208: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig","severity":"high","cvss":7,"cves":["CVE-2026-53208"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53208","csirts_url":"https://www.csirts.com/advisory/cve-2026-53208-4087"},{"num":4088,"source_id":"msrc","external_id":"CVE-2026-53010","title":"CVE-2026-53010: ksmbd: fix use-after-free in smb2_open during durable reconnect","severity":"critical","cvss":9.8,"cves":["CVE-2026-53010"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53010","csirts_url":"https://www.csirts.com/advisory/cve-2026-53010-4088"},{"num":4089,"source_id":"msrc","external_id":"CVE-2026-52937","title":"CVE-2026-52937: tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR","severity":"medium","cvss":5.5,"cves":["CVE-2026-52937"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52937","csirts_url":"https://www.csirts.com/advisory/cve-2026-52937-4089"},{"num":4090,"source_id":"msrc","external_id":"CVE-2026-53106","title":"CVE-2026-53106: bpf: Do not allow deleting local storage in NMI","severity":"medium","cvss":5.5,"cves":["CVE-2026-53106"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53106","csirts_url":"https://www.csirts.com/advisory/cve-2026-53106-4090"},{"num":4091,"source_id":"msrc","external_id":"CVE-2026-53217","title":"CVE-2026-53217: net: mvpp2: sync RX data at the hardware packet offset","severity":"high","cvss":7.1,"cves":["CVE-2026-53217"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53217","csirts_url":"https://www.csirts.com/advisory/cve-2026-53217-4091"},{"num":4092,"source_id":"msrc","external_id":"CVE-2026-57435","title":"CVE-2026-57435: Nokogiri: Possible Use-After-Free when setting an attribute value via `Nokogiri::XML::Attr#value=` or `#content=`","severity":"high","cvss":7.5,"cves":["CVE-2026-57435"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57435","csirts_url":"https://www.csirts.com/advisory/cve-2026-57435-4092"},{"num":4093,"source_id":"msrc","external_id":"CVE-2026-53046","title":"CVE-2026-53046: ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine","severity":"medium","cvss":5.5,"cves":["CVE-2026-53046"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53046","csirts_url":"https://www.csirts.com/advisory/cve-2026-53046-4093"},{"num":4094,"source_id":"msrc","external_id":"CVE-2026-52972","title":"CVE-2026-52972: crypto: af_alg - Cap AEAD AD length to 0x80000000","severity":"high","cvss":7.8,"cves":["CVE-2026-52972"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52972","csirts_url":"https://www.csirts.com/advisory/cve-2026-52972-4094"},{"num":4095,"source_id":"msrc","external_id":"CVE-2026-52967","title":"CVE-2026-52967: smb/client: fix possible infinite loop and oob read in symlink_data()","severity":"medium","cvss":5.5,"cves":["CVE-2026-52967"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52967","csirts_url":"https://www.csirts.com/advisory/cve-2026-52967-4095"},{"num":4096,"source_id":"msrc","external_id":"CVE-2026-52989","title":"CVE-2026-52989: nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() errors to its callers","severity":"critical","cvss":9.8,"cves":["CVE-2026-52989"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52989","csirts_url":"https://www.csirts.com/advisory/cve-2026-52989-4096"},{"num":4097,"source_id":"msrc","external_id":"CVE-2026-53186","title":"CVE-2026-53186: RDMA/srp: bound SRP_RSP sense copy by the received length","severity":"high","cvss":7.1,"cves":["CVE-2026-53186"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53186","csirts_url":"https://www.csirts.com/advisory/cve-2026-53186-4097"},{"num":4098,"source_id":"msrc","external_id":"CVE-2026-53268","title":"CVE-2026-53268: netfilter: conntrack_irc: fix possible out-of-bounds read","severity":"high","cvss":7.1,"cves":["CVE-2026-53268"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53268","csirts_url":"https://www.csirts.com/advisory/cve-2026-53268-4098"},{"num":4099,"source_id":"msrc","external_id":"CVE-2026-53074","title":"CVE-2026-53074: bpf: reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb","severity":"medium","cvss":6.4,"cves":["CVE-2026-53074"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53074","csirts_url":"https://www.csirts.com/advisory/cve-2026-53074-4099"},{"num":4100,"source_id":"msrc","external_id":"CVE-2026-53048","title":"CVE-2026-53048: gfs2: prevent NULL pointer dereference during unmount","severity":"medium","cvss":5.5,"cves":["CVE-2026-53048"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53048","csirts_url":"https://www.csirts.com/advisory/cve-2026-53048-4100"},{"num":4101,"source_id":"msrc","external_id":"CVE-2026-53053","title":"CVE-2026-53053: iommu/amd: Fix clone_alias() to use the original device's devid","severity":"critical","cvss":9.8,"cves":["CVE-2026-53053"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53053","csirts_url":"https://www.csirts.com/advisory/cve-2026-53053-4101"},{"num":4102,"source_id":"msrc","external_id":"CVE-2026-57436","title":"CVE-2026-57436: Nokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node type","severity":"medium","cvss":5.3,"cves":["CVE-2026-57436"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57436","csirts_url":"https://www.csirts.com/advisory/cve-2026-57436-4102"},{"num":4103,"source_id":"msrc","external_id":"CVE-2026-52926","title":"CVE-2026-52926: batman-adv: clear current gateway during teardown","severity":"high","cvss":7.8,"cves":["CVE-2026-52926"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52926","csirts_url":"https://www.csirts.com/advisory/cve-2026-52926-4103"},{"num":4104,"source_id":"msrc","external_id":"CVE-2026-53068","title":"CVE-2026-53068: drm/komeda: fix integer overflow in AFBC framebuffer size check","severity":"high","cvss":7.8,"cves":["CVE-2026-53068"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53068","csirts_url":"https://www.csirts.com/advisory/cve-2026-53068-4104"},{"num":4105,"source_id":"msrc","external_id":"CVE-2026-53037","title":"CVE-2026-53037: HID: usbhid: fix deadlock in hid_post_reset()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53037"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53037","csirts_url":"https://www.csirts.com/advisory/cve-2026-53037-4105"},{"num":4106,"source_id":"msrc","external_id":"CVE-2026-52927","title":"CVE-2026-52927: netfilter: ebtables: fix OOB read in compat_mtw_from_user","severity":"medium","cvss":5.5,"cves":["CVE-2026-52927"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52927","csirts_url":"https://www.csirts.com/advisory/cve-2026-52927-4106"},{"num":4107,"source_id":"msrc","external_id":"CVE-2026-53219","title":"CVE-2026-53219: netfilter: x_tables: avoid leaking percpu counter pointers","severity":"medium","cvss":5.5,"cves":["CVE-2026-53219"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53219","csirts_url":"https://www.csirts.com/advisory/cve-2026-53219-4107"},{"num":4108,"source_id":"msrc","external_id":"CVE-2026-53058","title":"CVE-2026-53058: drm/bridge: cadence: cdns-mhdp8546-core: Set the mhdp connector earlier in atomic_enable()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53058"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53058","csirts_url":"https://www.csirts.com/advisory/cve-2026-53058-4108"},{"num":4109,"source_id":"msrc","external_id":"CVE-2026-53157","title":"CVE-2026-53157: net: phonet: free phonet_device after RCU grace period","severity":"high","cvss":7.8,"cves":["CVE-2026-53157"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53157","csirts_url":"https://www.csirts.com/advisory/cve-2026-53157-4109"},{"num":4110,"source_id":"msrc","external_id":"CVE-2026-53102","title":"CVE-2026-53102: wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53102"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53102","csirts_url":"https://www.csirts.com/advisory/cve-2026-53102-4110"},{"num":4111,"source_id":"msrc","external_id":"CVE-2026-53036","title":"CVE-2026-53036: bpf, arm64: Fix off-by-one in check_imm signed range check","severity":"critical","cvss":9.8,"cves":["CVE-2026-53036"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53036","csirts_url":"https://www.csirts.com/advisory/cve-2026-53036-4111"},{"num":4112,"source_id":"msrc","external_id":"CVE-2026-53247","title":"CVE-2026-53247: net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown","severity":"high","cvss":7.8,"cves":["CVE-2026-53247"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53247","csirts_url":"https://www.csirts.com/advisory/cve-2026-53247-4112"},{"num":4113,"source_id":"msrc","external_id":"CVE-2026-53056","title":"CVE-2026-53056: drm/msm/dpu: fix mismatch between power and frequency","severity":"medium","cvss":5.5,"cves":["CVE-2026-53056"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53056","csirts_url":"https://www.csirts.com/advisory/cve-2026-53056-4113"},{"num":4114,"source_id":"msrc","external_id":"CVE-2026-57452","title":"CVE-2026-57452: Vim: Out-of-bounds Read with libsodium-encrypted Files","severity":"medium","cvss":5.5,"cves":["CVE-2026-57452"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57452","csirts_url":"https://www.csirts.com/advisory/cve-2026-57452-4114"},{"num":4115,"source_id":"msrc","external_id":"CVE-2026-56123","title":"CVE-2026-56123: socat 1.8.0.0 - 1.8.1.1 Heap Buffer Overflow via SOCKS5 Reply Parser","severity":"high","cvss":8.1,"cves":["CVE-2026-56123"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-56123","csirts_url":"https://www.csirts.com/advisory/cve-2026-56123-4115"},{"num":4116,"source_id":"msrc","external_id":"CVE-2026-55895","title":"CVE-2026-55895: Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename","severity":"high","cvss":7.8,"cves":["CVE-2026-55895"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55895","csirts_url":"https://www.csirts.com/advisory/cve-2026-55895-4116"},{"num":4117,"source_id":"msrc","external_id":"CVE-2026-53221","title":"CVE-2026-53221: ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()","severity":"medium","cvss":5.5,"cves":["CVE-2026-53221"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53221","csirts_url":"https://www.csirts.com/advisory/cve-2026-53221-4117"},{"num":4118,"source_id":"msrc","external_id":"CVE-2026-55693","title":"CVE-2026-55693: Vim: Out-of-bounds Write in Spell File Word Count","severity":"high","cvss":7.8,"cves":["CVE-2026-55693"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55693","csirts_url":"https://www.csirts.com/advisory/cve-2026-55693-4118"},{"num":4119,"source_id":"msrc","external_id":"CVE-2026-53253","title":"CVE-2026-53253: Bluetooth: bnep: reject short frames before parsing","severity":"high","cvss":7.1,"cves":["CVE-2026-53253"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53253","csirts_url":"https://www.csirts.com/advisory/cve-2026-53253-4119"},{"num":4120,"source_id":"msrc","external_id":"CVE-2026-52984","title":"CVE-2026-52984: net/sched: netem: fix queue limit check to include reordered packets","severity":"medium","cvss":5.5,"cves":["CVE-2026-52984"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52984","csirts_url":"https://www.csirts.com/advisory/cve-2026-52984-4120"},{"num":4121,"source_id":"msrc","external_id":"CVE-2026-53196","title":"CVE-2026-53196: USB: serial: io_ti: fix heap overflow in get_manuf_info()","severity":"high","cvss":7.8,"cves":["CVE-2026-53196"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53196","csirts_url":"https://www.csirts.com/advisory/cve-2026-53196-4121"},{"num":4122,"source_id":"msrc","external_id":"CVE-2026-57455","title":"CVE-2026-57455: Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()` argument","severity":"high","cvss":7.8,"cves":["CVE-2026-57455"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57455","csirts_url":"https://www.csirts.com/advisory/cve-2026-57455-4122"},{"num":4123,"source_id":"msrc","external_id":"CVE-2026-53025","title":"CVE-2026-53025: greybus: raw: fix use-after-free on cdev close","severity":"critical","cvss":9.8,"cves":["CVE-2026-53025"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53025","csirts_url":"https://www.csirts.com/advisory/cve-2026-53025-4123"},{"num":4124,"source_id":"msrc","external_id":"CVE-2026-53229","title":"CVE-2026-53229: net/mlx5e: xsk: Fix DMA and xdp_frame leak on XDP_TX xmit failure","severity":"medium","cvss":5.5,"cves":["CVE-2026-53229"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53229","csirts_url":"https://www.csirts.com/advisory/cve-2026-53229-4124"},{"num":4125,"source_id":"msrc","external_id":"CVE-2026-57456","title":"CVE-2026-57456: Vim: Arbitrary Code Execution via Python Omni-Completion Docstrings","severity":"high","cvss":7.8,"cves":["CVE-2026-57456"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57456","csirts_url":"https://www.csirts.com/advisory/cve-2026-57456-4125"},{"num":4126,"source_id":"msrc","external_id":"CVE-2026-57453","title":"CVE-2026-57453: Vim: PowerShell Command Injection via Unescaped Filename in zip.vim Extraction","severity":"medium","cvss":6.5,"cves":["CVE-2026-57453"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57453","csirts_url":"https://www.csirts.com/advisory/cve-2026-57453-4126"},{"num":4127,"source_id":"msrc","external_id":"CVE-2026-53215","title":"CVE-2026-53215: net: mvpp2: refill RX buffers before XDP or skb use","severity":"high","cvss":7.8,"cves":["CVE-2026-53215"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53215","csirts_url":"https://www.csirts.com/advisory/cve-2026-53215-4127"},{"num":4128,"source_id":"msrc","external_id":"CVE-2026-55892","title":"CVE-2026-55892: Vim: Out-of-bounds Write in Spell File Prefix Dump","severity":"medium","cvss":5.5,"cves":["CVE-2026-55892"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-55892","csirts_url":"https://www.csirts.com/advisory/cve-2026-55892-4128"},{"num":4129,"source_id":"msrc","external_id":"CVE-2026-53154","title":"CVE-2026-53154: mm/hugetlb: restore reservation on error in hugetlb folio copy paths","severity":"medium","cvss":5.5,"cves":["CVE-2026-53154"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53154","csirts_url":"https://www.csirts.com/advisory/cve-2026-53154-4129"},{"num":4130,"source_id":"msrc","external_id":"CVE-2026-52941","title":"CVE-2026-52941: net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint","severity":"medium","cvss":5.5,"cves":["CVE-2026-52941"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52941","csirts_url":"https://www.csirts.com/advisory/cve-2026-52941-4130"},{"num":4131,"source_id":"msrc","external_id":"CVE-2026-53263","title":"CVE-2026-53263: 6lowpan: fix off-by-one in multicast context address compression","severity":"medium","cvss":5.5,"cves":["CVE-2026-53263"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-53263","csirts_url":"https://www.csirts.com/advisory/cve-2026-53263-4131"},{"num":4132,"source_id":"msrc","external_id":"CVE-2026-52947","title":"CVE-2026-52947: net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove","severity":"critical","cvss":9.8,"cves":["CVE-2026-52947"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52947","csirts_url":"https://www.csirts.com/advisory/cve-2026-52947-4132"},{"num":4133,"source_id":"msrc","external_id":"CVE-2026-52991","title":"CVE-2026-52991: sched/psi: fix race between file release and pressure write","severity":"critical","cvss":9.8,"cves":["CVE-2026-52991"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T07:00:00+00:00","link":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-52991","csirts_url":"https://www.csirts.com/advisory/cve-2026-52991-4133"},{"num":19648,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN27656135/","title":"CamView installer insecurely loads Dynamic Link Libraries","severity":"unknown","cvss":null,"cves":["CVE-2015-9268"],"exploited":false,"has_exploit":false,"published_at":"2026-06-09T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN27656135/","csirts_url":"https://www.csirts.com/advisory/camview-installer-insecurely-loads-19648"},{"num":2379,"source_id":"cisa-kev","external_id":"CVE-2026-7473","title":"CVE-2026-7473: Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-7473"],"exploited":true,"has_exploit":true,"published_at":"2026-06-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-7473","csirts_url":"https://www.csirts.com/advisory/cve-2026-7473-2379"},{"num":240,"source_id":"cisa-kev","external_id":"CVE-2026-20245","title":"CVE-2026-20245: Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20245"],"exploited":true,"has_exploit":true,"published_at":"2026-06-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20245","csirts_url":"https://www.csirts.com/advisory/cve-2026-20245-240"},{"num":1153,"source_id":"cisa-kev","external_id":"CVE-2026-11645","title":"CVE-2026-11645: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-11645"],"exploited":true,"has_exploit":true,"published_at":"2026-06-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-11645","csirts_url":"https://www.csirts.com/advisory/cve-2026-11645-1153"},{"num":170126,"source_id":"aws","external_id":"9a41b86d4d6786ee42ba514d571f1bab09e58cf3","title":"CVE-2026-11393 - Code Injection via Improper Triple-Quote Escaping in AgentCore CLI Bedrock Agent Import","severity":"unknown","cvss":null,"cves":["CVE-2026-11393"],"exploited":false,"has_exploit":false,"published_at":"2026-06-08T18:54:30+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-040-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-11393-170126"},{"num":2632,"source_id":"cisa-kev","external_id":"CVE-2026-50751","title":"CVE-2026-50751: Check Point Security Gateway Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-50751"],"exploited":true,"has_exploit":true,"published_at":"2026-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-50751","csirts_url":"https://www.csirts.com/advisory/cve-2026-50751-2632"},{"num":2391,"source_id":"cisa-kev","external_id":"CVE-2026-42271","title":"CVE-2026-42271: BerriAI LiteLLM Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-42271"],"exploited":true,"has_exploit":true,"published_at":"2026-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-42271","csirts_url":"https://www.csirts.com/advisory/cve-2026-42271-2391"},{"num":170079,"source_id":"aws","external_id":"de232c0690c48585a713a5e249342638401801af","title":"CVE-2026-6437 - Mount Option Injection in Amazon EFS CSI Driver","severity":"unknown","cvss":null,"cves":["CVE-2026-6437"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-016-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-6437-170079"},{"num":170121,"source_id":"aws","external_id":"9ce7f7e45e7a9d3511c42da2a497c229fc508eb7","title":"Key Commitment Issues in S3 Encryption Clients","severity":"unknown","cvss":null,"cves":["CVE-2025-14763","CVE-2025-14764","CVE-2025-14759","CVE-2025-14760","CVE-2025-14761","CVE-2025-14762"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-032/","csirts_url":"https://www.csirts.com/advisory/key-commitment-issues-in-s3-encryption-170121"},{"num":170081,"source_id":"aws","external_id":"c8cb3a2d26a630fc4c4ff8d17160ee33fa9168d4","title":"CVE-2026-1386 - Arbitrary Host File Overwrite via Symlink in Firecracker Jailer","severity":"unknown","cvss":null,"cves":["CVE-2026-1386"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-003-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-1386-170081"},{"num":170113,"source_id":"aws","external_id":"e84d2d62c579454c4f58f5dc88855cb846fdfeb1","title":"CVE-2026-31431","severity":"unknown","cvss":null,"cves":["CVE-2026-31431"],"exploited":true,"has_exploit":true,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-026-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-31431-170113"},{"num":170090,"source_id":"aws","external_id":"25fb7e5c3c2827b7e4e50acfcfe32b2d29fdcc26","title":"CVE-2026-7191- Arbitrary Code Execution via Sandbox Bypass in QnABot on AWS","severity":"unknown","cvss":null,"cves":["CVE-2026-7191"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-020-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-7191-170090"},{"num":170089,"source_id":"aws","external_id":"1af3a95154c012653e57de2b7534fb964608bce3","title":"CVE-2025-8069 - AWS Client VPN Windows Client Local Privilege Escalation","severity":"unknown","cvss":null,"cves":["CVE-2025-8069"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-014/","csirts_url":"https://www.csirts.com/advisory/cve-2025-8069-170089"},{"num":170134,"source_id":"aws","external_id":"a834ea4b2799d13f52b4af70bc99a80c38e5bbde","title":"MariaDB Server Audit Plugin Comment Handling Bypass","severity":"unknown","cvss":null,"cves":["CVE-2026-3494"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-006-aws/","csirts_url":"https://www.csirts.com/advisory/mariadb-server-audit-plugin-comment-170134"},{"num":170112,"source_id":"aws","external_id":"0dfa2afbe7d07a5a5229f8ca071c0ca7bbacf1bd","title":"CVE-2025-12829 - Integer Overflow issue in Amazon Ion-C","severity":"unknown","cvss":null,"cves":["CVE-2025-12829"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-027/","csirts_url":"https://www.csirts.com/advisory/cve-2025-12829-170112"},{"num":170133,"source_id":"aws","external_id":"f6b021e86198d0f7fe16365ace513c01c51d0110","title":"Issues in tough library and tuftool CLI utility","severity":"unknown","cvss":null,"cves":["CVE-2026-6966","CVE-2026-6967","CVE-2026-6968"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-019-aws/","csirts_url":"https://www.csirts.com/advisory/issues-in-tough-library-and-tuftool-cli-170133"},{"num":170088,"source_id":"aws","external_id":"694b3839a0770cac669982a42f3161e15904eece","title":"CVE-2026-8838 - Remote Code Execution in amazon-redshift-python-driver","severity":"unknown","cvss":null,"cves":["CVE-2026-8838"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-033-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-8838-170088"},{"num":170099,"source_id":"aws","external_id":"bae22f80e036b03d7bb31f66c2ad9f88acdbfde0","title":"CVE-2025-11573 - Denial of Service issue in Amazon.IonDotnet","severity":"unknown","cvss":null,"cves":["CVE-2025-11573"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-022/","csirts_url":"https://www.csirts.com/advisory/cve-2025-11573-170099"},{"num":170102,"source_id":"aws","external_id":"64cc4e1e2e83cc933b1f8251318a7d6ad051a45b","title":"IMDS impersonation","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-021/","csirts_url":"https://www.csirts.com/advisory/imds-impersonation-170102"},{"num":170135,"source_id":"aws","external_id":"c20d7f16c2530ecbc837cd0c9a0270e0c514120a","title":"CVE-2026-10591 - Kiro IDE Insufficient File Write Restrictions to Execution-Sensitive Paths","severity":"unknown","cvss":null,"cves":["CVE-2026-10591"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-037-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-10591-170135"},{"num":170125,"source_id":"aws","external_id":"30b058e5cef8f1412d074c669558865255292699","title":"CVE-2026-4269 - Improper S3 ownership verification in Bedrock AgentCore Starter Toolkit","severity":"unknown","cvss":null,"cves":["CVE-2026-4269"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-008-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-4269-170125"},{"num":170069,"source_id":"aws","external_id":"686c213f16536854044ac462bb1cd389260f77c6","title":"Issues with AWS Research and Engineering Studio (RES)","severity":"unknown","cvss":null,"cves":["CVE-2026-5707","CVE-2026-5708","CVE-2026-5709"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-014-aws/","csirts_url":"https://www.csirts.com/advisory/issues-with-aws-research-and-engineering-170069"},{"num":170136,"source_id":"aws","external_id":"a53d9a3540b5a4670f83a129529450740337a8f4","title":"CVE-2026-7461 - OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials","severity":"unknown","cvss":null,"cves":["CVE-2026-7461"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-024-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-7461-170136"},{"num":170098,"source_id":"aws","external_id":"a5c7e6133d7e110740c9ac51171cd015965eccab","title":"Buffer Over-read when receiving improperly sized ICMPv6 packets","severity":"unknown","cvss":null,"cves":["CVE-2025-11616","CVE-2025-11617","CVE-2025-11618"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-023/","csirts_url":"https://www.csirts.com/advisory/buffer-over-read-when-receiving-170098"},{"num":170094,"source_id":"aws","external_id":"728d2ba7c10946b0abdf5626bdac27dc5f39b67d","title":"CVE-2025-9039 - Issue with Amazon ECS agent introspection server","severity":"unknown","cvss":null,"cves":["CVE-2025-9039"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-018/","csirts_url":"https://www.csirts.com/advisory/cve-2025-9039-170094"},{"num":170115,"source_id":"aws","external_id":"d7ee961d660da52ba1e7a16839a2af7b9a8334e8","title":"Improper authentication token handling in the Amazon WorkSpaces client for Linux","severity":"unknown","cvss":null,"cves":["CVE-2025-12779"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-025/","csirts_url":"https://www.csirts.com/advisory/improper-authentication-token-handling-in-170115"},{"num":170092,"source_id":"aws","external_id":"1f27d4870b0e6519c1d8e45b38c50c67116c979d","title":"CVE-2026-5747 - Out-of-bounds Write in Firecracker virtio-pci Transport","severity":"unknown","cvss":null,"cves":["CVE-2026-5747"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-015-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-5747-170092"},{"num":170078,"source_id":"aws","external_id":"a279f7f12d03f9614859cfa63f6cf79efe097503","title":"Fragnesia Local Privilege Escalation report via ESP-in-TCP in the Linux Kernel","severity":"unknown","cvss":null,"cves":["CVE-2026-46300","CVE-2026-43284"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-029-aws/","csirts_url":"https://www.csirts.com/advisory/fragnesia-local-privilege-escalation-170078"},{"num":170127,"source_id":"aws","external_id":"3dd3140cdedc2c648ce55943f7b5e4f46abf77bf","title":"CVE-2026-4428: Issues with AWS-LC - CRL Distribution Point Scope Check Logic Error","severity":"unknown","cvss":null,"cves":["CVE-2026-4428"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-010-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-4428-170127"},{"num":170097,"source_id":"aws","external_id":"e443e91306bef487820f9f2bdb3a6e4c38edc7fa","title":"CVE-2026-9255 - Tool Execution Without Authorization via Piped Stdin in Kiro CLI","severity":"unknown","cvss":null,"cves":["CVE-2026-9255"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-035-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-9255-170097"},{"num":170093,"source_id":"aws","external_id":"81c871b18c57b13aaf3f1b0820ac6efa6286a172","title":"Amazon Q Developer and Kiro – Prompt Injection Issues in Kiro and Q IDE plugins","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-019/","csirts_url":"https://www.csirts.com/advisory/amazon-q-developer-and-kiro-prompt-170093"},{"num":170077,"source_id":"aws","external_id":"da02a927d0e5392bf9f60102197e1d89f62a6c72","title":"CVE-2026-11400 and CVE-2026-11401","severity":"low","cvss":null,"cves":["CVE-2026-11400","CVE-2026-11401"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-039-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-11400-170077"},{"num":170076,"source_id":"aws","external_id":"10f6ffb7af5a1090349062495a6b0a95e21c1c8f","title":"Issues with Amazon Athena ODBC Driver","severity":"unknown","cvss":null,"cves":["CVE-2026-5485","CVE-2026-35558","CVE-2026-35559","CVE-2026-35560","CVE-2026-35561","CVE-2026-35562"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-013-aws/","csirts_url":"https://www.csirts.com/advisory/issues-with-amazon-athena-odbc-driver-170076"},{"num":170137,"source_id":"aws","external_id":"41be976fc1892b1d0656103926b90045f18426cb","title":"CVE-2026-5190 - AWS C Event Stream Streaming Decoder Stack Buffer Overflow","severity":"high","cvss":null,"cves":["CVE-2026-5190"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-011-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-5190-170137"},{"num":170075,"source_id":"aws","external_id":"1a4b49449fb810d419ae9d00d27aa731252ca7e5","title":"CVE-2026-7424 - Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Plus-TCP","severity":"unknown","cvss":null,"cves":["CVE-2026-7424"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-022-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-7424-170075"},{"num":170074,"source_id":"aws","external_id":"adc7525b5938955eda2cdb34ea4c85fb4a5566a3","title":"Issue with Amazon SageMaker Python SDK - Model artifact integrity verification issues (CVE-2026-8596 & CVE-2026-8597)","severity":"unknown","cvss":null,"cves":["CVE-2026-8596","CVE-2026-8597"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-031-aws/","csirts_url":"https://www.csirts.com/advisory/issue-with-amazon-sagemaker-python-sdk-170074"},{"num":170100,"source_id":"aws","external_id":"164ec16583e3cdb1c1a7bfbd6b7b1e38b010bcd3","title":"Issue with AWS Ops Wheel (CVE-2026-6911 and CVE-2026-6912","severity":"unknown","cvss":null,"cves":["CVE-2026-6911","CVE-2026-6912"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-018-aws/","csirts_url":"https://www.csirts.com/advisory/issue-with-aws-ops-wheel-cve-2026-6911-170100"},{"num":170073,"source_id":"aws","external_id":"f1b8d4ffd3c46205c7ffa4f3cc2d0c3505fb6e10","title":"Security Findings in SageMaker Python SDK","severity":"unknown","cvss":null,"cves":["CVE-2026-1777","CVE-2026-1778"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-004-aws/","csirts_url":"https://www.csirts.com/advisory/security-findings-in-sagemaker-python-sdk-170073"},{"num":170095,"source_id":"aws","external_id":"3c6429bd37ca4975a274e75e4d24edccb015fd54","title":"CVE-2025-8904 - Issue with Amazon EMR Secret Agent component","severity":"high","cvss":null,"cves":["CVE-2025-8904"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-017/","csirts_url":"https://www.csirts.com/advisory/cve-2025-8904-170095"},{"num":170122,"source_id":"aws","external_id":"532523680b7d8fcd583296e57a0eb6f06e971c90","title":"CVE-2026-4270 - AWS API MCP File Access Restriction Bypass","severity":"unknown","cvss":null,"cves":["CVE-2026-4270"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-007-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-4270-170122"},{"num":170070,"source_id":"aws","external_id":"3fffca4b7fa8004e57ab33f0ed7ae774fa9f5b9a","title":"Issue with FreeRTOS-Plus-TCP - MAC Address Validation Bypass and ICMP Echo Reply Integer Underflow","severity":"unknown","cvss":null,"cves":["CVE-2026-7422","CVE-2026-7423"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-021-aws/","csirts_url":"https://www.csirts.com/advisory/issue-with-freertos-plus-tcp-mac-address-170070"},{"num":170124,"source_id":"aws","external_id":"dae36683a23c5be1d2a2ba15597291a12fc03766","title":"CVE-2026-10584 - HTTPS Fallback to HTTP in Graph Explorer","severity":"unknown","cvss":null,"cves":["CVE-2026-10584"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-038-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-10584-170124"},{"num":170132,"source_id":"aws","external_id":"a45b8d4c17984521c95220a9fd34260699b89904","title":"CVE-2026-9291 - Insecure Deserialization in Amazon Braket SDK Job Results Processing","severity":"unknown","cvss":null,"cves":["CVE-2026-9291"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-036-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-9291-170132"},{"num":170128,"source_id":"aws","external_id":"3477edbcca031da35fbbce7c5a52812b78aa1b1e","title":"CVE-2026-5429 - Kiro IDE Webview Cross-Site Scripting via Workspace Color Theme","severity":"unknown","cvss":null,"cves":["CVE-2026-5429"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-012-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-5429-170128"},{"num":170087,"source_id":"aws","external_id":"dfee37aba8054b8e2c08d4e5ff962f9cf620161b","title":"[Redirected] Security Update for Amazon Q Developer Extension for Visual Studio Code (Version #1.84)","severity":"unknown","cvss":null,"cves":["CVE-2025-8217"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-015/","csirts_url":"https://www.csirts.com/advisory/redirected-security-update-for-amazon-q-170087"},{"num":170103,"source_id":"aws","external_id":"917ab7b6cadc1b295e8502057514c73b57546405","title":"CVE-2025-11462 AWS ClientVPN macOS Client Local Privilege Escalation","severity":"unknown","cvss":null,"cves":["CVE-2025-11462"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-020/","csirts_url":"https://www.csirts.com/advisory/cve-2025-11462-170103"},{"num":170131,"source_id":"aws","external_id":"c8a2546a619c4d3235fb3107e7c8681d4ac56f1c","title":"Issue with FreeRTOS-Plus-TCP - IPv6 Router Advertisement Memory Safety Issues","severity":"unknown","cvss":null,"cves":["CVE-2026-7425","CVE-2026-7426"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-023-aws/","csirts_url":"https://www.csirts.com/advisory/issue-with-freertos-plus-tcp-ipv6-router-170131"},{"num":170109,"source_id":"aws","external_id":"b8dec3bcf5c8c442db782414f43e3801cf0b60ea","title":"Arbitrary code execution via crafted project files in Kiro IDE","severity":"unknown","cvss":null,"cves":["CVE-2026-4295"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-009-aws/","csirts_url":"https://www.csirts.com/advisory/arbitrary-code-execution-via-crafted-170109"},{"num":170068,"source_id":"aws","external_id":"61224a968ee66a71e661f9d9b8eaadb7d3ec76cb","title":"Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-2026-3336, CVE-2026-3337, CVE-2026-3338)","severity":"unknown","cvss":null,"cves":["CVE-2026-3336","CVE-2026-3337","CVE-2026-3338"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-005-aws/","csirts_url":"https://www.csirts.com/advisory/issue-with-aws-lc-an-open-source-general-170068"},{"num":170085,"source_id":"aws","external_id":"5727e89c281fc4909afe0c542efccc29f06734cd","title":"[Redirected] Memory Dump Issue in AWS CodeBuild","severity":"unknown","cvss":null,"cves":["CVE-2025-8217"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-016/","csirts_url":"https://www.csirts.com/advisory/redirected-memory-dump-issue-in-aws-170085"},{"num":170116,"source_id":"aws","external_id":"b756735a440b687b335bc343f68970c05107657c","title":"CVE-2025-31133, CVE-2025-52565, CVE-2025-52881 - runc container issues","severity":"unknown","cvss":null,"cves":["CVE-2025-31133","CVE-2025-52565","CVE-2025-52881"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-024/","csirts_url":"https://www.csirts.com/advisory/cve-2025-31133-170116"},{"num":170091,"source_id":"aws","external_id":"9fd1e9dafd746b9b8e498a5c1d30cedf40f5b9c4","title":"CVE-2025-6031 - Insecure device pairing in end-of-life Amazon Cloud Cam","severity":"unknown","cvss":null,"cves":["CVE-2025-6031"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-013/","csirts_url":"https://www.csirts.com/advisory/cve-2025-6031-170091"},{"num":170119,"source_id":"aws","external_id":"9dc84ec94144a9069182e2cd581c9e9f885b660b","title":"CVE-2025-66478: RCE in React Server Components","severity":"unknown","cvss":null,"cves":["CVE-2025-66478","CVE-2025-55182"],"exploited":true,"has_exploit":true,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-030/","csirts_url":"https://www.csirts.com/advisory/cve-2025-66478-170119"},{"num":170114,"source_id":"aws","external_id":"9bff5b3e08273330e03a5f215636ac8a9ea1523e","title":"CVE-2025-12815 - RES web portal may display preview of Virtual Desktops that the user shouldn't have access to","severity":"unknown","cvss":null,"cves":["CVE-2025-12815"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-026/","csirts_url":"https://www.csirts.com/advisory/cve-2025-12815-170114"},{"num":170105,"source_id":"aws","external_id":"491ebd001e641c49ac1b1be0b99b3d194b12b805","title":"CVE-2026-0830 - Command Injection in Kiro GitLab Merge Request Helper","severity":"unknown","cvss":null,"cves":["CVE-2026-0830"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-001-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-0830-170105"},{"num":170066,"source_id":"aws","external_id":"4e7bbcc06c6a97bf8689e85f314431510a3ef71e","title":"Ongoing updates on Copy.fail and variants","severity":"unknown","cvss":null,"cves":["CVE-2026-46300","CVE-2026-43284","CVE-2026-31431","CVE-2026-43500"],"exploited":false,"has_exploit":true,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-030-aws/","csirts_url":"https://www.csirts.com/advisory/ongoing-updates-on-copy-fail-and-variants-170066"},{"num":170129,"source_id":"aws","external_id":"5568cbf1a700e8a67cd1cbbfe25657eaaf9ae48f","title":"CVE-2026-7791 - Local Privilege Escalation via TOCTOU Race Condition in Amazon WorkSpaces Skylight Agent","severity":"critical","cvss":null,"cves":["CVE-2026-7791"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-025-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-7791-170129"},{"num":170083,"source_id":"aws","external_id":"c220fb45f66465dca7d87688fd495aa41bd8e29f","title":"CVE-2026-8178 - Remote Code Execution via Unsafe Class Loading in Amazon Redshift JDBC Driver","severity":"unknown","cvss":null,"cves":["CVE-2026-8178"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-028-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-8178-170083"},{"num":170086,"source_id":"aws","external_id":"329b7aa3100c17fa3385a8aa0ad1b894d820fcca","title":"Unanchored ACCOUNT_ID webhook filters for CodeBuild","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-002-aws/","csirts_url":"https://www.csirts.com/advisory/unanchored-account-id-webhook-filters-for-170086"},{"num":170118,"source_id":"aws","external_id":"9958b2c9fb3947698090a8fa7830d86f135f42cb","title":"Privilege Escalation in Aurora PostgreSQL using AWS JDBC Wrapper, AWS Go Wrapper, AWS NodeJS Wrapper, AWS Python Wrapper, AWS PGSQL ODBC driver","severity":"low","cvss":null,"cves":["CVE-2025-12967"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-028/","csirts_url":"https://www.csirts.com/advisory/privilege-escalation-in-aurora-postgresql-170118"},{"num":170110,"source_id":"aws","external_id":"2b8fabf2c3c0de6402207096d18d9a4e9e3eb7a6","title":"CVE-2026-9133 - Arbitrary file read in rabbitmq-aws plugin","severity":"unknown","cvss":null,"cves":["CVE-2026-9133"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-034-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-9133-170110"},{"num":170082,"source_id":"aws","external_id":"7d1b04c1e7481a2b244ce4edfd29e03c2dd97d1e","title":"CVE-2026-8686 - Heap out-of-bounds read in coreMQTT MQTT5 property parsing","severity":"unknown","cvss":null,"cves":["CVE-2026-8686"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-032-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-8686-170082"},{"num":170107,"source_id":"aws","external_id":"fadcc3341eacca5f455397d86b4021f634a98a87","title":"CVE-2026-6550 - Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python","severity":"unknown","cvss":null,"cves":["CVE-2026-6550"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-017-aws/","csirts_url":"https://www.csirts.com/advisory/cve-2026-6550-170107"},{"num":170106,"source_id":"aws","external_id":"3635024096b3b73d8fc9429563016dc326ab107f","title":"Dirty Frag and other issues in Amazon Linux kernels","severity":"unknown","cvss":null,"cves":["CVE-2026-31431"],"exploited":true,"has_exploit":true,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/2026-027-aws/","csirts_url":"https://www.csirts.com/advisory/dirty-frag-and-other-issues-in-amazon-170106"},{"num":170123,"source_id":"aws","external_id":"c2c3ee27cbd55f9784caa8857d114b76117fa982","title":"Overly Permissive Trust Policy in Harmonix on AWS EKS","severity":"unknown","cvss":null,"cves":["CVE-2025-14503"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T19:19:25+00:00","link":"https://aws.amazon.com/security/security-bulletins/rss/aws-2025-031/","csirts_url":"https://www.csirts.com/advisory/overly-permissive-trust-policy-in-170123"},{"num":19649,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN70631953/","title":"Multiple TP-Link products vulnerable to cleartext transmission of sensitive information","severity":"unknown","cvss":null,"cves":["CVE-2026-34126"],"exploited":false,"has_exploit":false,"published_at":"2026-06-05T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN70631953/","csirts_url":"https://www.csirts.com/advisory/multiple-tp-link-products-vulnerable-to-19649"},{"num":2633,"source_id":"cisa-kev","external_id":"CVE-2026-28318","title":"CVE-2026-28318: SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-28318"],"exploited":true,"has_exploit":true,"published_at":"2026-06-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-28318","csirts_url":"https://www.csirts.com/advisory/cve-2026-28318-2633"},{"num":1676,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/software-supply-chain-attacks-check-your-dependencies","title":"Software supply chain attacks: check your dependencies","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-06-04T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/software-supply-chain-attacks-check-your-dependencies","csirts_url":"https://www.csirts.com/advisory/software-supply-chain-attacks-check-your-1676"},{"num":1040,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-jw3NeQzS","title":"Cisco Webex Meetings Cross-Site Scripting Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20233"],"exploited":false,"has_exploit":false,"published_at":"2026-06-03T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-jw3NeQzS?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Webex%20Meetings%20Cross-Site%20Scripting%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-webex-meetings-cross-site-scripting-1040"},{"num":86854,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-144","title":"Linux Kernel vulnerability Dirty Frag","severity":"unknown","cvss":null,"cves":["CVE-2026-43284","CVE-2026-43500"],"exploited":false,"has_exploit":false,"published_at":"2026-06-03T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-144","csirts_url":"https://www.csirts.com/advisory/linux-kernel-vulnerability-dirty-frag-86854"},{"num":86911,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0257","title":"CVE-2026-0257 PAN-OS: GlobalProtect Authentication Bypass Vulnerabilities (Severity: HIGH)","severity":"high","cvss":null,"cves":["CVE-2026-0257"],"exploited":true,"has_exploit":true,"published_at":"2026-06-03T05:45:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0257","csirts_url":"https://www.csirts.com/advisory/cve-2026-0257-86911"},{"num":19650,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN24733221/","title":"WordPress Plugin \"Zoho Mail for WordPress\" vulnerable to cross-site request forgery","severity":"unknown","cvss":null,"cves":["CVE-2026-8174"],"exploited":false,"has_exploit":false,"published_at":"2026-06-03T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN24733221/","csirts_url":"https://www.csirts.com/advisory/wordpress-plugin-zoho-mail-for-wordpress-19650"},{"num":386,"source_id":"cisa-kev","external_id":"CVE-2026-45247","title":"CVE-2026-45247: Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-45247"],"exploited":true,"has_exploit":true,"published_at":"2026-06-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-45247","csirts_url":"https://www.csirts.com/advisory/cve-2026-45247-386"},{"num":19651,"source_id":"jvn","external_id":"https://jvn.jp/en/vu/JVNVU95687008/","title":"TP-Link Archer BE450 and BE7200 vulnerable to OS command injection","severity":"unknown","cvss":null,"cves":["CVE-2026-5509"],"exploited":false,"has_exploit":false,"published_at":"2026-06-02T02:00:00+00:00","link":"https://jvn.jp/en/vu/JVNVU95687008/","csirts_url":"https://www.csirts.com/advisory/tp-link-archer-be450-and-be7200-19651"},{"num":86912,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0251","title":"CVE-2026-0251 GlobalProtect App: Local Privilege Escalation Vulnerabilities (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0251"],"exploited":false,"has_exploit":false,"published_at":"2026-06-02T01:15:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0251","csirts_url":"https://www.csirts.com/advisory/cve-2026-0251-86912"},{"num":2634,"source_id":"cisa-kev","external_id":"CVE-2022-0492","title":"CVE-2022-0492: Linux Kernel Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-0492"],"exploited":true,"has_exploit":true,"published_at":"2026-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-0492","csirts_url":"https://www.csirts.com/advisory/cve-2022-0492-2634"},{"num":241,"source_id":"cisa-kev","external_id":"CVE-2025-48595","title":"CVE-2025-48595: Android Framework Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48595"],"exploited":true,"has_exploit":true,"published_at":"2026-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48595","csirts_url":"https://www.csirts.com/advisory/cve-2025-48595-241"},{"num":19652,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN67883085/","title":"Multiple vulnerabilities in ServerView Agents for Windows","severity":"unknown","cvss":null,"cves":["CVE-2026-27788","CVE-2026-32325"],"exploited":false,"has_exploit":false,"published_at":"2026-06-01T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN67883085/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-serverview-19652"},{"num":242,"source_id":"cisa-kev","external_id":"CVE-2024-21182","title":"CVE-2024-21182: Oracle WebLogic Server Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21182"],"exploited":true,"has_exploit":true,"published_at":"2026-06-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21182","csirts_url":"https://www.csirts.com/advisory/cve-2024-21182-242"},{"num":19653,"source_id":"jvn","external_id":"https://jvn.jp/en/vu/JVNVU93879027/","title":"Link following vulnerability in Canon My Image Garden for macOS and CUPS Printer Driver for macOS","severity":"unknown","cvss":null,"cves":["CVE-2026-6891","CVE-2026-6892"],"exploited":false,"has_exploit":false,"published_at":"2026-05-29T01:00:00+00:00","link":"https://jvn.jp/en/vu/JVNVU93879027/","csirts_url":"https://www.csirts.com/advisory/link-following-vulnerability-in-canon-my-19653"},{"num":2150,"source_id":"cisa-kev","external_id":"CVE-2026-0257","title":"CVE-2026-0257: Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-0257"],"exploited":true,"has_exploit":true,"published_at":"2026-05-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-0257","csirts_url":"https://www.csirts.com/advisory/cve-2026-0257-2150"},{"num":86914,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0259","title":"CVE-2026-0259 WildFire WF-500 and WF-500-B: Arbitrary File Read and Delete Vulnerability in WildFire Appliance (WF-500, WF-500-B) (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0259"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T21:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0259","csirts_url":"https://www.csirts.com/advisory/cve-2026-0259-86914"},{"num":86918,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0256","title":"CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0256"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T21:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0256","csirts_url":"https://www.csirts.com/advisory/cve-2026-0256-86918"},{"num":86919,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0265","title":"CVE-2026-0265 PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled (Severity: HIGH)","severity":"high","cvss":null,"cves":["CVE-2026-0265"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T21:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0265","csirts_url":"https://www.csirts.com/advisory/cve-2026-0265-86919"},{"num":86913,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0258","title":"CVE-2026-0258 PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0258"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T21:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0258","csirts_url":"https://www.csirts.com/advisory/cve-2026-0258-86913"},{"num":86920,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0264","title":"CVE-2026-0264 PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution (Severity: HIGH)","severity":"high","cvss":null,"cves":["CVE-2026-0264"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T21:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0264","csirts_url":"https://www.csirts.com/advisory/cve-2026-0264-86920"},{"num":86917,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0262","title":"CVE-2026-0262 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0262"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T21:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0262","csirts_url":"https://www.csirts.com/advisory/cve-2026-0262-86917"},{"num":86915,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0261","title":"CVE-2026-0261 PAN-OS: Authenticated Admin Command Injection Vulnerability (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0261"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T21:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0261","csirts_url":"https://www.csirts.com/advisory/cve-2026-0261-86915"},{"num":86916,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0263","title":"CVE-2026-0263 PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing (Severity: HIGH)","severity":"high","cvss":null,"cves":["CVE-2026-0263"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T21:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0263","csirts_url":"https://www.csirts.com/advisory/cve-2026-0263-86916"},{"num":19654,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN01719116/","title":"Jupyter Server vulnerable to open redirect","severity":"unknown","cvss":null,"cves":["CVE-2025-61669"],"exploited":false,"has_exploit":false,"published_at":"2026-05-28T03:00:00+00:00","link":"https://jvn.jp/en/jp/JVN01719116/","csirts_url":"https://www.csirts.com/advisory/jupyter-server-vulnerable-to-open-redirect-19654"},{"num":86921,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0300","title":"CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal (Severity: CRITICAL)","severity":"critical","cvss":null,"cves":["CVE-2026-0300"],"exploited":true,"has_exploit":true,"published_at":"2026-05-28T00:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0300","csirts_url":"https://www.csirts.com/advisory/cve-2026-0300-86921"},{"num":1218,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/designing-secure-access-with-ztna","title":"Designing secure access with ZTNA","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-05-27T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/designing-secure-access-with-ztna","csirts_url":"https://www.csirts.com/advisory/designing-secure-access-with-ztna-1218"},{"num":87023,"source_id":"jenkins","external_id":"jenkins-advisory-2026-05-27","title":"Jenkins Security Advisory 2026-05-27","severity":"unknown","cvss":null,"cves":["CVE-2026-48916","CVE-2026-48917","CVE-2026-48918","CVE-2026-48919","CVE-2026-48920","CVE-2026-48921","CVE-2026-48922","CVE-2026-48923","CVE-2026-48924","CVE-2026-48925","CVE-2026-9674","CVE-2026-48926","CVE-2026-48927"],"exploited":false,"has_exploit":false,"published_at":"2026-05-27T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2026-05-27/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2026-05-27-87023"},{"num":86927,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-9-8-released/","title":"GitLab Patch Release: 18.9.8, 18.8.10, 18.7.7, 18.6.8, 18.5.7","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-05-27T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-9-8-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-9-8-18-8-10-18-7-86927"},{"num":2314,"source_id":"cisa-kev","external_id":"CVE-2026-48027","title":"CVE-2026-48027: Nx Console Embedded Malicious Code Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-48027"],"exploited":true,"has_exploit":false,"published_at":"2026-05-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48027","csirts_url":"https://www.csirts.com/advisory/cve-2026-48027-2314"},{"num":86928,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-0-1-released/","title":"GitLab Patch Release: 19.0.1, 18.11.4, 18.10.7","severity":"critical","cvss":null,"cves":["CVE-2026-4868","CVE-2026-1402","CVE-2026-6713","CVE-2026-5296","CVE-2026-2601","CVE-2026-8716","CVE-2026-2710"],"exploited":false,"has_exploit":false,"published_at":"2026-05-27T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-0-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-19-0-1-18-11-4-18-10-86928"},{"num":243,"source_id":"cisa-kev","external_id":"CVE-2026-45321","title":"CVE-2026-45321: TanStack Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-45321"],"exploited":true,"has_exploit":true,"published_at":"2026-05-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-45321","csirts_url":"https://www.csirts.com/advisory/cve-2026-45321-243"},{"num":244,"source_id":"cisa-kev","external_id":"CVE-2026-8398","title":"CVE-2026-8398: Daemon Tools Lite Embedded Malicious Code Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-8398"],"exploited":true,"has_exploit":false,"published_at":"2026-05-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-8398","csirts_url":"https://www.csirts.com/advisory/cve-2026-8398-244"},{"num":1154,"source_id":"cisa-kev","external_id":"CVE-2026-48172","title":"CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-48172"],"exploited":true,"has_exploit":true,"published_at":"2026-05-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48172","csirts_url":"https://www.csirts.com/advisory/cve-2026-48172-1154"},{"num":19655,"source_id":"jvn","external_id":"https://jvn.jp/en/jp/JVN80890147/","title":"NEC Aterm series vulnerable to OS command injection (NV26-003)","severity":"unknown","cvss":null,"cves":["CVE-2026-8652"],"exploited":false,"has_exploit":false,"published_at":"2026-05-25T05:00:15+00:00","link":"https://jvn.jp/en/jp/JVN80890147/","csirts_url":"https://www.csirts.com/advisory/nec-aterm-series-vulnerable-to-os-command-19655"},{"num":19632,"source_id":"jpcert","external_id":"https://www.jpcert.or.jp/english/at/2026/at260014.html","title":"Security Alert: [Updated] Alert Regarding Multiple Vulnerabilities in Trend Micro Products Including TrendAI Apex One","severity":"unknown","cvss":null,"cves":["CVE-2026-34926"],"exploited":true,"has_exploit":true,"published_at":"2026-05-22T05:14:00+00:00","link":"https://www.jpcert.or.jp/english/at/2026/at260014.html","csirts_url":"https://www.csirts.com/advisory/security-alert-updated-alert-regarding-19632"},{"num":2332,"source_id":"cisa-kev","external_id":"CVE-2026-9082","title":"CVE-2026-9082: Drupal Core SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-9082"],"exploited":true,"has_exploit":true,"published_at":"2026-05-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-9082","csirts_url":"https://www.csirts.com/advisory/cve-2026-9082-2332"},{"num":1155,"source_id":"cisa-kev","external_id":"CVE-2025-34291","title":"CVE-2025-34291: Langflow Origin Validation Error Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-34291"],"exploited":true,"has_exploit":true,"published_at":"2026-05-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-34291","csirts_url":"https://www.csirts.com/advisory/cve-2025-34291-1155"},{"num":288,"source_id":"cisa-kev","external_id":"CVE-2026-34926","title":"CVE-2026-34926: Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-34926"],"exploited":true,"has_exploit":true,"published_at":"2026-05-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34926","csirts_url":"https://www.csirts.com/advisory/cve-2026-34926-288"},{"num":87126,"source_id":"drupal","external_id":"3591142 at https://www.drupal.org","title":"Drupal core - Highly critical - SQL injection - SA-CORE-2026-004","severity":"critical","cvss":null,"cves":["CVE-2026-9082"],"exploited":true,"has_exploit":true,"published_at":"2026-05-20T18:08:21+00:00","link":"https://www.drupal.org/sa-core-2026-004","csirts_url":"https://www.csirts.com/advisory/drupal-core-highly-critical-sql-injection-87126"},{"num":1043,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tevacert-rce-RMJVEym5","title":"Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20199"],"exploited":false,"has_exploit":false,"published_at":"2026-05-20T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tevacert-rce-RMJVEym5?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ThousandEyes%20Virtual%20Appliance%20Authenticated%20Remote%20Code%20Execution%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-thousandeyes-virtual-appliance-1043"},{"num":1041,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bgp-iefab-3hb2pwtx","title":"Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20171"],"exploited":false,"has_exploit":false,"published_at":"2026-05-20T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bgp-iefab-3hb2pwtx?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Nexus%203000%20and%209000%20Series%20Switches%20Border%20Gateway%20Protocol%20Denial%20of%20Service%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-nexus-3000-and-9000-series-switches-1041"},{"num":1045,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tebbot-cmdinj-wN3yQ5gn","title":"Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20206"],"exploited":false,"has_exploit":false,"published_at":"2026-05-20T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tebbot-cmdinj-wN3yQ5gn?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ThousandEyes%20Enterprise%20Agent%20BrowserBot%20Command%20Injection%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-thousandeyes-enterprise-agent-1045"},{"num":1042,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy","title":"Cisco Secure Workload Unauthorized API Access Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20223"],"exploited":false,"has_exploit":false,"published_at":"2026-05-20T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Workload%20Unauthorized%20API%20Access%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-secure-workload-unauthorized-api-1042"},{"num":1163,"source_id":"cisa-kev","external_id":"CVE-2026-41091","title":"CVE-2026-41091: Microsoft Defender Link Following Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-41091"],"exploited":true,"has_exploit":true,"published_at":"2026-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-41091","csirts_url":"https://www.csirts.com/advisory/cve-2026-41091-1163"},{"num":391,"source_id":"cisa-kev","external_id":"CVE-2026-45498","title":"CVE-2026-45498: Microsoft Defender Denial of Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-45498"],"exploited":true,"has_exploit":true,"published_at":"2026-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-45498","csirts_url":"https://www.csirts.com/advisory/cve-2026-45498-391"},{"num":1159,"source_id":"cisa-kev","external_id":"CVE-2010-0249","title":"CVE-2010-0249: Microsoft Internet Explorer Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-0249"],"exploited":true,"has_exploit":true,"published_at":"2026-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-0249","csirts_url":"https://www.csirts.com/advisory/cve-2010-0249-1159"},{"num":1156,"source_id":"cisa-kev","external_id":"CVE-2008-4250","title":"CVE-2008-4250: Microsoft Windows Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2008-4250"],"exploited":true,"has_exploit":true,"published_at":"2026-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2008-4250","csirts_url":"https://www.csirts.com/advisory/cve-2008-4250-1156"},{"num":1160,"source_id":"cisa-kev","external_id":"CVE-2010-0806","title":"CVE-2010-0806: Microsoft Internet Explorer Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-0806"],"exploited":true,"has_exploit":true,"published_at":"2026-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-0806","csirts_url":"https://www.csirts.com/advisory/cve-2010-0806-1160"},{"num":1157,"source_id":"cisa-kev","external_id":"CVE-2009-1537","title":"CVE-2009-1537: Microsoft DirectX NULL Byte Overwrite Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-1537"],"exploited":true,"has_exploit":false,"published_at":"2026-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-1537","csirts_url":"https://www.csirts.com/advisory/cve-2009-1537-1157"},{"num":1158,"source_id":"cisa-kev","external_id":"CVE-2009-3459","title":"CVE-2009-3459: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-3459"],"exploited":true,"has_exploit":true,"published_at":"2026-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-3459","csirts_url":"https://www.csirts.com/advisory/cve-2009-3459-1158"},{"num":1046,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03","title":"Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense","severity":"unknown","cvss":null,"cves":["CVE-2025-20333","CVE-2025-20362"],"exploited":true,"has_exploit":true,"published_at":"2026-05-19T17:49:15+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-CISAED25-03?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Continued%20Evolution%20of%20Persistence%20Mechanism%20Against%20Cisco%20Secure%20Firewall%20Adaptive%20Security%20Appliance%20and%20Secure%20Firewall%20Threat%20Defense%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/continued-evolution-of-persistence-1046"},{"num":1219,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/thinking-carefully-before-adopting-agentic-ai","title":"Thinking carefully before adopting agentic AI","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-05-15T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/thinking-carefully-before-adopting-agentic-ai","csirts_url":"https://www.csirts.com/advisory/thinking-carefully-before-adopting-1219"},{"num":1106,"source_id":"cisa-kev","external_id":"CVE-2026-42897","title":"CVE-2026-42897: Microsoft Exchange Server Cross-Site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-42897"],"exploited":true,"has_exploit":true,"published_at":"2026-05-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-42897","csirts_url":"https://www.csirts.com/advisory/cve-2026-42897-1106"},{"num":932,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-005/","title":"[Update] Vulnerability in Microsoft Exchange Server (May 15, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-42897"],"exploited":true,"has_exploit":true,"published_at":"2026-05-15T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-005/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-microsoft-932"},{"num":1047,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R","title":"Cisco Catalyst SD-WAN Manager Vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-20209","CVE-2026-20210","CVE-2026-20224"],"exploited":false,"has_exploit":false,"published_at":"2026-05-14T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Manager%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-catalyst-sd-wan-manager-1047"},{"num":2304,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc","title":"Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory","severity":"unknown","cvss":null,"cves":["CVE-2026-20188"],"exploited":false,"has_exploit":false,"published_at":"2026-05-14T15:56:13+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Crosswork%20Network%20Controller%20and%20Cisco%20Network%20Services%20Orchestrator%20Advisory%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-crosswork-network-controller-and-2304"},{"num":293,"source_id":"cisa-kev","external_id":"CVE-2026-20182","title":"CVE-2026-20182: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20182"],"exploited":true,"has_exploit":true,"published_at":"2026-05-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20182","csirts_url":"https://www.csirts.com/advisory/cve-2026-20182-293"},{"num":91709,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0241","title":"CVE-2026-0241 Trust Protection Foundation: Multiple Authorization Bypass Vulnerabilities (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0241"],"exploited":false,"has_exploit":false,"published_at":"2026-05-13T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0241","csirts_url":"https://www.csirts.com/advisory/cve-2026-0241-91709"},{"num":144092,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0246","title":"CVE-2026-0246 Prisma Access Agent: Local Privilege Escalation Vulnerability (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0246"],"exploited":false,"has_exploit":false,"published_at":"2026-05-13T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0246","csirts_url":"https://www.csirts.com/advisory/cve-2026-0246-144092"},{"num":101278,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0247","title":"CVE-2026-0247 Prisma Access Agent Endpoint DLP: Authorization Bypass Vulnerabilities (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0247"],"exploited":false,"has_exploit":false,"published_at":"2026-05-13T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0247","csirts_url":"https://www.csirts.com/advisory/cve-2026-0247-101278"},{"num":86922,"source_id":"paloalto","external_id":"https://security.paloaltonetworks.com/CVE-2026-0242","title":"CVE-2026-0242 Trust Protection Foundation: SQL Injection Vulnerability (Severity: MEDIUM)","severity":"medium","cvss":null,"cves":["CVE-2026-0242"],"exploited":false,"has_exploit":false,"published_at":"2026-05-13T16:00:00+00:00","link":"https://security.paloaltonetworks.com/CVE-2026-0242","csirts_url":"https://www.csirts.com/advisory/cve-2026-0242-86922"},{"num":86857,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-139","title":"Linux Kernel Vulnerability copy.fail - CVE-2026-31431","severity":"unknown","cvss":null,"cves":["CVE-2026-31431"],"exploited":true,"has_exploit":true,"published_at":"2026-05-13T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-139","csirts_url":"https://www.csirts.com/advisory/linux-kernel-vulnerability-copy-fail-cve-86857"},{"num":19633,"source_id":"jpcert","external_id":"https://www.jpcert.or.jp/english/at/2026/at260012.html","title":"Security Alert: Microsoft Releases May 2026 Security Updates","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-05-13T02:18:00+00:00","link":"https://www.jpcert.or.jp/english/at/2026/at260012.html","csirts_url":"https://www.csirts.com/advisory/security-alert-microsoft-releases-may-19633"},{"num":86929,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-11-3-released/","title":"GitLab Patch Release: 18.11.3, 18.10.6, 18.9.7","severity":"critical","cvss":null,"cves":["CVE-2026-7481","CVE-2026-5297","CVE-2026-6073","CVE-2026-7377","CVE-2026-1659","CVE-2025-14870","CVE-2025-14869","CVE-2026-1322","CVE-2026-1184","CVE-2026-4524","CVE-2026-8280","CVE-2026-4527","CVE-2026-3160","CVE-2026-6335","CVE-2025-12669","CVE-2026-3607","CVE-2026-3074","CVE-2026-1338","CVE-2026-8144","CVE-2026-6063","CVE-2026-3073","CVE-2025-13874","CVE-2026-7471","CVE-2026-2900","CVE-2026-6883"],"exploited":false,"has_exploit":false,"published_at":"2026-05-13T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-11-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-11-3-18-10-6-18-9-86929"},{"num":86866,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-123","title":"Out-of-bounds access in CAPWAP daemon","severity":"unknown","cvss":null,"cves":["CVE-2025-53844"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-123","csirts_url":"https://www.csirts.com/advisory/out-of-bounds-access-in-capwap-daemon-86866"},{"num":86863,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-136","title":"Incorrect global authorization","severity":"unknown","cvss":null,"cves":["CVE-2026-26083"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-136","csirts_url":"https://www.csirts.com/advisory/incorrect-global-authorization-86863"},{"num":86864,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-133","title":"OS command injection in CLI","severity":"unknown","cvss":null,"cves":["CVE-2025-53870"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-133","csirts_url":"https://www.csirts.com/advisory/os-command-injection-in-cli-86864"},{"num":86867,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-132","title":"SQL command injection in administrative portal","severity":"unknown","cvss":null,"cves":["CVE-2025-53681"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-132","csirts_url":"https://www.csirts.com/advisory/sql-command-injection-in-administrative-86867"},{"num":86861,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-129","title":"Hardcoded Encryption Key Used for VPN Saved Passwords","severity":"unknown","cvss":null,"cves":["CVE-2026-44278"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-129","csirts_url":"https://www.csirts.com/advisory/hardcoded-encryption-key-used-for-vpn-86861"},{"num":86865,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-130","title":"OTP Disclosure via Exported TokenContentProvider","severity":"unknown","cvss":null,"cves":["CVE-2026-44279"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-130","csirts_url":"https://www.csirts.com/advisory/otp-disclosure-via-exported-86865"},{"num":86862,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-128","title":"Improper access control on API endpoints","severity":"unknown","cvss":null,"cves":["CVE-2026-44277"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-128","csirts_url":"https://www.csirts.com/advisory/improper-access-control-on-api-endpoints-86862"},{"num":86859,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-131","title":"Command injection in CLI","severity":"unknown","cvss":null,"cves":["CVE-2025-53680"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-131","csirts_url":"https://www.csirts.com/advisory/command-injection-in-cli-86859"},{"num":86868,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-134","title":"User controlled SQL commands","severity":"unknown","cvss":null,"cves":["CVE-2026-25088"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-134","csirts_url":"https://www.csirts.com/advisory/user-controlled-sql-commands-86868"},{"num":86860,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-137","title":"DoS due to unsafe function in signal handler","severity":"unknown","cvss":null,"cves":["CVE-2025-67604"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-137","csirts_url":"https://www.csirts.com/advisory/dos-due-to-unsafe-function-in-signal-86860"},{"num":86858,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-138","title":"Arbitrary log file read in administrative interface","severity":"unknown","cvss":null,"cves":["CVE-2026-25690"],"exploited":false,"has_exploit":false,"published_at":"2026-05-12T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-138","csirts_url":"https://www.csirts.com/advisory/arbitrary-log-file-read-in-administrative-86858"},{"num":1224,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/10-questions-ask-using-ai-models-find-vulnerabilities","title":"10 questions to ask when using AI models to find vulnerabilities","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-05-11T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/10-questions-ask-using-ai-models-find-vulnerabilities","csirts_url":"https://www.csirts.com/advisory/10-questions-to-ask-when-using-ai-models-1224"},{"num":294,"source_id":"cisa-kev","external_id":"CVE-2026-42208","title":"CVE-2026-42208: BerriAI LiteLLM SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-42208"],"exploited":true,"has_exploit":true,"published_at":"2026-05-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-42208","csirts_url":"https://www.csirts.com/advisory/cve-2026-42208-294"},{"num":295,"source_id":"cisa-kev","external_id":"CVE-2026-6973","title":"CVE-2026-6973: Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-6973"],"exploited":true,"has_exploit":false,"published_at":"2026-05-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-6973","csirts_url":"https://www.csirts.com/advisory/cve-2026-6973-295"},{"num":1055,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy","title":"Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-20034","CVE-2026-20035"],"exploited":false,"has_exploit":false,"published_at":"2026-05-06T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Remote%20Code%20Execution%20and%20Server-Side%20Request%20Forgery%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-unity-connection-remote-code-1055"},{"num":1057,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-unauth-infodiscl-LFnLgmey","title":"Cisco Prime Infrastructure Information Disclosure Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20189"],"exploited":false,"has_exploit":false,"published_at":"2026-05-06T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-unauth-infodiscl-LFnLgmey?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Prime%20Infrastructure%20Information%20Disclosure%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-prime-infrastructure-information-1057"},{"num":1056,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb","title":"Cisco Identity Services Engine Authentication Bypass Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20193","CVE-2026-20195"],"exploited":false,"has_exploit":false,"published_at":"2026-05-06T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Authentication%20Bypass%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-identity-services-engine-1056"},{"num":2323,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-lite-agent-BCgSN8eb","title":"Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20172"],"exploited":false,"has_exploit":false,"published_at":"2026-05-06T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-lite-agent-BCgSN8eb?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Enterprise%20Chat%20and%20Email%20Lite%20Agent%20File%20Upload%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-enterprise-chat-and-email-lite-2323"},{"num":1066,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u","title":"Cisco IoT Field Network Director Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-20167","CVE-2026-20168","CVE-2026-20169"],"exploited":false,"has_exploit":false,"published_at":"2026-05-06T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iot-fnd-dos-n8N26Q4u?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20IoT%20Field%20Network%20Director%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-iot-field-network-director-1066"},{"num":1058,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-slido-idor-CpsFmKxN","title":"Cisco Slido Insecure Direct Object Reference Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20219"],"exploited":false,"has_exploit":false,"published_at":"2026-05-06T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-slido-idor-CpsFmKxN?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Slido%20Insecure%20Direct%20Object%20Reference%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-slido-insecure-direct-object-1058"},{"num":1070,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj","title":"Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability","severity":"high","cvss":null,"cves":["CVE-2026-20185"],"exploited":false,"has_exploit":false,"published_at":"2026-05-06T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sg350-snmp-dos-GEFZr2Tj?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20SG350%20and%20SG350X%20Series%20Managed%20Switches%20SNMP%20Denial%20of%20Service%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-sg350-and-sg350x-series-managed-1070"},{"num":1143,"source_id":"cert-eu","external_id":"security-advisories-10943","title":"2026-006: Critical Vulnerability in PAN-OS","severity":"critical","cvss":null,"cves":["CVE-2026-0300"],"exploited":false,"has_exploit":true,"published_at":"2026-05-06T08:44:32+00:00","link":"https://cert.europa.eu/publications/security-advisories/2026-006/","csirts_url":"https://www.csirts.com/advisory/2026-006-critical-vulnerability-in-pan-os-1143"},{"num":1164,"source_id":"cisa-kev","external_id":"CVE-2026-0300","title":"CVE-2026-0300: Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-0300"],"exploited":true,"has_exploit":true,"published_at":"2026-05-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-0300","csirts_url":"https://www.csirts.com/advisory/cve-2026-0300-1164"},{"num":2373,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG","title":"Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2025-20204","CVE-2025-20205"],"exploited":false,"has_exploit":false,"published_at":"2026-05-05T18:21:38+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Stored%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-identity-services-engine-stored-2373"},{"num":1225,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/prepare-for-vulnerability-patch-wave","title":"Preparing for a ‘vulnerability patch wave’","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-05-01T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/prepare-for-vulnerability-patch-wave","csirts_url":"https://www.csirts.com/advisory/preparing-for-a-vulnerability-patch-wave-1225"},{"num":1165,"source_id":"cisa-kev","external_id":"CVE-2026-31431","title":"CVE-2026-31431: Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-31431"],"exploited":true,"has_exploit":true,"published_at":"2026-05-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-31431","csirts_url":"https://www.csirts.com/advisory/cve-2026-31431-1165"},{"num":1184,"source_id":"cert-eu","external_id":"security-advisories-10942","title":"2026-005: High Vulnerability in the Linux Kernel (\"Copy Fail\")","severity":"high","cvss":null,"cves":["CVE-2026-31431"],"exploited":true,"has_exploit":true,"published_at":"2026-04-30T09:25:30+00:00","link":"https://cert.europa.eu/publications/security-advisories/2026-005/","csirts_url":"https://www.csirts.com/advisory/2026-005-high-vulnerability-in-the-linux-1184"},{"num":1167,"source_id":"cisa-kev","external_id":"CVE-2026-41940","title":"CVE-2026-41940: WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-41940"],"exploited":true,"has_exploit":true,"published_at":"2026-04-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-41940","csirts_url":"https://www.csirts.com/advisory/cve-2026-41940-1167"},{"num":87024,"source_id":"jenkins","external_id":"jenkins-advisory-2026-04-29","title":"Jenkins Security Advisory 2026-04-29","severity":"unknown","cvss":null,"cves":["CVE-2026-42519","CVE-2026-42520","CVE-2026-42521","CVE-2026-42522","CVE-2026-42523","CVE-2026-42524","CVE-2026-42525"],"exploited":false,"has_exploit":false,"published_at":"2026-04-29T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2026-04-29/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2026-04-29-87024"},{"num":86930,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-11-2-released/","title":"GitLab Patch Release: 18.11.2, 18.10.5","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-29T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-11-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-11-2-18-10-5-86930"},{"num":1072,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ","title":"Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-20147","CVE-2026-20148"],"exploited":false,"has_exploit":false,"published_at":"2026-04-28T14:33:18+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Remote%20Code%20Execution%20and%20Path%20Traversal%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-identity-services-engine-remote-1072"},{"num":2660,"source_id":"cisa-kev","external_id":"CVE-2026-32202","title":"CVE-2026-32202: Microsoft Windows Protection Mechanism Failure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-32202"],"exploited":true,"has_exploit":true,"published_at":"2026-04-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-32202","csirts_url":"https://www.csirts.com/advisory/cve-2026-32202-2660"},{"num":2659,"source_id":"cisa-kev","external_id":"CVE-2024-1708","title":"CVE-2024-1708: ConnectWise ScreenConnect Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-1708"],"exploited":true,"has_exploit":true,"published_at":"2026-04-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-1708","csirts_url":"https://www.csirts.com/advisory/cve-2024-1708-2659"},{"num":1226,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/could-your-choice-of-metrics-be-harming-your-soc","title":"Could your choice of metrics be harming your SOC?","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-27T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/could-your-choice-of-metrics-be-harming-your-soc","csirts_url":"https://www.csirts.com/advisory/could-your-choice-of-metrics-be-harming-1226"},{"num":1073,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-cloudsec-enc-Vs5Wn2sX","title":"Cisco ACI Multi-Site CloudSec Encryption Information Disclosure Vulnerability","severity":"high","cvss":null,"cves":["CVE-2023-20185"],"exploited":false,"has_exploit":false,"published_at":"2026-04-24T13:05:36+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aci-cloudsec-enc-Vs5Wn2sX?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ACI%20Multi-Site%20CloudSec%20Encryption%20Information%20Disclosure%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-aci-multi-site-cloudsec-encryption-1073"},{"num":2663,"source_id":"cisa-kev","external_id":"CVE-2025-29635","title":"CVE-2025-29635: D-Link DIR-823X Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-29635"],"exploited":true,"has_exploit":true,"published_at":"2026-04-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-29635","csirts_url":"https://www.csirts.com/advisory/cve-2025-29635-2663"},{"num":1169,"source_id":"cisa-kev","external_id":"CVE-2024-57728","title":"CVE-2024-57728: SimpleHelp Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-57728"],"exploited":true,"has_exploit":false,"published_at":"2026-04-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-57728","csirts_url":"https://www.csirts.com/advisory/cve-2024-57728-1169"},{"num":1966,"source_id":"cisa-kev","external_id":"CVE-2024-7399","title":"CVE-2024-7399: Samsung MagicINFO 9 Server Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-7399"],"exploited":true,"has_exploit":true,"published_at":"2026-04-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-7399","csirts_url":"https://www.csirts.com/advisory/cve-2024-7399-1966"},{"num":1171,"source_id":"cisa-kev","external_id":"CVE-2024-57726","title":"CVE-2024-57726: SimpleHelp Missing Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-57726"],"exploited":true,"has_exploit":false,"published_at":"2026-04-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-57726","csirts_url":"https://www.csirts.com/advisory/cve-2024-57726-1171"},{"num":1238,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/international-cyber-agencies-fresh-advice-defend-against-china-linked-covert-networks","title":"International cyber agencies share fresh advice to defend against China-linked covert networks","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-23T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/international-cyber-agencies-fresh-advice-defend-against-china-linked-covert-networks","csirts_url":"https://www.csirts.com/advisory/international-cyber-agencies-share-fresh-1238"},{"num":1236,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/ncsc-leave-passwords-in-the-past-passkeys-are-the-future","title":"NCSC: Leave passwords in the past - passkeys are the future","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-23T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/ncsc-leave-passwords-in-the-past-passkeys-are-the-future","csirts_url":"https://www.csirts.com/advisory/ncsc-leave-passwords-in-the-past-passkeys-1236"},{"num":1230,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/defending-against-china-nexus-covert-networks-of-compromised-devices","title":"Defending against China-nexus covert networks of compromised devices","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-23T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/defending-against-china-nexus-covert-networks-of-compromised-devices","csirts_url":"https://www.csirts.com/advisory/defending-against-china-nexus-covert-1230"},{"num":1231,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/passkeys-are-more-secure-than-traditional-ways-to-log-in","title":"Passkeys are more secure than traditional ways to log in","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-23T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/passkeys-are-more-secure-than-traditional-ways-to-log-in","csirts_url":"https://www.csirts.com/advisory/passkeys-are-more-secure-than-traditional-1231"},{"num":834,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/supporting-ai-adoption-for-uk-cyber-defence","title":"Supporting AI adoption for UK cyber defence","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-23T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/supporting-ai-adoption-for-uk-cyber-defence","csirts_url":"https://www.csirts.com/advisory/supporting-ai-adoption-for-uk-cyber-834"},{"num":1243,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/executive-summary-defending-against-china-nexus-covert-networks-of-compromised-devices","title":"Executive Summary: Defending against China-nexus covert networks of compromised devices","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-23T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/executive-summary-defending-against-china-nexus-covert-networks-of-compromised-devices","csirts_url":"https://www.csirts.com/advisory/executive-summary-defending-against-china-1243"},{"num":1173,"source_id":"cisa-kev","external_id":"CVE-2026-39987","title":"CVE-2026-39987: Marimo Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-39987"],"exploited":true,"has_exploit":true,"published_at":"2026-04-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-39987","csirts_url":"https://www.csirts.com/advisory/cve-2026-39987-1173"},{"num":1074,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB","title":"Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20085","CVE-2026-20087","CVE-2026-20088","CVE-2026-20089","CVE-2026-20090"],"exploited":false,"has_exploit":false,"published_at":"2026-04-22T18:05:52+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-A2tkgVAB?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Integrated%20Management%20Controller%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-integrated-management-controller-1074"},{"num":1075,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt","title":"Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities","severity":"high","cvss":null,"cves":["CVE-2026-20094","CVE-2026-20095","CVE-2026-20096","CVE-2026-20097"],"exploited":false,"has_exploit":false,"published_at":"2026-04-22T18:01:40+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-3hKN3bVt?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Integrated%20Management%20Controller%20Command%20Injection%20and%20Remote%20Code%20Execution%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-integrated-management-controller-1075"},{"num":2412,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v","title":"Cisco Catalyst SD-WAN Vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-20122","CVE-2026-20126","CVE-2026-20128","CVE-2026-20129","CVE-2026-20133"],"exploited":true,"has_exploit":false,"published_at":"2026-04-22T15:10:56+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Catalyst%20SD-WAN%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-catalyst-sd-wan-vulnerabilities-2412"},{"num":1244,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/world-first-ncsc-engineered-device-secures-vulnerable-display-links","title":"World-first NCSC-engineered device secures vulnerable display links","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-22T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/world-first-ncsc-engineered-device-secures-vulnerable-display-links","csirts_url":"https://www.csirts.com/advisory/world-first-ncsc-engineered-device-1244"},{"num":1174,"source_id":"cisa-kev","external_id":"CVE-2026-33825","title":"CVE-2026-33825: Microsoft Defender Insufficient Granularity of Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-33825"],"exploited":true,"has_exploit":true,"published_at":"2026-04-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-33825","csirts_url":"https://www.csirts.com/advisory/cve-2026-33825-1174"},{"num":86931,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-11-1-released/","title":"GitLab Patch Release: 18.11.1, 18.10.4, 18.9.6","severity":"critical","cvss":null,"cves":["CVE-2026-4922","CVE-2026-5816","CVE-2026-5262","CVE-2025-0186","CVE-2026-1660","CVE-2025-6016","CVE-2025-3922","CVE-2026-6515","CVE-2026-5377","CVE-2026-3254","CVE-2025-9957"],"exploited":false,"has_exploit":false,"published_at":"2026-04-22T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-11-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-11-1-18-10-4-18-9-86931"},{"num":1682,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/blogs/new-cross-domain-guidance-for-government-industry-and-the-wider-security-community","title":"New cross domain guidance for government, industry and the wider security community","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-21T12:00:00+00:00","link":"https://www.ncsc.gov.uk/blogs/new-cross-domain-guidance-for-government-industry-and-the-wider-security-community","csirts_url":"https://www.csirts.com/advisory/new-cross-domain-guidance-for-government-1682"},{"num":1248,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/news/cyber-chief-uk-faces-perfect-storm-for-cyber-security","title":"Cyber chief: UK faces \"perfect storm\" for cyber security","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-21T12:00:00+00:00","link":"https://www.ncsc.gov.uk/news/cyber-chief-uk-faces-perfect-storm-for-cyber-security","csirts_url":"https://www.csirts.com/advisory/cyber-chief-uk-faces-perfect-storm-for-1248"},{"num":1177,"source_id":"cisa-kev","external_id":"CVE-2025-32975","title":"CVE-2025-32975: Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-32975"],"exploited":true,"has_exploit":false,"published_at":"2026-04-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-32975","csirts_url":"https://www.csirts.com/advisory/cve-2025-32975-1177"},{"num":2664,"source_id":"cisa-kev","external_id":"CVE-2024-27199","title":"CVE-2024-27199: JetBrains TeamCity Relative Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-27199"],"exploited":true,"has_exploit":true,"published_at":"2026-04-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-27199","csirts_url":"https://www.csirts.com/advisory/cve-2024-27199-2664"},{"num":1107,"source_id":"cisa-kev","external_id":"CVE-2025-2749","title":"CVE-2025-2749: Kentico Xperience Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-2749"],"exploited":true,"has_exploit":false,"published_at":"2026-04-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-2749","csirts_url":"https://www.csirts.com/advisory/cve-2025-2749-1107"},{"num":1176,"source_id":"cisa-kev","external_id":"CVE-2025-48700","title":"CVE-2025-48700: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48700"],"exploited":true,"has_exploit":false,"published_at":"2026-04-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48700","csirts_url":"https://www.csirts.com/advisory/cve-2025-48700-1176"},{"num":1110,"source_id":"cisa-kev","external_id":"CVE-2026-20128","title":"CVE-2026-20128: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20128"],"exploited":true,"has_exploit":false,"published_at":"2026-04-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20128","csirts_url":"https://www.csirts.com/advisory/cve-2026-20128-1110"},{"num":2161,"source_id":"cisa-kev","external_id":"CVE-2023-27351","title":"CVE-2023-27351: PaperCut NG/MF Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-27351"],"exploited":true,"has_exploit":true,"published_at":"2026-04-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-27351","csirts_url":"https://www.csirts.com/advisory/cve-2023-27351-2161"},{"num":297,"source_id":"cisa-kev","external_id":"CVE-2026-20133","title":"CVE-2026-20133: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20133"],"exploited":true,"has_exploit":false,"published_at":"2026-04-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20133","csirts_url":"https://www.csirts.com/advisory/cve-2026-20133-297"},{"num":1175,"source_id":"cisa-kev","external_id":"CVE-2026-20122","title":"CVE-2026-20122: Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20122"],"exploited":true,"has_exploit":false,"published_at":"2026-04-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20122","csirts_url":"https://www.csirts.com/advisory/cve-2026-20122-1175"},{"num":1078,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL","title":"Cisco Webex Services Certificate Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20184"],"exploited":false,"has_exploit":false,"published_at":"2026-04-16T18:52:15+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Webex%20Services%20Certificate%20Validation%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-webex-services-certificate-1078"},{"num":1079,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-auth-bypass-6YZkTQhd","title":"Cisco Secure Web Appliance Authentication Bypass Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20152"],"exploited":false,"has_exploit":false,"published_at":"2026-04-16T13:14:04+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-auth-bypass-6YZkTQhd?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Secure%20Web%20Appliance%20Authentication%20Bypass%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-secure-web-appliance-authentication-1079"},{"num":1178,"source_id":"cisa-kev","external_id":"CVE-2026-34197","title":"CVE-2026-34197: Apache ActiveMQ Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-34197"],"exploited":true,"has_exploit":true,"published_at":"2026-04-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34197","csirts_url":"https://www.csirts.com/advisory/cve-2026-34197-1178"},{"num":87127,"source_id":"drupal","external_id":"3584598 at https://www.drupal.org","title":"Drupal core - Moderately critical - Cross-site scripting - SA-CORE-2026-003","severity":"critical","cvss":null,"cves":["CVE-2026-6367"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T19:27:21+00:00","link":"https://www.drupal.org/sa-core-2026-003","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-cross-87127"},{"num":87128,"source_id":"drupal","external_id":"3584666 at https://www.drupal.org","title":"Drupal core - Moderately critical - Gadget Chain - SA-CORE-2026-002","severity":"critical","cvss":null,"cves":["CVE-2026-6366"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T19:25:23+00:00","link":"https://www.drupal.org/sa-core-2026-002","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-gadget-87128"},{"num":87129,"source_id":"drupal","external_id":"3584021 at https://www.drupal.org","title":"Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001","severity":"critical","cvss":null,"cves":["CVE-2026-6365"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T19:24:30+00:00","link":"https://www.drupal.org/sa-core-2026-001","csirts_url":"https://www.csirts.com/advisory/drupal-core-critical-cross-site-scripting-87129"},{"num":2443,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-te-agentfilewrite-tqUw3SMU","title":"Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20161"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-te-agentfilewrite-tqUw3SMU?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20ThousandEyes%20Enterprise%20Agent%20Arbitrary%20File%20Overwrite%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-thousandeyes-enterprise-agent-2443"},{"num":2442,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isexss-BS8ctE7U","title":"Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20132"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isexss-BS8ctE7U?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Multiple%20Cross-Site%20Scripting%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-identity-services-engine-multiple-2442"},{"num":1086,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv","title":"Cisco Identity Services Engine Remote Code Execution Vulnerabilities","severity":"critical","cvss":null,"cves":["CVE-2026-20180","CVE-2026-20186"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Remote%20Code%20Execution%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-identity-services-engine-remote-1086"},{"num":1093,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webexcc-xss-WEX5nUnA","title":"Cisco Webex Contact Center Cross-Site Scripting Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20170"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webexcc-xss-WEX5nUnA?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Webex%20Contact%20Center%20Cross-Site%20Scripting%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-webex-contact-center-cross-site-1093"},{"num":2438,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-cmd-inj-5WSJcYJB","title":"Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20136"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-cmd-inj-5WSJcYJB?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Identity%20Services%20Engine%20Authenticated%20Privilege%20Escalation%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-identity-services-engine-2438"},{"num":1087,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw","title":"Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20059","CVE-2026-20060","CVE-2026-20061"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Cross-Site%20Scripting,%20Open%20Redirect,%20and%20SQL%20Injection%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-unity-connection-cross-site-1087"},{"num":2457,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-file-download-RmKEVWPx","title":"Cisco Unity Connection Arbitrary File Download Vulnerabilities","severity":"medium","cvss":null,"cves":["CVE-2026-20078","CVE-2026-20081"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-file-download-RmKEVWPx?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unity%20Connection%20Arbitrary%20File%20Download%20Vulnerabilities%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-unity-connection-arbitrary-file-2457"},{"num":86869,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-127","title":"Out-Of-Bounds Write in administrative interface","severity":"unknown","cvss":null,"cves":["CVE-2026-40688"],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-127","csirts_url":"https://www.csirts.com/advisory/out-of-bounds-write-in-administrative-86869"},{"num":19634,"source_id":"jpcert","external_id":"https://www.jpcert.or.jp/english/at/2026/at260011.html","title":"Security Alert: Alert Regarding Vulnerabilities in Adobe Acrobat and Reader (APSB26-44)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-15T02:53:00+00:00","link":"https://www.jpcert.or.jp/english/at/2026/at260011.html","csirts_url":"https://www.csirts.com/advisory/security-alert-alert-regarding-19634"},{"num":19635,"source_id":"jpcert","external_id":"https://www.jpcert.or.jp/english/at/2026/at260010.html","title":"Security Alert: Microsoft Releases April 2026 Security Updates","severity":"unknown","cvss":null,"cves":["CVE-2026-32201"],"exploited":true,"has_exploit":false,"published_at":"2026-04-15T02:53:00+00:00","link":"https://www.jpcert.or.jp/english/at/2026/at260010.html","csirts_url":"https://www.csirts.com/advisory/security-alert-microsoft-releases-april-19635"},{"num":86882,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-102","title":"Multiple SQL Injections","severity":"unknown","cvss":null,"cves":["CVE-2026-39809"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-102","csirts_url":"https://www.csirts.com/advisory/multiple-sql-injections-86882"},{"num":86887,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-120","title":"Path Traversal in CLI","severity":"unknown","cvss":null,"cves":["CVE-2025-68649"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-120","csirts_url":"https://www.csirts.com/advisory/path-traversal-in-cli-86887"},{"num":86874,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-104","title":"Clear-text credentials retrievable with IP modification for connectors","severity":"unknown","cvss":null,"cves":["CVE-2026-22576"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-104","csirts_url":"https://www.csirts.com/advisory/clear-text-credentials-retrievable-with-86874"},{"num":86879,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-108","title":"Integer Overflow Denial of Service in administrative interface","severity":"unknown","cvss":null,"cves":["CVE-2026-39811"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-108","csirts_url":"https://www.csirts.com/advisory/integer-overflow-denial-of-service-in-86879"},{"num":86881,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-114","title":"Multiple Path traversals in CLI","severity":"unknown","cvss":null,"cves":["CVE-2026-39814"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-114","csirts_url":"https://www.csirts.com/advisory/multiple-path-traversals-in-cli-86881"},{"num":86890,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-119","title":"SQL Injection via API","severity":"unknown","cvss":null,"cves":["CVE-2026-39815"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-119","csirts_url":"https://www.csirts.com/advisory/sql-injection-via-api-86890"},{"num":86876,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-113","title":"Credential disclosure in LDAP configuration web page.","severity":"unknown","cvss":null,"cves":["CVE-2026-27316"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-113","csirts_url":"https://www.csirts.com/advisory/credential-disclosure-in-ldap-86876"},{"num":86888,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-116","title":"Path Traversal on File Content Extraction connector","severity":"unknown","cvss":null,"cves":["CVE-2026-22573"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-116","csirts_url":"https://www.csirts.com/advisory/path-traversal-on-file-content-extraction-86888"},{"num":86878,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-121","title":"Heap-based buffer overflow in oftpd daemon","severity":"unknown","cvss":null,"cves":["CVE-2026-22828"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-121","csirts_url":"https://www.csirts.com/advisory/heap-based-buffer-overflow-in-oftpd-daemon-86878"},{"num":86870,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-101","title":"2FA request can be replayed without a valid token after one successful request","severity":"unknown","cvss":null,"cves":["CVE-2026-23708"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-101","csirts_url":"https://www.csirts.com/advisory/2fa-request-can-be-replayed-without-a-86870"},{"num":86895,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-124","title":"unauthorized backup file access","severity":"unknown","cvss":null,"cves":["CVE-2024-23104"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-124","csirts_url":"https://www.csirts.com/advisory/unauthorized-backup-file-access-86895"},{"num":86872,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-126","title":"Axios npm Package Compromised","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-126","csirts_url":"https://www.csirts.com/advisory/axios-npm-package-compromised-86872"},{"num":86880,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-125","title":"Missing Authentication for critical function in CAPWAP daemon","severity":"critical","cvss":null,"cves":["CVE-2025-53847"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-125","csirts_url":"https://www.csirts.com/advisory/missing-authentication-for-critical-86880"},{"num":86877,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-107","title":"Hardcoded symmetric encryption key for Postgresql","severity":"unknown","cvss":null,"cves":["CVE-2026-39810"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-107","csirts_url":"https://www.csirts.com/advisory/hardcoded-symmetric-encryption-key-for-86877"},{"num":86889,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-109","title":"Reflected XSS in Operation Center","severity":"unknown","cvss":null,"cves":["CVE-2025-61886"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-109","csirts_url":"https://www.csirts.com/advisory/reflected-xss-in-operation-center-86889"},{"num":86885,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-118","title":"Open Redirection via Import CSV option","severity":"unknown","cvss":null,"cves":["CVE-2026-21741"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-118","csirts_url":"https://www.csirts.com/advisory/open-redirection-via-import-csv-option-86885"},{"num":86894,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-112","title":"Unauthenticated Authentication bypass and Privilege escalation in FortiSandbox","severity":"unknown","cvss":null,"cves":["CVE-2026-39813"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-112","csirts_url":"https://www.csirts.com/advisory/unauthenticated-authentication-bypass-and-86894"},{"num":86893,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-117","title":"Stored Cross Site Scripting (XSS) in Reports View page","severity":"unknown","cvss":null,"cves":["CVE-2026-22154"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-117","csirts_url":"https://www.csirts.com/advisory/stored-cross-site-scripting-xss-in-86893"},{"num":86873,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-105","title":"Clear-text credentials retrievable with IP modification for LDAP","severity":"unknown","cvss":null,"cves":["CVE-2026-22574"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-105","csirts_url":"https://www.csirts.com/advisory/clear-text-credentials-retrievable-with-86873"},{"num":86871,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-115","title":"Arbitrary directory delete on vmimages delete feature","severity":"unknown","cvss":null,"cves":["CVE-2026-25691"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-115","csirts_url":"https://www.csirts.com/advisory/arbitrary-directory-delete-on-vmimages-86871"},{"num":86891,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-111","title":"SQL Injection via JSON RPC API","severity":"unknown","cvss":null,"cves":["CVE-2025-61848"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-111","csirts_url":"https://www.csirts.com/advisory/sql-injection-via-json-rpc-api-86891"},{"num":86875,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-106","title":"Cleartext Credentials in response for API endpoints","severity":"unknown","cvss":null,"cves":["CVE-2026-21742","CVE-2026-22155"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-106","csirts_url":"https://www.csirts.com/advisory/cleartext-credentials-in-response-for-api-86875"},{"num":86886,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-122","title":"Path Traversal in CLI","severity":"unknown","cvss":null,"cves":["CVE-2025-61624"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-122","csirts_url":"https://www.csirts.com/advisory/path-traversal-in-cli-86886"},{"num":86884,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-100","title":"OS Command Injection through API endpoint","severity":"unknown","cvss":null,"cves":["CVE-2026-39808"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-100","csirts_url":"https://www.csirts.com/advisory/os-command-injection-through-api-endpoint-86884"},{"num":86892,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-103","title":"SSRF via Report template and scheduling","severity":"unknown","cvss":null,"cves":["CVE-2025-59809"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-103","csirts_url":"https://www.csirts.com/advisory/ssrf-via-report-template-and-scheduling-86892"},{"num":86883,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-110","title":"Multiple Stored XSS","severity":"unknown","cvss":null,"cves":["CVE-2026-39812"],"exploited":false,"has_exploit":false,"published_at":"2026-04-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-110","csirts_url":"https://www.csirts.com/advisory/multiple-stored-xss-86883"},{"num":1180,"source_id":"cisa-kev","external_id":"CVE-2026-32201","title":"CVE-2026-32201: Microsoft SharePoint Server Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-32201"],"exploited":true,"has_exploit":false,"published_at":"2026-04-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-32201","csirts_url":"https://www.csirts.com/advisory/cve-2026-32201-1180"},{"num":1179,"source_id":"cisa-kev","external_id":"CVE-2009-0238","title":"CVE-2009-0238: Microsoft Office Remote Code Execution","severity":"critical","cvss":null,"cves":["CVE-2009-0238"],"exploited":true,"has_exploit":false,"published_at":"2026-04-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-0238","csirts_url":"https://www.csirts.com/advisory/cve-2009-0238-1179"},{"num":1181,"source_id":"cisa-kev","external_id":"CVE-2012-1854","title":"CVE-2012-1854: Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-1854"],"exploited":true,"has_exploit":false,"published_at":"2026-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-1854","csirts_url":"https://www.csirts.com/advisory/cve-2012-1854-1181"},{"num":1195,"source_id":"cisa-kev","external_id":"CVE-2026-34621","title":"CVE-2026-34621: Adobe Acrobat and Reader Prototype Pollution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-34621"],"exploited":true,"has_exploit":true,"published_at":"2026-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34621","csirts_url":"https://www.csirts.com/advisory/cve-2026-34621-1195"},{"num":1185,"source_id":"cisa-kev","external_id":"CVE-2020-9715","title":"CVE-2020-9715: Adobe Acrobat Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-9715"],"exploited":true,"has_exploit":true,"published_at":"2026-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-9715","csirts_url":"https://www.csirts.com/advisory/cve-2020-9715-1185"},{"num":304,"source_id":"cisa-kev","external_id":"CVE-2023-21529","title":"CVE-2023-21529: Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-21529"],"exploited":true,"has_exploit":false,"published_at":"2026-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21529","csirts_url":"https://www.csirts.com/advisory/cve-2023-21529-304"},{"num":1182,"source_id":"cisa-kev","external_id":"CVE-2023-36424","title":"CVE-2023-36424: Microsoft Windows Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36424"],"exploited":true,"has_exploit":true,"published_at":"2026-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36424","csirts_url":"https://www.csirts.com/advisory/cve-2023-36424-1182"},{"num":302,"source_id":"cisa-kev","external_id":"CVE-2025-60710","title":"CVE-2025-60710: Microsoft Windows Link Following Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-60710"],"exploited":true,"has_exploit":true,"published_at":"2026-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-60710","csirts_url":"https://www.csirts.com/advisory/cve-2025-60710-302"},{"num":1192,"source_id":"cisa-kev","external_id":"CVE-2026-21643","title":"CVE-2026-21643: Fortinet FortiClient EMS SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21643"],"exploited":true,"has_exploit":true,"published_at":"2026-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21643","csirts_url":"https://www.csirts.com/advisory/cve-2026-21643-1192"},{"num":86932,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-10-3-released/","title":"GitLab Patch Release: 18.10.3, 18.9.5, 18.8.9","severity":"critical","cvss":null,"cves":["CVE-2026-5173","CVE-2026-1092","CVE-2025-12664","CVE-2026-1403","CVE-2026-1101","CVE-2026-1516","CVE-2026-4332","CVE-2026-2619","CVE-2025-9484","CVE-2026-1752","CVE-2026-2104","CVE-2026-4916"],"exploited":false,"has_exploit":false,"published_at":"2026-04-08T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-10-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-10-3-18-9-5-18-8-9-86932"},{"num":1208,"source_id":"cisa-kev","external_id":"CVE-2026-1340","title":"CVE-2026-1340: Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-1340"],"exploited":true,"has_exploit":true,"published_at":"2026-04-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-1340","csirts_url":"https://www.csirts.com/advisory/cve-2026-1340-1208"},{"num":1209,"source_id":"cisa-kev","external_id":"CVE-2026-35616","title":"CVE-2026-35616: Fortinet FortiClient EMS Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-35616"],"exploited":true,"has_exploit":true,"published_at":"2026-04-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-35616","csirts_url":"https://www.csirts.com/advisory/cve-2026-35616-1209"},{"num":86896,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-099","title":"API authentication and authorization bypass","severity":"unknown","cvss":null,"cves":["CVE-2026-35616"],"exploited":false,"has_exploit":true,"published_at":"2026-04-04T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-099","csirts_url":"https://www.csirts.com/advisory/api-authentication-and-authorization-86896"},{"num":1099,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq","title":"Cisco IOS XE Software Denial of Service Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20110"],"exploited":false,"has_exploit":false,"published_at":"2026-04-02T19:43:54+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20IOS%20XE%20Software%20Denial%20of%20Service%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-ios-xe-software-denial-of-service-1099"},{"num":1210,"source_id":"cisa-kev","external_id":"CVE-2026-3502","title":"CVE-2026-3502: TrueConf Client Download of Code Without Integrity Check Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-3502"],"exploited":true,"has_exploit":false,"published_at":"2026-04-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-3502","csirts_url":"https://www.csirts.com/advisory/cve-2026-3502-1210"},{"num":1124,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn","title":"Cisco Integrated Management Controller Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20093"],"exploited":false,"has_exploit":false,"published_at":"2026-04-01T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-auth-bypass-AgG2BxTn?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Integrated%20Management%20Controller%20Authentication%20Bypass%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-integrated-management-controller-1124"},{"num":1125,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-xRAnOuO8","title":"Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability","severity":"high","cvss":null,"cves":["CVE-2026-20151"],"exploited":false,"has_exploit":false,"published_at":"2026-04-01T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-xRAnOuO8?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Smart%20Software%20Manager%20On-Prem%20Privilege%20Escalation%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-smart-software-manager-on-prem-1125"},{"num":1100,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-cli-execution-cHUcWuNr","title":"Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20160"],"exploited":false,"has_exploit":false,"published_at":"2026-04-01T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-cli-execution-cHUcWuNr?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Smart%20Software%20Manager%20On-Prem%20Arbitrary%20Command%20Execution%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-smart-software-manager-on-prem-1100"},{"num":2571,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-improp-auth-mUwFWUU3","title":"Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability","severity":"high","cvss":null,"cves":["CVE-2026-20155"],"exploited":false,"has_exploit":false,"published_at":"2026-04-01T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-improp-auth-mUwFWUU3?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Evolved%20Programmable%20Network%20Manager%20Improper%20Authorization%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-evolved-programmable-network-2571"},{"num":1117,"source_id":"cisco-psirt","external_id":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndi-afw-rJuRC5dZ","title":"Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability","severity":"medium","cvss":null,"cves":["CVE-2026-20174"],"exploited":false,"has_exploit":false,"published_at":"2026-04-01T16:00:00+00:00","link":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ndi-afw-rJuRC5dZ?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Nexus%20Dashboard%20Insights%20Arbitrary%20File%20Write%20Vulnerability%26vs_k=1","csirts_url":"https://www.csirts.com/advisory/cisco-nexus-dashboard-insights-arbitrary-1117"},{"num":2167,"source_id":"cisa-kev","external_id":"CVE-2026-5281","title":"CVE-2026-5281: Google Dawn Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-5281"],"exploited":true,"has_exploit":true,"published_at":"2026-04-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-5281","csirts_url":"https://www.csirts.com/advisory/cve-2026-5281-2167"},{"num":1979,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-004/","title":"Vulnerability in F5 BIG-IP Access Policy Manager (March 31, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2025-53521"],"exploited":true,"has_exploit":false,"published_at":"2026-03-31T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-004/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-f5-big-ip-access-policy-1979"},{"num":1212,"source_id":"cisa-kev","external_id":"CVE-2026-3055","title":"CVE-2026-3055: Citrix NetScaler Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-3055"],"exploited":true,"has_exploit":true,"published_at":"2026-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-3055","csirts_url":"https://www.csirts.com/advisory/cve-2026-3055-1212"},{"num":1213,"source_id":"cisa-kev","external_id":"CVE-2025-53521","title":"CVE-2025-53521: F5 BIG-IP Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-53521"],"exploited":true,"has_exploit":false,"published_at":"2026-03-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-53521","csirts_url":"https://www.csirts.com/advisory/cve-2025-53521-1213"},{"num":395,"source_id":"cisa-kev","external_id":"CVE-2026-33634","title":"CVE-2026-33634: Aquasecurity Trivy Embedded Malicious Code Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-33634"],"exploited":true,"has_exploit":false,"published_at":"2026-03-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-33634","csirts_url":"https://www.csirts.com/advisory/cve-2026-33634-395"},{"num":415,"source_id":"cert-eu","external_id":"security-advisories-10941","title":"2026-004: Critical Vulnerability in SharePoint Exploited","severity":"critical","cvss":null,"cves":["CVE-2026-20963","CVE-2026-26106","CVE-2026-26113","CVE-2026-26114"],"exploited":false,"has_exploit":false,"published_at":"2026-03-25T07:51:39+00:00","link":"https://cert.europa.eu/publications/security-advisories/2026-004/","csirts_url":"https://www.csirts.com/advisory/2026-004-critical-vulnerability-in-415"},{"num":2681,"source_id":"cisa-kev","external_id":"CVE-2026-33017","title":"CVE-2026-33017: Langflow Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-33017"],"exploited":true,"has_exploit":true,"published_at":"2026-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-33017","csirts_url":"https://www.csirts.com/advisory/cve-2026-33017-2681"},{"num":86933,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-10-1-released/","title":"GitLab Patch Release: 18.10.1, 18.9.3, 18.8.7","severity":"critical","cvss":null,"cves":["CVE-2026-2370","CVE-2026-3857","CVE-2026-2995","CVE-2026-3988","CVE-2026-2745","CVE-2026-1724","CVE-2025-13436","CVE-2025-13078","CVE-2026-2973","CVE-2026-2726","CVE-2025-14595","CVE-2026-4363"],"exploited":false,"has_exploit":false,"published_at":"2026-03-25T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-10-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-10-1-18-9-3-18-8-7-86933"},{"num":423,"source_id":"cert-eu","external_id":"security-advisories-10940","title":"2026-003: Multiple Vulnerabilities in Citrix NetScaler and Citrix ADC","severity":"unknown","cvss":null,"cves":["CVE-2026-3055","CVE-2026-4368"],"exploited":false,"has_exploit":true,"published_at":"2026-03-23T18:03:59+00:00","link":"https://cert.europa.eu/publications/security-advisories/2026-003/","csirts_url":"https://www.csirts.com/advisory/2026-003-multiple-vulnerabilities-in-423"},{"num":309,"source_id":"cisa-kev","external_id":"CVE-2025-43510","title":"CVE-2025-43510: Apple Multiple Products Improper Locking Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-43510"],"exploited":true,"has_exploit":false,"published_at":"2026-03-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-43510","csirts_url":"https://www.csirts.com/advisory/cve-2025-43510-309"},{"num":307,"source_id":"cisa-kev","external_id":"CVE-2025-32432","title":"CVE-2025-32432: Craft CMS Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-32432"],"exploited":true,"has_exploit":true,"published_at":"2026-03-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-32432","csirts_url":"https://www.csirts.com/advisory/cve-2025-32432-307"},{"num":580,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-003/","title":"Alert note – Targeting instant messaging accounts (March 20, 2026)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-03-20T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-003/","csirts_url":"https://www.csirts.com/advisory/alert-note-targeting-instant-messaging-580"},{"num":308,"source_id":"cisa-kev","external_id":"CVE-2025-54068","title":"CVE-2025-54068: Laravel Livewire Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-54068"],"exploited":true,"has_exploit":true,"published_at":"2026-03-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-54068","csirts_url":"https://www.csirts.com/advisory/cve-2025-54068-308"},{"num":1214,"source_id":"cisa-kev","external_id":"CVE-2025-31277","title":"CVE-2025-31277: Apple Multiple Products Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-31277"],"exploited":true,"has_exploit":true,"published_at":"2026-03-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-31277","csirts_url":"https://www.csirts.com/advisory/cve-2025-31277-1214"},{"num":310,"source_id":"cisa-kev","external_id":"CVE-2025-43520","title":"CVE-2025-43520: Apple Multiple Products Classic Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-43520"],"exploited":true,"has_exploit":false,"published_at":"2026-03-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-43520","csirts_url":"https://www.csirts.com/advisory/cve-2025-43520-310"},{"num":1215,"source_id":"cisa-kev","external_id":"CVE-2026-20131","title":"CVE-2026-20131: Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20131"],"exploited":true,"has_exploit":true,"published_at":"2026-03-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20131","csirts_url":"https://www.csirts.com/advisory/cve-2026-20131-1215"},{"num":87025,"source_id":"jenkins","external_id":"jenkins-advisory-2026-03-18","title":"Jenkins Security Advisory 2026-03-18","severity":"unknown","cvss":null,"cves":["CVE-2026-33001","CVE-2026-33002","CVE-2026-33003","CVE-2026-33004"],"exploited":false,"has_exploit":false,"published_at":"2026-03-18T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2026-03-18/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2026-03-18-87025"},{"num":1220,"source_id":"cisa-kev","external_id":"CVE-2025-66376","title":"CVE-2025-66376: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-66376"],"exploited":true,"has_exploit":false,"published_at":"2026-03-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-66376","csirts_url":"https://www.csirts.com/advisory/cve-2025-66376-1220"},{"num":1227,"source_id":"cisa-kev","external_id":"CVE-2026-20963","title":"CVE-2026-20963: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20963"],"exploited":true,"has_exploit":false,"published_at":"2026-03-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20963","csirts_url":"https://www.csirts.com/advisory/cve-2026-20963-1227"},{"num":1228,"source_id":"cisa-kev","external_id":"CVE-2025-47813","title":"CVE-2025-47813: Wing FTP Server Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-47813"],"exploited":true,"has_exploit":true,"published_at":"2026-03-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-47813","csirts_url":"https://www.csirts.com/advisory/cve-2025-47813-1228"},{"num":2696,"source_id":"cisa-kev","external_id":"CVE-2026-3909","title":"CVE-2026-3909: Google Skia Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-3909"],"exploited":true,"has_exploit":false,"published_at":"2026-03-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-3909","csirts_url":"https://www.csirts.com/advisory/cve-2026-3909-2696"},{"num":1239,"source_id":"cisa-kev","external_id":"CVE-2026-3910","title":"CVE-2026-3910: Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-3910"],"exploited":true,"has_exploit":false,"published_at":"2026-03-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-3910","csirts_url":"https://www.csirts.com/advisory/cve-2026-3910-1239"},{"num":86934,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-9-2-released/","title":"GitLab Patch Release: 18.9.2, 18.8.6, 18.7.6","severity":"critical","cvss":null,"cves":["CVE-2026-1090","CVE-2026-1069","CVE-2025-13929","CVE-2025-14513","CVE-2025-13690","CVE-2025-12576","CVE-2026-3848","CVE-2025-12555","CVE-2026-0602","CVE-2026-1732","CVE-2026-1663","CVE-2026-1230","CVE-2026-1182","CVE-2025-12704","CVE-2025-12697"],"exploited":false,"has_exploit":false,"published_at":"2026-03-11T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-9-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-9-2-18-8-6-18-7-6-86934"},{"num":1120,"source_id":"cisa-kev","external_id":"CVE-2025-68613","title":"CVE-2025-68613: n8n Improper Control of Dynamically-Managed Code Resources Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-68613"],"exploited":true,"has_exploit":true,"published_at":"2026-03-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-68613","csirts_url":"https://www.csirts.com/advisory/cve-2025-68613-1120"},{"num":86897,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-26-096","title":"OS command injection on vmimages update feature","severity":"unknown","cvss":null,"cves":["CVE-2026-25836"],"exploited":false,"has_exploit":false,"published_at":"2026-03-10T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-26-096","csirts_url":"https://www.csirts.com/advisory/os-command-injection-on-vmimages-update-86897"},{"num":311,"source_id":"cisa-kev","external_id":"CVE-2021-22054","title":"CVE-2021-22054: Omnissa Workspace ONE Server-Side Request Forgery","severity":"critical","cvss":null,"cves":["CVE-2021-22054"],"exploited":true,"has_exploit":true,"published_at":"2026-03-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22054","csirts_url":"https://www.csirts.com/advisory/cve-2021-22054-311"},{"num":313,"source_id":"cisa-kev","external_id":"CVE-2025-26399","title":"CVE-2025-26399: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-26399"],"exploited":true,"has_exploit":true,"published_at":"2026-03-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-26399","csirts_url":"https://www.csirts.com/advisory/cve-2025-26399-313"},{"num":314,"source_id":"cisa-kev","external_id":"CVE-2026-1603","title":"CVE-2026-1603: Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-1603"],"exploited":true,"has_exploit":true,"published_at":"2026-03-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-1603","csirts_url":"https://www.csirts.com/advisory/cve-2026-1603-314"},{"num":1249,"source_id":"cisa-kev","external_id":"CVE-2023-41974","title":"CVE-2023-41974: Apple iOS and iPadOS Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41974"],"exploited":true,"has_exploit":false,"published_at":"2026-03-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41974","csirts_url":"https://www.csirts.com/advisory/cve-2023-41974-1249"},{"num":1246,"source_id":"cisa-kev","external_id":"CVE-2023-43000","title":"CVE-2023-43000: Apple Multiple products Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-43000"],"exploited":true,"has_exploit":false,"published_at":"2026-03-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-43000","csirts_url":"https://www.csirts.com/advisory/cve-2023-43000-1246"},{"num":1126,"source_id":"cisa-kev","external_id":"CVE-2021-30952","title":"CVE-2021-30952: Apple Multiple Products Integer Overflow or Wraparound Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30952"],"exploited":true,"has_exploit":false,"published_at":"2026-03-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30952","csirts_url":"https://www.csirts.com/advisory/cve-2021-30952-1126"},{"num":1240,"source_id":"cisa-kev","external_id":"CVE-2017-7921","title":"CVE-2017-7921: Hikvision Multiple Products Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-7921"],"exploited":true,"has_exploit":true,"published_at":"2026-03-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-7921","csirts_url":"https://www.csirts.com/advisory/cve-2017-7921-1240"},{"num":1245,"source_id":"cisa-kev","external_id":"CVE-2021-22681","title":"CVE-2021-22681: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22681"],"exploited":true,"has_exploit":false,"published_at":"2026-03-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22681","csirts_url":"https://www.csirts.com/advisory/cve-2021-22681-1245"},{"num":1251,"source_id":"cisa-kev","external_id":"CVE-2026-21385","title":"CVE-2026-21385: Qualcomm Multiple Chipsets Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21385"],"exploited":true,"has_exploit":false,"published_at":"2026-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21385","csirts_url":"https://www.csirts.com/advisory/cve-2026-21385-1251"},{"num":1250,"source_id":"cisa-kev","external_id":"CVE-2026-22719","title":"CVE-2026-22719: Broadcom VMware Aria Operations Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-22719"],"exploited":true,"has_exploit":false,"published_at":"2026-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-22719","csirts_url":"https://www.csirts.com/advisory/cve-2026-22719-1250"},{"num":195,"source_id":"cert-eu","external_id":"security-advisories-10939","title":"2026-002: Multiple Vulnerabilities in Cisco Products","severity":"critical","cvss":null,"cves":["CVE-2026-20127"],"exploited":true,"has_exploit":true,"published_at":"2026-02-26T18:38:52+00:00","link":"https://cert.europa.eu/publications/security-advisories/2026-002/","csirts_url":"https://www.csirts.com/advisory/2026-002-multiple-vulnerabilities-in-195"},{"num":86935,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-9-1-released/","title":"GitLab Patch Release: 18.9.1, 18.8.5, 18.7.5","severity":"critical","cvss":null,"cves":["CVE-2026-0752","CVE-2025-14511","CVE-2026-1662","CVE-2026-1388","CVE-2026-2845","CVE-2025-3525","CVE-2026-1725","CVE-2026-1747","CVE-2025-14103"],"exploited":false,"has_exploit":false,"published_at":"2026-02-25T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-9-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-9-1-18-8-5-18-7-5-86935"},{"num":1976,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-002/","title":"[Update] Vulnerability in Cisco Catalyst SD-WAN (February 25, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-20127"],"exploited":true,"has_exploit":true,"published_at":"2026-02-25T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-002/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-cisco-catalyst-sd-1976"},{"num":1252,"source_id":"cisa-kev","external_id":"CVE-2026-20127","title":"CVE-2026-20127: Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20127"],"exploited":true,"has_exploit":true,"published_at":"2026-02-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20127","csirts_url":"https://www.csirts.com/advisory/cve-2026-20127-1252"},{"num":317,"source_id":"cisa-kev","external_id":"CVE-2022-20775","title":"CVE-2022-20775: Cisco SD-WAN Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-20775"],"exploited":true,"has_exploit":false,"published_at":"2026-02-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-20775","csirts_url":"https://www.csirts.com/advisory/cve-2022-20775-317"},{"num":1253,"source_id":"cisa-kev","external_id":"CVE-2026-25108","title":"CVE-2026-25108: Soliton Systems K.K FileZen OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-25108"],"exploited":true,"has_exploit":false,"published_at":"2026-02-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-25108","csirts_url":"https://www.csirts.com/advisory/cve-2026-25108-1253"},{"num":2710,"source_id":"cisa-kev","external_id":"CVE-2025-49113","title":"CVE-2025-49113: RoundCube Webmail Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-49113"],"exploited":true,"has_exploit":true,"published_at":"2026-02-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-49113","csirts_url":"https://www.csirts.com/advisory/cve-2025-49113-2710"},{"num":1002,"source_id":"cisa-kev","external_id":"CVE-2025-68461","title":"CVE-2025-68461: RoundCube Webmail Cross-site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-68461"],"exploited":true,"has_exploit":true,"published_at":"2026-02-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-68461","csirts_url":"https://www.csirts.com/advisory/cve-2025-68461-1002"},{"num":87026,"source_id":"jenkins","external_id":"jenkins-advisory-2026-02-18","title":"Jenkins Security Advisory 2026-02-18","severity":"unknown","cvss":null,"cves":["CVE-2026-27099","CVE-2026-27100"],"exploited":false,"has_exploit":false,"published_at":"2026-02-18T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2026-02-18/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2026-02-18-87026"},{"num":1255,"source_id":"cisa-kev","external_id":"CVE-2026-22769","title":"CVE-2026-22769: Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-22769"],"exploited":true,"has_exploit":false,"published_at":"2026-02-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-22769","csirts_url":"https://www.csirts.com/advisory/cve-2026-22769-1255"},{"num":1254,"source_id":"cisa-kev","external_id":"CVE-2021-22175","title":"CVE-2021-22175: GitLab Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22175"],"exploited":true,"has_exploit":true,"published_at":"2026-02-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22175","csirts_url":"https://www.csirts.com/advisory/cve-2021-22175-1254"},{"num":1275,"source_id":"cisa-kev","external_id":"CVE-2026-2441","title":"CVE-2026-2441: Google Chromium CSS Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-2441"],"exploited":true,"has_exploit":true,"published_at":"2026-02-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-2441","csirts_url":"https://www.csirts.com/advisory/cve-2026-2441-1275"},{"num":1269,"source_id":"cisa-kev","external_id":"CVE-2024-7694","title":"CVE-2024-7694: TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-7694"],"exploited":true,"has_exploit":false,"published_at":"2026-02-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-7694","csirts_url":"https://www.csirts.com/advisory/cve-2024-7694-1269"},{"num":1268,"source_id":"cisa-kev","external_id":"CVE-2020-7796","title":"CVE-2020-7796: Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-7796"],"exploited":true,"has_exploit":true,"published_at":"2026-02-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-7796","csirts_url":"https://www.csirts.com/advisory/cve-2020-7796-1268"},{"num":1274,"source_id":"cisa-kev","external_id":"CVE-2008-0015","title":"CVE-2008-0015: Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2008-0015"],"exploited":true,"has_exploit":true,"published_at":"2026-02-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2008-0015","csirts_url":"https://www.csirts.com/advisory/cve-2008-0015-1274"},{"num":1279,"source_id":"cisa-kev","external_id":"CVE-2026-1731","title":"CVE-2026-1731: BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-1731"],"exploited":true,"has_exploit":true,"published_at":"2026-02-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-1731","csirts_url":"https://www.csirts.com/advisory/cve-2026-1731-1279"},{"num":1293,"source_id":"cisa-kev","external_id":"CVE-2024-43468","title":"CVE-2024-43468: Microsoft Configuration Manager SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-43468"],"exploited":true,"has_exploit":true,"published_at":"2026-02-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-43468","csirts_url":"https://www.csirts.com/advisory/cve-2024-43468-1293"},{"num":2124,"source_id":"cisa-kev","external_id":"CVE-2025-40536","title":"CVE-2025-40536: SolarWinds Web Help Desk Security Control Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-40536"],"exploited":true,"has_exploit":true,"published_at":"2026-02-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-40536","csirts_url":"https://www.csirts.com/advisory/cve-2025-40536-2124"},{"num":319,"source_id":"cisa-kev","external_id":"CVE-2026-20700","title":"CVE-2026-20700: Apple Multiple Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20700"],"exploited":true,"has_exploit":true,"published_at":"2026-02-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20700","csirts_url":"https://www.csirts.com/advisory/cve-2026-20700-319"},{"num":2186,"source_id":"cisa-kev","external_id":"CVE-2025-15556","title":"CVE-2025-15556: Notepad++ Download of Code Without Integrity Check Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-15556"],"exploited":true,"has_exploit":true,"published_at":"2026-02-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-15556","csirts_url":"https://www.csirts.com/advisory/cve-2025-15556-2186"},{"num":86848,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-25-1052","title":"LDAP authentication bypass in Agentless VPN and FSSO","severity":"unknown","cvss":null,"cves":["CVE-2026-22153"],"exploited":false,"has_exploit":false,"published_at":"2026-02-10T08:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-25-1052","csirts_url":"https://www.csirts.com/advisory/ldap-authentication-bypass-in-agentless-86848"},{"num":2724,"source_id":"cisa-kev","external_id":"CVE-2026-21514","title":"CVE-2026-21514: Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21514"],"exploited":true,"has_exploit":false,"published_at":"2026-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21514","csirts_url":"https://www.csirts.com/advisory/cve-2026-21514-2724"},{"num":1313,"source_id":"cisa-kev","external_id":"CVE-2026-21533","title":"CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21533"],"exploited":true,"has_exploit":false,"published_at":"2026-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21533","csirts_url":"https://www.csirts.com/advisory/cve-2026-21533-1313"},{"num":86936,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-4-released/","title":"GitLab Patch Release: 18.8.4, 18.7.4, 18.6.6","severity":"critical","cvss":null,"cves":["CVE-2025-7659","CVE-2025-8099","CVE-2026-0958","CVE-2025-14560","CVE-2026-0595","CVE-2026-1458","CVE-2026-1456","CVE-2026-1387","CVE-2025-12575","CVE-2026-1094","CVE-2025-12073","CVE-2026-1080","CVE-2025-14592","CVE-2026-1282","CVE-2025-14594"],"exploited":false,"has_exploit":false,"published_at":"2026-02-10T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-4-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-8-4-18-7-4-18-6-6-86936"},{"num":1294,"source_id":"cisa-kev","external_id":"CVE-2026-21513","title":"CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21513"],"exploited":true,"has_exploit":false,"published_at":"2026-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21513","csirts_url":"https://www.csirts.com/advisory/cve-2026-21513-1294"},{"num":1312,"source_id":"cisa-kev","external_id":"CVE-2026-21510","title":"CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21510"],"exploited":true,"has_exploit":false,"published_at":"2026-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21510","csirts_url":"https://www.csirts.com/advisory/cve-2026-21510-1312"},{"num":1323,"source_id":"cisa-kev","external_id":"CVE-2026-21519","title":"CVE-2026-21519: Microsoft Windows Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21519"],"exploited":true,"has_exploit":false,"published_at":"2026-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21519","csirts_url":"https://www.csirts.com/advisory/cve-2026-21519-1323"},{"num":320,"source_id":"cisa-kev","external_id":"CVE-2026-21525","title":"CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21525"],"exploited":true,"has_exploit":false,"published_at":"2026-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21525","csirts_url":"https://www.csirts.com/advisory/cve-2026-21525-320"},{"num":86937,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/other-patches/patch-release-gitlab-ai-gateway-18-8-1-released/","title":"GitLab AI Gateway Critical Patch Release: 18.6.2, 18.7.1, and 18.8.1","severity":"critical","cvss":null,"cves":["CVE-2026-1868"],"exploited":false,"has_exploit":false,"published_at":"2026-02-06T00:00:00+00:00","link":"https://docs.gitlab.com/releases/other-patches/patch-release-gitlab-ai-gateway-18-8-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-ai-gateway-critical-patch-release-86937"},{"num":1342,"source_id":"cisa-kev","external_id":"CVE-2026-24423","title":"CVE-2026-24423: SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-24423"],"exploited":true,"has_exploit":true,"published_at":"2026-02-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-24423","csirts_url":"https://www.csirts.com/advisory/cve-2026-24423-1342"},{"num":1324,"source_id":"cisa-kev","external_id":"CVE-2025-11953","title":"CVE-2025-11953: React Native Community CLI OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-11953"],"exploited":true,"has_exploit":true,"published_at":"2026-02-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-11953","csirts_url":"https://www.csirts.com/advisory/cve-2025-11953-1324"},{"num":86938,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-3-released/","title":"GitLab Patch Release: 18.8.3, 18.7.3, 18.6.5","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-02-04T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-8-3-18-7-3-18-6-5-86938"},{"num":2007,"source_id":"cisa-kev","external_id":"CVE-2021-39935","title":"CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-39935"],"exploited":true,"has_exploit":true,"published_at":"2026-02-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-39935","csirts_url":"https://www.csirts.com/advisory/cve-2021-39935-2007"},{"num":1148,"source_id":"cisa-kev","external_id":"CVE-2019-19006","title":"CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-19006"],"exploited":true,"has_exploit":false,"published_at":"2026-02-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-19006","csirts_url":"https://www.csirts.com/advisory/cve-2019-19006-1148"},{"num":1346,"source_id":"cisa-kev","external_id":"CVE-2025-40551","title":"CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-40551"],"exploited":true,"has_exploit":true,"published_at":"2026-02-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-40551","csirts_url":"https://www.csirts.com/advisory/cve-2025-40551-1346"},{"num":324,"source_id":"cisa-kev","external_id":"CVE-2025-64328","title":"CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-64328"],"exploited":true,"has_exploit":true,"published_at":"2026-02-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-64328","csirts_url":"https://www.csirts.com/advisory/cve-2025-64328-324"},{"num":1191,"source_id":"cert-eu","external_id":"security-advisories-10938","title":"2026-001: Critical vulnerabilities in Ivanti EPMM","severity":"critical","cvss":null,"cves":["CVE-2026-1281","CVE-2026-1340"],"exploited":false,"has_exploit":true,"published_at":"2026-01-30T09:09:06+00:00","link":"https://cert.europa.eu/publications/security-advisories/2026-001/","csirts_url":"https://www.csirts.com/advisory/2026-001-critical-vulnerabilities-in-1191"},{"num":577,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-001/","title":"[Update] Multiple vulnerabilities in Ivanti Endpoint Manager Mobile (January 30, 2026)","severity":"unknown","cvss":null,"cves":["CVE-2026-1340","CVE-2026-1281"],"exploited":false,"has_exploit":true,"published_at":"2026-01-30T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-001/","csirts_url":"https://www.csirts.com/advisory/update-multiple-vulnerabilities-in-ivanti-577"},{"num":2725,"source_id":"cisa-kev","external_id":"CVE-2026-1281","title":"CVE-2026-1281: Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-1281"],"exploited":true,"has_exploit":true,"published_at":"2026-01-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-1281","csirts_url":"https://www.csirts.com/advisory/cve-2026-1281-2725"},{"num":1355,"source_id":"cisa-kev","external_id":"CVE-2026-24858","title":"CVE-2026-24858: Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-24858"],"exploited":true,"has_exploit":false,"published_at":"2026-01-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-24858","csirts_url":"https://www.csirts.com/advisory/cve-2026-24858-1355"},{"num":1356,"source_id":"cisa-kev","external_id":"CVE-2018-14634","title":"CVE-2018-14634: Linux Kernel Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-14634"],"exploited":true,"has_exploit":true,"published_at":"2026-01-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14634","csirts_url":"https://www.csirts.com/advisory/cve-2018-14634-1356"},{"num":325,"source_id":"cisa-kev","external_id":"CVE-2026-24061","title":"CVE-2026-24061: GNU InetUtils Argument Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-24061"],"exploited":true,"has_exploit":true,"published_at":"2026-01-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-24061","csirts_url":"https://www.csirts.com/advisory/cve-2026-24061-325"},{"num":1358,"source_id":"cisa-kev","external_id":"CVE-2026-23760","title":"CVE-2026-23760: SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-23760"],"exploited":true,"has_exploit":true,"published_at":"2026-01-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-23760","csirts_url":"https://www.csirts.com/advisory/cve-2026-23760-1358"},{"num":1357,"source_id":"cisa-kev","external_id":"CVE-2025-52691","title":"CVE-2025-52691: SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-52691"],"exploited":true,"has_exploit":true,"published_at":"2026-01-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-52691","csirts_url":"https://www.csirts.com/advisory/cve-2025-52691-1357"},{"num":1360,"source_id":"cisa-kev","external_id":"CVE-2026-21509","title":"CVE-2026-21509: Microsoft Office Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-21509"],"exploited":true,"has_exploit":true,"published_at":"2026-01-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-21509","csirts_url":"https://www.csirts.com/advisory/cve-2026-21509-1360"},{"num":2739,"source_id":"cisa-kev","external_id":"CVE-2024-37079","title":"CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-37079"],"exploited":true,"has_exploit":false,"published_at":"2026-01-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-37079","csirts_url":"https://www.csirts.com/advisory/cve-2024-37079-2739"},{"num":1368,"source_id":"cisa-kev","external_id":"CVE-2025-31125","title":"CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-31125"],"exploited":true,"has_exploit":true,"published_at":"2026-01-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-31125","csirts_url":"https://www.csirts.com/advisory/cve-2025-31125-1368"},{"num":1386,"source_id":"cisa-kev","external_id":"CVE-2025-54313","title":"CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-54313"],"exploited":true,"has_exploit":true,"published_at":"2026-01-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-54313","csirts_url":"https://www.csirts.com/advisory/cve-2025-54313-1386"},{"num":2746,"source_id":"cisa-kev","external_id":"CVE-2025-34026","title":"CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-34026"],"exploited":true,"has_exploit":true,"published_at":"2026-01-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-34026","csirts_url":"https://www.csirts.com/advisory/cve-2025-34026-2746"},{"num":2740,"source_id":"cisa-kev","external_id":"CVE-2025-68645","title":"CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-68645"],"exploited":true,"has_exploit":true,"published_at":"2026-01-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-68645","csirts_url":"https://www.csirts.com/advisory/cve-2025-68645-2740"},{"num":86939,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-2-released/","title":"GitLab Patch Release: 18.8.2, 18.7.2, 18.6.4","severity":"critical","cvss":null,"cves":["CVE-2025-13927","CVE-2025-13928","CVE-2026-0723","CVE-2025-13335","CVE-2026-1102"],"exploited":false,"has_exploit":false,"published_at":"2026-01-21T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-8-2-18-7-2-18-6-4-86939"},{"num":1394,"source_id":"cisa-kev","external_id":"CVE-2026-20045","title":"CVE-2026-20045: Cisco Unified Communications Products Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20045"],"exploited":true,"has_exploit":false,"published_at":"2026-01-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20045","csirts_url":"https://www.csirts.com/advisory/cve-2026-20045-1394"},{"num":86940,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-1-released/","title":"GitLab Patch Release: 18.8.1","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2026-01-19T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-8-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-8-1-86940"},{"num":2748,"source_id":"cisa-kev","external_id":"CVE-2026-20805","title":"CVE-2026-20805: Microsoft Windows Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2026-20805"],"exploited":true,"has_exploit":false,"published_at":"2026-01-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-20805","csirts_url":"https://www.csirts.com/advisory/cve-2026-20805-2748"},{"num":1395,"source_id":"cisa-kev","external_id":"CVE-2025-8110","title":"CVE-2025-8110: Gogs Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-8110"],"exploited":true,"has_exploit":true,"published_at":"2026-01-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-8110","csirts_url":"https://www.csirts.com/advisory/cve-2025-8110-1395"},{"num":330,"source_id":"cisa-kev","external_id":"CVE-2025-37164","title":"CVE-2025-37164: Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-37164"],"exploited":true,"has_exploit":true,"published_at":"2026-01-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-37164","csirts_url":"https://www.csirts.com/advisory/cve-2025-37164-330"},{"num":86941,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-7-1-released/","title":"GitLab Patch Release: 18.7.1, 18.6.3, 18.5.5","severity":"critical","cvss":null,"cves":["CVE-2025-9222","CVE-2025-13761","CVE-2025-13772","CVE-2025-10569","CVE-2025-13781","CVE-2025-11246","CVE-2025-3950","CVE-2025-65018","CVE-2025-64720"],"exploited":false,"has_exploit":false,"published_at":"2026-01-07T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-7-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-7-1-18-6-3-18-5-5-86941"},{"num":2205,"source_id":"cisa-kev","external_id":"CVE-2009-0556","title":"CVE-2009-0556: Microsoft Office PowerPoint Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-0556"],"exploited":true,"has_exploit":false,"published_at":"2026-01-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-0556","csirts_url":"https://www.csirts.com/advisory/cve-2009-0556-2205"},{"num":331,"source_id":"cisa-kev","external_id":"CVE-2025-14847","title":"CVE-2025-14847: MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-14847"],"exploited":true,"has_exploit":true,"published_at":"2025-12-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-14847","csirts_url":"https://www.csirts.com/advisory/cve-2025-14847-331"},{"num":1405,"source_id":"cisa-kev","external_id":"CVE-2023-52163","title":"CVE-2023-52163: Digiever DS-2105 Pro Missing Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-52163"],"exploited":true,"has_exploit":true,"published_at":"2025-12-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-52163","csirts_url":"https://www.csirts.com/advisory/cve-2023-52163-1405"},{"num":1406,"source_id":"cisa-kev","external_id":"CVE-2025-14733","title":"CVE-2025-14733: WatchGuard Firebox Out of Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-14733"],"exploited":true,"has_exploit":true,"published_at":"2025-12-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-14733","csirts_url":"https://www.csirts.com/advisory/cve-2025-14733-1406"},{"num":1194,"source_id":"cert-eu","external_id":"security-advisories-10937","title":"2025-042: Critical Vulnerability in Cisco Secure Email and Web Manager","severity":"critical","cvss":null,"cves":["CVE-2025-20393"],"exploited":false,"has_exploit":true,"published_at":"2025-12-18T09:08:41+00:00","link":"https://cert.europa.eu/publications/security-advisories/2025-042/","csirts_url":"https://www.csirts.com/advisory/2025-042-critical-vulnerability-in-cisco-1194"},{"num":1415,"source_id":"cisa-kev","external_id":"CVE-2025-40602","title":"CVE-2025-40602: SonicWall SMA1000 Missing Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-40602"],"exploited":true,"has_exploit":true,"published_at":"2025-12-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-40602","csirts_url":"https://www.csirts.com/advisory/cve-2025-40602-1415"},{"num":1414,"source_id":"cisa-kev","external_id":"CVE-2025-59374","title":"CVE-2025-59374: ASUS Live Update Embedded Malicious Code Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-59374"],"exploited":true,"has_exploit":false,"published_at":"2025-12-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-59374","csirts_url":"https://www.csirts.com/advisory/cve-2025-59374-1414"},{"num":1416,"source_id":"cisa-kev","external_id":"CVE-2025-20393","title":"CVE-2025-20393: Cisco Multiple Products Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-20393"],"exploited":true,"has_exploit":true,"published_at":"2025-12-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-20393","csirts_url":"https://www.csirts.com/advisory/cve-2025-20393-1416"},{"num":1417,"source_id":"cisa-kev","external_id":"CVE-2025-59718","title":"CVE-2025-59718: Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-59718"],"exploited":true,"has_exploit":true,"published_at":"2025-12-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-59718","csirts_url":"https://www.csirts.com/advisory/cve-2025-59718-1417"},{"num":1424,"source_id":"cisa-kev","external_id":"CVE-2025-43529","title":"CVE-2025-43529: Apple Multiple Products Use-After-Free WebKit Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-43529"],"exploited":true,"has_exploit":true,"published_at":"2025-12-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-43529","csirts_url":"https://www.csirts.com/advisory/cve-2025-43529-1424"},{"num":1418,"source_id":"cisa-kev","external_id":"CVE-2025-14611","title":"CVE-2025-14611: Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-14611"],"exploited":true,"has_exploit":true,"published_at":"2025-12-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-14611","csirts_url":"https://www.csirts.com/advisory/cve-2025-14611-1418"},{"num":1447,"source_id":"cisa-kev","external_id":"CVE-2018-4063","title":"CVE-2018-4063: Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-4063"],"exploited":true,"has_exploit":false,"published_at":"2025-12-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-4063","csirts_url":"https://www.csirts.com/advisory/cve-2018-4063-1447"},{"num":1454,"source_id":"cisa-kev","external_id":"CVE-2025-14174","title":"CVE-2025-14174: Google Chromium Out of Bounds Memory Access Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-14174"],"exploited":true,"has_exploit":true,"published_at":"2025-12-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-14174","csirts_url":"https://www.csirts.com/advisory/cve-2025-14174-1454"},{"num":1462,"source_id":"cisa-kev","external_id":"CVE-2025-58360","title":"CVE-2025-58360: OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-58360"],"exploited":true,"has_exploit":true,"published_at":"2025-12-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-58360","csirts_url":"https://www.csirts.com/advisory/cve-2025-58360-1462"},{"num":87027,"source_id":"jenkins","external_id":"jenkins-advisory-2025-12-10","title":"Jenkins Security Advisory 2025-12-10","severity":"unknown","cvss":null,"cves":["CVE-2025-67635","CVE-2025-67636","CVE-2025-67637","CVE-2025-67638","CVE-2025-67639","CVE-2025-67640","CVE-2025-67641","CVE-2025-67642","CVE-2025-13472","CVE-2025-67643"],"exploited":false,"has_exploit":false,"published_at":"2025-12-10T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-12-10/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-12-10-87027"},{"num":86942,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-6-2-released/","title":"GitLab Patch Release: 18.6.2, 18.5.4, 18.4.6","severity":"critical","cvss":null,"cves":["CVE-2025-12716","CVE-2025-8405","CVE-2025-12029","CVE-2025-12562","CVE-2025-11984","CVE-2025-4097","CVE-2025-14157","CVE-2025-11247","CVE-2025-13978","CVE-2025-12734"],"exploited":false,"has_exploit":false,"published_at":"2025-12-10T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-6-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-6-2-18-5-4-18-4-6-86942"},{"num":1464,"source_id":"cisa-kev","external_id":"CVE-2025-62221","title":"CVE-2025-62221: Microsoft Windows Use After Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-62221"],"exploited":true,"has_exploit":true,"published_at":"2025-12-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-62221","csirts_url":"https://www.csirts.com/advisory/cve-2025-62221-1464"},{"num":1463,"source_id":"cisa-kev","external_id":"CVE-2025-6218","title":"CVE-2025-6218: RARLAB WinRAR Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-6218"],"exploited":true,"has_exploit":true,"published_at":"2025-12-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-6218","csirts_url":"https://www.csirts.com/advisory/cve-2025-6218-1463"},{"num":1473,"source_id":"cisa-kev","external_id":"CVE-2022-37055","title":"CVE-2022-37055: D-Link Routers Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-37055"],"exploited":true,"has_exploit":false,"published_at":"2025-12-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-37055","csirts_url":"https://www.csirts.com/advisory/cve-2022-37055-1473"},{"num":1474,"source_id":"cisa-kev","external_id":"CVE-2025-66644","title":"CVE-2025-66644: Array Networks ArrayOS AG OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-66644"],"exploited":true,"has_exploit":false,"published_at":"2025-12-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-66644","csirts_url":"https://www.csirts.com/advisory/cve-2025-66644-1474"},{"num":1479,"source_id":"cisa-kev","external_id":"CVE-2025-55182","title":"CVE-2025-55182: Meta React Server Components Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-55182"],"exploited":true,"has_exploit":true,"published_at":"2025-12-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-55182","csirts_url":"https://www.csirts.com/advisory/cve-2025-55182-1479"},{"num":576,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-014/","title":"[Update] Vulnerability in React Server Components (December 5, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-55182"],"exploited":true,"has_exploit":true,"published_at":"2025-12-05T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-014/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-react-server-576"},{"num":424,"source_id":"cert-eu","external_id":"security-advisories-10936","title":"2025-041: Critical Security Vulnerability in React Server Components","severity":"critical","cvss":null,"cves":["CVE-2025-55182"],"exploited":false,"has_exploit":true,"published_at":"2025-12-04T13:50:51+00:00","link":"https://cert.europa.eu/publications/security-advisories/2025-041/","csirts_url":"https://www.csirts.com/advisory/2025-041-critical-security-vulnerability-424"},{"num":335,"source_id":"cisa-kev","external_id":"CVE-2021-26828","title":"CVE-2021-26828: OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26828"],"exploited":true,"has_exploit":true,"published_at":"2025-12-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26828","csirts_url":"https://www.csirts.com/advisory/cve-2021-26828-335"},{"num":2032,"source_id":"cisa-kev","external_id":"CVE-2025-48633","title":"CVE-2025-48633: Android Framework Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48633"],"exploited":true,"has_exploit":false,"published_at":"2025-12-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48633","csirts_url":"https://www.csirts.com/advisory/cve-2025-48633-2032"},{"num":336,"source_id":"cisa-kev","external_id":"CVE-2025-48572","title":"CVE-2025-48572: Android Framework Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48572"],"exploited":true,"has_exploit":false,"published_at":"2025-12-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48572","csirts_url":"https://www.csirts.com/advisory/cve-2025-48572-336"},{"num":337,"source_id":"cisa-kev","external_id":"CVE-2021-26829","title":"CVE-2021-26829: OpenPLC ScadaBR Cross-site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26829"],"exploited":true,"has_exploit":false,"published_at":"2025-11-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26829","csirts_url":"https://www.csirts.com/advisory/cve-2021-26829-337"},{"num":86943,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-6-1-released/","title":"GitLab Patch Release: 18.6.1, 18.5.3, 18.4.5","severity":"critical","cvss":null,"cves":["CVE-2024-9183","CVE-2025-12571","CVE-2025-12653","CVE-2025-7449","CVE-2025-6195","CVE-2025-13611"],"exploited":false,"has_exploit":false,"published_at":"2025-11-26T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-6-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-6-1-18-5-3-18-4-5-86943"},{"num":1480,"source_id":"cisa-kev","external_id":"CVE-2025-61757","title":"CVE-2025-61757: Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-61757"],"exploited":true,"has_exploit":true,"published_at":"2025-11-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-61757","csirts_url":"https://www.csirts.com/advisory/cve-2025-61757-1480"},{"num":1481,"source_id":"cisa-kev","external_id":"CVE-2025-13223","title":"CVE-2025-13223: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-13223"],"exploited":true,"has_exploit":false,"published_at":"2025-11-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-13223","csirts_url":"https://www.csirts.com/advisory/cve-2025-13223-1481"},{"num":86855,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-25-545","title":"Trusted hosts bypass via SSH","severity":"unknown","cvss":null,"cves":["CVE-2025-54821"],"exploited":false,"has_exploit":false,"published_at":"2025-11-18T08:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-25-545","csirts_url":"https://www.csirts.com/advisory/trusted-hosts-bypass-via-ssh-86855"},{"num":2216,"source_id":"cisa-kev","external_id":"CVE-2025-58034","title":"CVE-2025-58034: Fortinet FortiWeb OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-58034"],"exploited":true,"has_exploit":true,"published_at":"2025-11-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-58034","csirts_url":"https://www.csirts.com/advisory/cve-2025-58034-2216"},{"num":1489,"source_id":"cisa-kev","external_id":"CVE-2025-64446","title":"CVE-2025-64446: Fortinet FortiWeb Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-64446"],"exploited":true,"has_exploit":true,"published_at":"2025-11-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-64446","csirts_url":"https://www.csirts.com/advisory/cve-2025-64446-1489"},{"num":87130,"source_id":"drupal","external_id":"3557473 at https://www.drupal.org","title":"Drupal core - Moderately critical - Information disclosure - SA-CORE-2025-008","severity":"critical","cvss":null,"cves":["CVE-2025-13083"],"exploited":false,"has_exploit":false,"published_at":"2025-11-12T20:16:22+00:00","link":"https://www.drupal.org/sa-core-2025-008","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-87130"},{"num":87131,"source_id":"drupal","external_id":"3527346 at https://www.drupal.org","title":"Drupal core - Moderately critical - Defacement - SA-CORE-2025-007","severity":"critical","cvss":null,"cves":["CVE-2025-13082"],"exploited":false,"has_exploit":false,"published_at":"2025-11-12T20:16:21+00:00","link":"https://www.drupal.org/sa-core-2025-007","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-87131"},{"num":87132,"source_id":"drupal","external_id":"3557475 at https://www.drupal.org","title":"Drupal core - Moderately critical - Gadget chain - SA-CORE-2025-006","severity":"critical","cvss":null,"cves":["CVE-2025-13081"],"exploited":false,"has_exploit":false,"published_at":"2025-11-12T18:34:02+00:00","link":"https://www.drupal.org/sa-core-2025-006","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-gadget-87132"},{"num":87133,"source_id":"drupal","external_id":"3557474 at https://www.drupal.org","title":"Drupal core - Moderately critical - Denial of Service - SA-CORE-2025-005","severity":"critical","cvss":null,"cves":["CVE-2025-13080"],"exploited":false,"has_exploit":false,"published_at":"2025-11-12T18:33:05+00:00","link":"https://www.drupal.org/sa-core-2025-005","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-denial-of-87133"},{"num":1496,"source_id":"cisa-kev","external_id":"CVE-2025-9242","title":"CVE-2025-9242: WatchGuard Firebox Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-9242"],"exploited":true,"has_exploit":true,"published_at":"2025-11-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-9242","csirts_url":"https://www.csirts.com/advisory/cve-2025-9242-1496"},{"num":2766,"source_id":"cisa-kev","external_id":"CVE-2025-62215","title":"CVE-2025-62215: Microsoft Windows Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-62215"],"exploited":true,"has_exploit":true,"published_at":"2025-11-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-62215","csirts_url":"https://www.csirts.com/advisory/cve-2025-62215-2766"},{"num":1490,"source_id":"cisa-kev","external_id":"CVE-2025-12480","title":"CVE-2025-12480: Gladinet Triofox Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-12480"],"exploited":true,"has_exploit":true,"published_at":"2025-11-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-12480","csirts_url":"https://www.csirts.com/advisory/cve-2025-12480-1490"},{"num":86944,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-5-2-released/","title":"GitLab Patch Release: 18.5.2, 18.4.4, 18.3.6","severity":"critical","cvss":null,"cves":["CVE-2025-11224","CVE-2025-11865","CVE-2025-2615","CVE-2025-7000","CVE-2025-6945","CVE-2025-6171","CVE-2025-11990","CVE-2025-7736","CVE-2025-12983","CVE-2024-55549","CVE-2025-24855"],"exploited":false,"has_exploit":false,"published_at":"2025-11-12T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-5-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-5-2-18-4-4-18-3-6-86944"},{"num":1497,"source_id":"cisa-kev","external_id":"CVE-2025-21042","title":"CVE-2025-21042: Samsung Mobile Devices Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21042"],"exploited":true,"has_exploit":true,"published_at":"2025-11-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21042","csirts_url":"https://www.csirts.com/advisory/cve-2025-21042-1497"},{"num":1503,"source_id":"cisa-kev","external_id":"CVE-2025-11371","title":"CVE-2025-11371: Gladinet CentreStack and Triofox Files or Directories Accessible to External Parties Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-11371"],"exploited":true,"has_exploit":true,"published_at":"2025-11-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-11371","csirts_url":"https://www.csirts.com/advisory/cve-2025-11371-1503"},{"num":1501,"source_id":"cisa-kev","external_id":"CVE-2025-48703","title":"CVE-2025-48703: CWP Control Web Panel OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48703"],"exploited":true,"has_exploit":true,"published_at":"2025-11-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48703","csirts_url":"https://www.csirts.com/advisory/cve-2025-48703-1501"},{"num":1504,"source_id":"cisa-kev","external_id":"CVE-2025-41244","title":"CVE-2025-41244: Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-41244"],"exploited":true,"has_exploit":true,"published_at":"2025-10-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-41244","csirts_url":"https://www.csirts.com/advisory/cve-2025-41244-1504"},{"num":2040,"source_id":"cisa-kev","external_id":"CVE-2025-24893","title":"CVE-2025-24893: XWiki Platform Eval Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24893"],"exploited":true,"has_exploit":true,"published_at":"2025-10-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24893","csirts_url":"https://www.csirts.com/advisory/cve-2025-24893-2040"},{"num":87028,"source_id":"jenkins","external_id":"jenkins-advisory-2025-10-29","title":"Jenkins Security Advisory 2025-10-29","severity":"unknown","cvss":null,"cves":["CVE-2025-64131","CVE-2025-64132","CVE-2025-64133","CVE-2025-64134","CVE-2025-64135","CVE-2016-5597","CVE-2025-64136","CVE-2025-64137","CVE-2025-64138","CVE-2025-64139","CVE-2025-64140","CVE-2025-64141","CVE-2025-64142","CVE-2025-64143","CVE-2025-64144","CVE-2025-64145","CVE-2025-64146","CVE-2025-64147","CVE-2025-64148","CVE-2025-64149","CVE-2025-64150"],"exploited":false,"has_exploit":false,"published_at":"2025-10-29T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-10-29/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-10-29-87028"},{"num":1505,"source_id":"cisa-kev","external_id":"CVE-2025-6204","title":"CVE-2025-6204: Dassault Systèmes DELMIA Apriso Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-6204"],"exploited":true,"has_exploit":true,"published_at":"2025-10-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-6204","csirts_url":"https://www.csirts.com/advisory/cve-2025-6204-1505"},{"num":1506,"source_id":"cisa-kev","external_id":"CVE-2025-6205","title":"CVE-2025-6205: Dassault Systèmes DELMIA Apriso Missing Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-6205"],"exploited":true,"has_exploit":true,"published_at":"2025-10-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-6205","csirts_url":"https://www.csirts.com/advisory/cve-2025-6205-1506"},{"num":1507,"source_id":"cisa-kev","external_id":"CVE-2025-54236","title":"CVE-2025-54236: Adobe Commerce and Magento Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-54236"],"exploited":true,"has_exploit":true,"published_at":"2025-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-54236","csirts_url":"https://www.csirts.com/advisory/cve-2025-54236-1507"},{"num":340,"source_id":"cisa-kev","external_id":"CVE-2025-59287","title":"CVE-2025-59287: Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-59287"],"exploited":true,"has_exploit":true,"published_at":"2025-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-59287","csirts_url":"https://www.csirts.com/advisory/cve-2025-59287-340"},{"num":86945,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-5-1-released/","title":"GitLab Patch Release: 18.5.1, 18.4.3, 18.3.5","severity":"critical","cvss":null,"cves":["CVE-2025-11702","CVE-2025-10497","CVE-2025-11447","CVE-2025-11974","CVE-2025-11971","CVE-2025-6601","CVE-2025-11989"],"exploited":false,"has_exploit":false,"published_at":"2025-10-22T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-5-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-5-1-18-4-3-18-3-5-86945"},{"num":341,"source_id":"cisa-kev","external_id":"CVE-2025-61932","title":"CVE-2025-61932: Motex LANSCOPE Endpoint Manager Improper Verification of Source of a Communication Channel Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-61932"],"exploited":true,"has_exploit":false,"published_at":"2025-10-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-61932","csirts_url":"https://www.csirts.com/advisory/cve-2025-61932-341"},{"num":2772,"source_id":"cisa-kev","external_id":"CVE-2025-61884","title":"CVE-2025-61884: Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-61884"],"exploited":true,"has_exploit":true,"published_at":"2025-10-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-61884","csirts_url":"https://www.csirts.com/advisory/cve-2025-61884-2772"},{"num":2771,"source_id":"cisa-kev","external_id":"CVE-2025-33073","title":"CVE-2025-33073: Microsoft Windows SMB Client Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-33073"],"exploited":true,"has_exploit":true,"published_at":"2025-10-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-33073","csirts_url":"https://www.csirts.com/advisory/cve-2025-33073-2771"},{"num":2769,"source_id":"cisa-kev","external_id":"CVE-2025-2747","title":"CVE-2025-2747: Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-2747"],"exploited":true,"has_exploit":true,"published_at":"2025-10-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-2747","csirts_url":"https://www.csirts.com/advisory/cve-2025-2747-2769"},{"num":1508,"source_id":"cisa-kev","external_id":"CVE-2022-48503","title":"CVE-2022-48503: Apple Multiple Products Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-48503"],"exploited":true,"has_exploit":false,"published_at":"2025-10-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-48503","csirts_url":"https://www.csirts.com/advisory/cve-2022-48503-1508"},{"num":1511,"source_id":"cisa-kev","external_id":"CVE-2025-2746","title":"CVE-2025-2746: Kentico Xperience CMS Authentication Bypass Using an Alternate Path or Channel Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-2746"],"exploited":true,"has_exploit":true,"published_at":"2025-10-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-2746","csirts_url":"https://www.csirts.com/advisory/cve-2025-2746-1511"},{"num":2773,"source_id":"cisa-kev","external_id":"CVE-2025-54253","title":"CVE-2025-54253: Adobe Experience Manager Forms Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-54253"],"exploited":true,"has_exploit":true,"published_at":"2025-10-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-54253","csirts_url":"https://www.csirts.com/advisory/cve-2025-54253-2773"},{"num":86853,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-24-452","title":"Insertion of Sensitive 2FA Information in logs and debug command","severity":"unknown","cvss":null,"cves":["CVE-2025-31514"],"exploited":false,"has_exploit":false,"published_at":"2025-10-14T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-24-452","csirts_url":"https://www.csirts.com/advisory/insertion-of-sensitive-2fa-information-in-86853"},{"num":1524,"source_id":"cisa-kev","external_id":"CVE-2016-7836","title":"CVE-2016-7836: SKYSEA Client View Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7836"],"exploited":true,"has_exploit":false,"published_at":"2025-10-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7836","csirts_url":"https://www.csirts.com/advisory/cve-2016-7836-1524"},{"num":1512,"source_id":"cisa-kev","external_id":"CVE-2025-47827","title":"CVE-2025-47827: IGEL OS Use of a Key Past its Expiration Date Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-47827"],"exploited":true,"has_exploit":true,"published_at":"2025-10-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-47827","csirts_url":"https://www.csirts.com/advisory/cve-2025-47827-1512"},{"num":1513,"source_id":"cisa-kev","external_id":"CVE-2025-24990","title":"CVE-2025-24990: Microsoft Windows Untrusted Pointer Dereference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24990"],"exploited":true,"has_exploit":false,"published_at":"2025-10-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24990","csirts_url":"https://www.csirts.com/advisory/cve-2025-24990-1513"},{"num":1523,"source_id":"cisa-kev","external_id":"CVE-2025-59230","title":"CVE-2025-59230: Microsoft Windows Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-59230"],"exploited":true,"has_exploit":false,"published_at":"2025-10-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-59230","csirts_url":"https://www.csirts.com/advisory/cve-2025-59230-1523"},{"num":1887,"source_id":"cisa-kev","external_id":"CVE-2021-43798","title":"CVE-2021-43798: Grafana Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-43798"],"exploited":true,"has_exploit":true,"published_at":"2025-10-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-43798","csirts_url":"https://www.csirts.com/advisory/cve-2021-43798-1887"},{"num":86946,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-4-2-released/","title":"GitLab Patch Release: 18.4.2, 18.3.4, 18.2.8","severity":"critical","cvss":null,"cves":["CVE-2025-11340","CVE-2025-10004","CVE-2025-9825","CVE-2025-2934"],"exploited":false,"has_exploit":false,"published_at":"2025-10-08T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-4-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-4-2-18-3-4-18-2-8-86946"},{"num":1529,"source_id":"cisa-kev","external_id":"CVE-2025-27915","title":"CVE-2025-27915: Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-27915"],"exploited":true,"has_exploit":true,"published_at":"2025-10-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-27915","csirts_url":"https://www.csirts.com/advisory/cve-2025-27915-1529"},{"num":980,"source_id":"cisa-kev","external_id":"CVE-2013-3918","title":"CVE-2013-3918: Microsoft Windows Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3918"],"exploited":true,"has_exploit":true,"published_at":"2025-10-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3918","csirts_url":"https://www.csirts.com/advisory/cve-2013-3918-980"},{"num":2774,"source_id":"cisa-kev","external_id":"CVE-2011-3402","title":"CVE-2011-3402: Microsoft Windows Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-3402"],"exploited":true,"has_exploit":true,"published_at":"2025-10-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-3402","csirts_url":"https://www.csirts.com/advisory/cve-2011-3402-2774"},{"num":1536,"source_id":"cisa-kev","external_id":"CVE-2010-3962","title":"CVE-2010-3962: Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-3962"],"exploited":true,"has_exploit":true,"published_at":"2025-10-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-3962","csirts_url":"https://www.csirts.com/advisory/cve-2010-3962-1536"},{"num":2776,"source_id":"cisa-kev","external_id":"CVE-2021-22555","title":"CVE-2021-22555: Linux Kernel Heap Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22555"],"exploited":true,"has_exploit":true,"published_at":"2025-10-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22555","csirts_url":"https://www.csirts.com/advisory/cve-2021-22555-2776"},{"num":2775,"source_id":"cisa-kev","external_id":"CVE-2010-3765","title":"CVE-2010-3765: Mozilla Multiple Products Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-3765"],"exploited":true,"has_exploit":true,"published_at":"2025-10-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-3765","csirts_url":"https://www.csirts.com/advisory/cve-2010-3765-2775"},{"num":1537,"source_id":"cisa-kev","external_id":"CVE-2021-43226","title":"CVE-2021-43226: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-43226"],"exploited":true,"has_exploit":true,"published_at":"2025-10-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-43226","csirts_url":"https://www.csirts.com/advisory/cve-2021-43226-1537"},{"num":1555,"source_id":"cisa-kev","external_id":"CVE-2025-61882","title":"CVE-2025-61882: Oracle E-Business Suite Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-61882"],"exploited":true,"has_exploit":true,"published_at":"2025-10-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-61882","csirts_url":"https://www.csirts.com/advisory/cve-2025-61882-1555"},{"num":1556,"source_id":"cisa-kev","external_id":"CVE-2015-7755","title":"CVE-2015-7755: Juniper ScreenOS Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-7755"],"exploited":true,"has_exploit":true,"published_at":"2025-10-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-7755","csirts_url":"https://www.csirts.com/advisory/cve-2015-7755-1556"},{"num":2462,"source_id":"cisa-kev","external_id":"CVE-2014-6278","title":"CVE-2014-6278: GNU Bash OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-6278"],"exploited":true,"has_exploit":true,"published_at":"2025-10-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-6278","csirts_url":"https://www.csirts.com/advisory/cve-2014-6278-2462"},{"num":2222,"source_id":"cisa-kev","external_id":"CVE-2025-21043","title":"CVE-2025-21043: Samsung Mobile Devices Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21043"],"exploited":true,"has_exploit":false,"published_at":"2025-10-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21043","csirts_url":"https://www.csirts.com/advisory/cve-2025-21043-2222"},{"num":253,"source_id":"cisa-kev","external_id":"CVE-2025-4008","title":"CVE-2025-4008: Smartbedded Meteobridge Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-4008"],"exploited":true,"has_exploit":true,"published_at":"2025-10-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-4008","csirts_url":"https://www.csirts.com/advisory/cve-2025-4008-253"},{"num":2777,"source_id":"cisa-kev","external_id":"CVE-2017-1000353","title":"CVE-2017-1000353: Jenkins Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-1000353"],"exploited":true,"has_exploit":true,"published_at":"2025-10-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000353","csirts_url":"https://www.csirts.com/advisory/cve-2017-1000353-2777"},{"num":1707,"source_id":"cisa-kev","external_id":"CVE-2025-10035","title":"CVE-2025-10035: Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-10035"],"exploited":true,"has_exploit":true,"published_at":"2025-09-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-10035","csirts_url":"https://www.csirts.com/advisory/cve-2025-10035-1707"},{"num":2779,"source_id":"cisa-kev","external_id":"CVE-2021-21311","title":"CVE-2021-21311: Adminer Server-Side Request Forgery Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21311"],"exploited":true,"has_exploit":true,"published_at":"2025-09-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21311","csirts_url":"https://www.csirts.com/advisory/cve-2021-21311-2779"},{"num":258,"source_id":"cisa-kev","external_id":"CVE-2025-59689","title":"CVE-2025-59689: Libraesva Email Security Gateway Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-59689"],"exploited":true,"has_exploit":false,"published_at":"2025-09-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-59689","csirts_url":"https://www.csirts.com/advisory/cve-2025-59689-258"},{"num":259,"source_id":"cisa-kev","external_id":"CVE-2025-20352","title":"CVE-2025-20352: Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-20352"],"exploited":true,"has_exploit":true,"published_at":"2025-09-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-20352","csirts_url":"https://www.csirts.com/advisory/cve-2025-20352-259"},{"num":257,"source_id":"cisa-kev","external_id":"CVE-2025-32463","title":"CVE-2025-32463: Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-32463"],"exploited":true,"has_exploit":true,"published_at":"2025-09-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-32463","csirts_url":"https://www.csirts.com/advisory/cve-2025-32463-257"},{"num":1557,"source_id":"cisa-kev","external_id":"CVE-2025-20362","title":"CVE-2025-20362: Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-20362"],"exploited":true,"has_exploit":true,"published_at":"2025-09-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-20362","csirts_url":"https://www.csirts.com/advisory/cve-2025-20362-1557"},{"num":1561,"source_id":"cisa-kev","external_id":"CVE-2025-20333","title":"CVE-2025-20333: Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-20333"],"exploited":true,"has_exploit":true,"published_at":"2025-09-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-20333","csirts_url":"https://www.csirts.com/advisory/cve-2025-20333-1561"},{"num":86947,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-4-1-released/","title":"GitLab Patch Release: 18.4.1, 18.3.3, 18.2.7","severity":"critical","cvss":null,"cves":["CVE-2025-9642","CVE-2025-10858","CVE-2025-8014","CVE-2025-9958","CVE-2025-7691","CVE-2025-11042","CVE-2025-10871","CVE-2025-10867","CVE-2025-5069","CVE-2025-10868","CVE-2025-8713","CVE-2025-8714","CVE-2025-8715"],"exploited":false,"has_exploit":false,"published_at":"2025-09-25T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-4-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-4-1-18-3-3-18-2-7-86947"},{"num":574,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-013/","title":"[Update] Multiple vulnerabilities in Cisco ASA and FTD (September 25, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-20333","CVE-2025-20362"],"exploited":false,"has_exploit":true,"published_at":"2025-09-25T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-013/","csirts_url":"https://www.csirts.com/advisory/update-multiple-vulnerabilities-in-cisco-574"},{"num":1569,"source_id":"cisa-kev","external_id":"CVE-2025-10585","title":"CVE-2025-10585: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-10585"],"exploited":true,"has_exploit":true,"published_at":"2025-09-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-10585","csirts_url":"https://www.csirts.com/advisory/cve-2025-10585-1569"},{"num":87029,"source_id":"jenkins","external_id":"jenkins-advisory-2025-09-17","title":"Jenkins Security Advisory 2025-09-17","severity":"unknown","cvss":null,"cves":["CVE-2025-5115","CVE-2025-59474","CVE-2025-59475","CVE-2025-59476"],"exploited":false,"has_exploit":false,"published_at":"2025-09-17T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-09-17/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-09-17-87029"},{"num":1570,"source_id":"cisa-kev","external_id":"CVE-2025-5086","title":"CVE-2025-5086: Dassault Systèmes DELMIA Apriso Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-5086"],"exploited":true,"has_exploit":true,"published_at":"2025-09-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-5086","csirts_url":"https://www.csirts.com/advisory/cve-2025-5086-1570"},{"num":86948,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-3-2-released/","title":"GitLab Patch Release: 18.3.2, 18.2.6, 18.1.6","severity":"critical","cvss":null,"cves":["CVE-2025-2256","CVE-2025-6454","CVE-2025-1250","CVE-2025-7337","CVE-2025-10094","CVE-2025-6769"],"exploited":false,"has_exploit":false,"published_at":"2025-09-10T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-3-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-3-2-18-2-6-18-1-6-86948"},{"num":1582,"source_id":"cisa-kev","external_id":"CVE-2025-48543","title":"CVE-2025-48543: Android Runtime Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48543"],"exploited":true,"has_exploit":true,"published_at":"2025-09-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48543","csirts_url":"https://www.csirts.com/advisory/cve-2025-48543-1582"},{"num":1583,"source_id":"cisa-kev","external_id":"CVE-2025-53690","title":"CVE-2025-53690: Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-53690"],"exploited":true,"has_exploit":true,"published_at":"2025-09-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-53690","csirts_url":"https://www.csirts.com/advisory/cve-2025-53690-1583"},{"num":1578,"source_id":"cisa-kev","external_id":"CVE-2025-38352","title":"CVE-2025-38352: Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-38352"],"exploited":true,"has_exploit":true,"published_at":"2025-09-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-38352","csirts_url":"https://www.csirts.com/advisory/cve-2025-38352-1578"},{"num":87030,"source_id":"jenkins","external_id":"jenkins-advisory-2025-09-03","title":"Jenkins Security Advisory 2025-09-03","severity":"unknown","cvss":null,"cves":["CVE-2025-58458","CVE-2025-7962","CVE-2025-58459","CVE-2025-58460"],"exploited":false,"has_exploit":false,"published_at":"2025-09-03T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-09-03/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-09-03-87030"},{"num":1599,"source_id":"cisa-kev","external_id":"CVE-2023-50224","title":"CVE-2023-50224: TP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-50224"],"exploited":true,"has_exploit":false,"published_at":"2025-09-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-50224","csirts_url":"https://www.csirts.com/advisory/cve-2023-50224-1599"},{"num":1600,"source_id":"cisa-kev","external_id":"CVE-2025-9377","title":"CVE-2025-9377: TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-9377"],"exploited":true,"has_exploit":false,"published_at":"2025-09-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-9377","csirts_url":"https://www.csirts.com/advisory/cve-2025-9377-1600"},{"num":1609,"source_id":"cisa-kev","external_id":"CVE-2025-55177","title":"CVE-2025-55177: Meta Platforms WhatsApp Incorrect Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-55177"],"exploited":true,"has_exploit":true,"published_at":"2025-09-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-55177","csirts_url":"https://www.csirts.com/advisory/cve-2025-55177-1609"},{"num":1608,"source_id":"cisa-kev","external_id":"CVE-2020-24363","title":"CVE-2020-24363: TP-link TL-WA855RE Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-24363"],"exploited":true,"has_exploit":true,"published_at":"2025-09-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-24363","csirts_url":"https://www.csirts.com/advisory/cve-2020-24363-1608"},{"num":1610,"source_id":"cisa-kev","external_id":"CVE-2025-57819","title":"CVE-2025-57819: Sangoma FreePBX Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-57819"],"exploited":true,"has_exploit":true,"published_at":"2025-08-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-57819","csirts_url":"https://www.csirts.com/advisory/cve-2025-57819-1610"},{"num":86949,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-3-1-released/","title":"GitLab Patch Release: 18.3.1, 18.2.5, 18.1.5","severity":"critical","cvss":null,"cves":["CVE-2025-3601","CVE-2025-2246","CVE-2025-4225","CVE-2025-5101"],"exploited":false,"has_exploit":false,"published_at":"2025-08-27T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-3-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-3-1-18-2-5-18-1-5-86949"},{"num":1975,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-012/","title":"Vulnerability in Citrix NetScaler ADC and NetScaler Gateway (August 26, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-7775"],"exploited":true,"has_exploit":true,"published_at":"2025-08-26T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-012/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-citrix-netscaler-adc-and-1975"},{"num":353,"source_id":"cisa-kev","external_id":"CVE-2025-7775","title":"CVE-2025-7775: Citrix NetScaler Memory Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-7775"],"exploited":true,"has_exploit":true,"published_at":"2025-08-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-7775","csirts_url":"https://www.csirts.com/advisory/cve-2025-7775-353"},{"num":1612,"source_id":"cisa-kev","external_id":"CVE-2024-8068","title":"CVE-2024-8068: Citrix Session Recording Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-8068"],"exploited":true,"has_exploit":false,"published_at":"2025-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-8068","csirts_url":"https://www.csirts.com/advisory/cve-2024-8068-1612"},{"num":1611,"source_id":"cisa-kev","external_id":"CVE-2025-48384","title":"CVE-2025-48384: Git Link Following Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48384"],"exploited":true,"has_exploit":true,"published_at":"2025-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48384","csirts_url":"https://www.csirts.com/advisory/cve-2025-48384-1611"},{"num":1637,"source_id":"cisa-kev","external_id":"CVE-2024-8069","title":"CVE-2024-8069: Citrix Session Recording Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-8069"],"exploited":true,"has_exploit":true,"published_at":"2025-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-8069","csirts_url":"https://www.csirts.com/advisory/cve-2024-8069-1637"},{"num":1638,"source_id":"cisa-kev","external_id":"CVE-2025-43300","title":"CVE-2025-43300: Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-43300"],"exploited":true,"has_exploit":true,"published_at":"2025-08-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-43300","csirts_url":"https://www.csirts.com/advisory/cve-2025-43300-1638"},{"num":86950,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-2-4-released/","title":"GitLab Patch Release: 18.2.4","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2025-08-18T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-2-4-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-2-4-86950"},{"num":1639,"source_id":"cisa-kev","external_id":"CVE-2025-54948","title":"CVE-2025-54948: Trend Micro Apex One OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-54948"],"exploited":true,"has_exploit":false,"published_at":"2025-08-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-54948","csirts_url":"https://www.csirts.com/advisory/cve-2025-54948-1639"},{"num":86951,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-11-7-released/","title":"GitLab Patch Release: 17.11.7","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2025-08-15T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-11-7-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-11-7-86951"},{"num":86952,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-2-2-released/","title":"GitLab Patch Release: 18.2.2, 18.1.4, 18.0.6","severity":"critical","cvss":null,"cves":["CVE-2025-7734","CVE-2025-7739","CVE-2025-6186","CVE-2025-8094","CVE-2024-12303","CVE-2025-2614","CVE-2024-10219","CVE-2025-8770","CVE-2025-2937","CVE-2025-1477","CVE-2025-5819","CVE-2025-2498"],"exploited":false,"has_exploit":false,"published_at":"2025-08-13T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-2-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-2-2-18-1-4-18-0-6-86952"},{"num":1641,"source_id":"cisa-kev","external_id":"CVE-2025-8875","title":"CVE-2025-8875: N-able N-Central Insecure Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-8875"],"exploited":true,"has_exploit":true,"published_at":"2025-08-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-8875","csirts_url":"https://www.csirts.com/advisory/cve-2025-8875-1641"},{"num":1640,"source_id":"cisa-kev","external_id":"CVE-2025-8876","title":"CVE-2025-8876: N-able N-Central Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-8876"],"exploited":true,"has_exploit":true,"published_at":"2025-08-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-8876","csirts_url":"https://www.csirts.com/advisory/cve-2025-8876-1640"},{"num":1654,"source_id":"cisa-kev","external_id":"CVE-2013-3893","title":"CVE-2013-3893: Microsoft Internet Explorer Resource Management Errors Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3893"],"exploited":true,"has_exploit":true,"published_at":"2025-08-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3893","csirts_url":"https://www.csirts.com/advisory/cve-2013-3893-1654"},{"num":1642,"source_id":"cisa-kev","external_id":"CVE-2025-8088","title":"CVE-2025-8088: RARLAB WinRAR Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-8088"],"exploited":true,"has_exploit":true,"published_at":"2025-08-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-8088","csirts_url":"https://www.csirts.com/advisory/cve-2025-8088-1642"},{"num":1651,"source_id":"cisa-kev","external_id":"CVE-2007-0671","title":"CVE-2007-0671: Microsoft Office Excel Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2007-0671"],"exploited":true,"has_exploit":false,"published_at":"2025-08-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2007-0671","csirts_url":"https://www.csirts.com/advisory/cve-2007-0671-1651"},{"num":1657,"source_id":"cisa-kev","external_id":"CVE-2022-40799","title":"CVE-2022-40799: D-Link DNR-322L Download of Code Without Integrity Check Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-40799"],"exploited":true,"has_exploit":false,"published_at":"2025-08-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-40799","csirts_url":"https://www.csirts.com/advisory/cve-2022-40799-1657"},{"num":1656,"source_id":"cisa-kev","external_id":"CVE-2020-25079","title":"CVE-2020-25079: D-Link DCS-2530L and DCS-2670L Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-25079"],"exploited":true,"has_exploit":false,"published_at":"2025-08-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-25079","csirts_url":"https://www.csirts.com/advisory/cve-2020-25079-1656"},{"num":1973,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-011/","title":"Security incidents in SonicWall firewalls (August 5, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2024-40766"],"exploited":true,"has_exploit":false,"published_at":"2025-08-05T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-011/","csirts_url":"https://www.csirts.com/advisory/security-incidents-in-sonicwall-firewalls-1973"},{"num":1655,"source_id":"cisa-kev","external_id":"CVE-2020-25078","title":"CVE-2020-25078: D-Link DCS-2530L and DCS-2670L Devices Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-25078"],"exploited":true,"has_exploit":true,"published_at":"2025-08-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-25078","csirts_url":"https://www.csirts.com/advisory/cve-2020-25078-1655"},{"num":1685,"source_id":"cisa-kev","external_id":"CVE-2025-20281","title":"CVE-2025-20281: Cisco Identity Services Engine Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-20281"],"exploited":true,"has_exploit":true,"published_at":"2025-07-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-20281","csirts_url":"https://www.csirts.com/advisory/cve-2025-20281-1685"},{"num":1678,"source_id":"cisa-kev","external_id":"CVE-2025-20337","title":"CVE-2025-20337: Cisco Identity Services Engine Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-20337"],"exploited":true,"has_exploit":false,"published_at":"2025-07-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-20337","csirts_url":"https://www.csirts.com/advisory/cve-2025-20337-1678"},{"num":1665,"source_id":"cisa-kev","external_id":"CVE-2023-2533","title":"CVE-2023-2533: PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-2533"],"exploited":true,"has_exploit":false,"published_at":"2025-07-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-2533","csirts_url":"https://www.csirts.com/advisory/cve-2023-2533-1665"},{"num":86953,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-2-1-released/","title":"GitLab Patch Release: 18.2.1, 18.1.3, 18.0.5","severity":"critical","cvss":null,"cves":["CVE-2025-4700","CVE-2025-4439","CVE-2025-7001","CVE-2025-4976","CVE-2025-0765","CVE-2025-1299"],"exploited":false,"has_exploit":false,"published_at":"2025-07-23T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-2-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-2-1-18-1-3-18-0-5-86953"},{"num":1692,"source_id":"cisa-kev","external_id":"CVE-2025-49704","title":"CVE-2025-49704: Microsoft SharePoint Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-49704"],"exploited":true,"has_exploit":true,"published_at":"2025-07-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-49704","csirts_url":"https://www.csirts.com/advisory/cve-2025-49704-1692"},{"num":2241,"source_id":"cisa-kev","external_id":"CVE-2025-2775","title":"CVE-2025-2775: SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-2775"],"exploited":true,"has_exploit":true,"published_at":"2025-07-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-2775","csirts_url":"https://www.csirts.com/advisory/cve-2025-2775-2241"},{"num":1691,"source_id":"cisa-kev","external_id":"CVE-2025-2776","title":"CVE-2025-2776: SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-2776"],"exploited":true,"has_exploit":true,"published_at":"2025-07-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-2776","csirts_url":"https://www.csirts.com/advisory/cve-2025-2776-1691"},{"num":2814,"source_id":"cisa-kev","external_id":"CVE-2025-54309","title":"CVE-2025-54309: CrushFTP Unprotected Alternate Channel Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-54309"],"exploited":true,"has_exploit":true,"published_at":"2025-07-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-54309","csirts_url":"https://www.csirts.com/advisory/cve-2025-54309-2814"},{"num":2813,"source_id":"cisa-kev","external_id":"CVE-2025-6558","title":"CVE-2025-6558: Google Chromium ANGLE and GPU Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-6558"],"exploited":true,"has_exploit":true,"published_at":"2025-07-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-6558","csirts_url":"https://www.csirts.com/advisory/cve-2025-6558-2813"},{"num":1693,"source_id":"cisa-kev","external_id":"CVE-2025-49706","title":"CVE-2025-49706: Microsoft SharePoint Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-49706"],"exploited":true,"has_exploit":true,"published_at":"2025-07-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-49706","csirts_url":"https://www.csirts.com/advisory/cve-2025-49706-1693"},{"num":1005,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-010/","title":"[Update] Multiple vulnerabilities in Microsoft SharePoint (July 21, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-53770","CVE-2025-53771"],"exploited":false,"has_exploit":true,"published_at":"2025-07-21T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-010/","csirts_url":"https://www.csirts.com/advisory/update-multiple-vulnerabilities-in-1005"},{"num":1694,"source_id":"cisa-kev","external_id":"CVE-2025-53770","title":"CVE-2025-53770: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-53770"],"exploited":true,"has_exploit":true,"published_at":"2025-07-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-53770","csirts_url":"https://www.csirts.com/advisory/cve-2025-53770-1694"},{"num":1702,"source_id":"cisa-kev","external_id":"CVE-2025-25257","title":"CVE-2025-25257: Fortinet FortiWeb SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-25257"],"exploited":true,"has_exploit":true,"published_at":"2025-07-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-25257","csirts_url":"https://www.csirts.com/advisory/cve-2025-25257-1702"},{"num":1732,"source_id":"cisa-kev","external_id":"CVE-2025-47812","title":"CVE-2025-47812: Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-47812"],"exploited":true,"has_exploit":true,"published_at":"2025-07-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-47812","csirts_url":"https://www.csirts.com/advisory/cve-2025-47812-1732"},{"num":1734,"source_id":"cisa-kev","external_id":"CVE-2025-5777","title":"CVE-2025-5777: Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-5777"],"exploited":true,"has_exploit":true,"published_at":"2025-07-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-5777","csirts_url":"https://www.csirts.com/advisory/cve-2025-5777-1734"},{"num":87031,"source_id":"jenkins","external_id":"jenkins-advisory-2025-07-09","title":"Jenkins Security Advisory 2025-07-09","severity":"unknown","cvss":null,"cves":["CVE-2025-53650","CVE-2025-53651","CVE-2025-53652","CVE-2025-53653","CVE-2025-53654","CVE-2025-53655","CVE-2025-53656","CVE-2025-53657","CVE-2025-53658","CVE-2025-53742","CVE-2025-53743","CVE-2025-53659","CVE-2025-53660","CVE-2025-53661","CVE-2025-53662","CVE-2025-53663","CVE-2025-53664","CVE-2025-53665","CVE-2025-53666","CVE-2025-53667","CVE-2025-53668","CVE-2025-53669","CVE-2025-53670","CVE-2025-53671","CVE-2025-53672","CVE-2025-53673","CVE-2025-53674","CVE-2025-53675","CVE-2025-53676","CVE-2025-53677","CVE-2025-53678"],"exploited":false,"has_exploit":false,"published_at":"2025-07-09T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-07-09/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-07-09-87031"},{"num":86954,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-1-2-released/","title":"GitLab Patch Release: 18.1.2, 18.0.4, 17.11.6","severity":"critical","cvss":null,"cves":["CVE-2025-6948","CVE-2025-3396","CVE-2025-4972","CVE-2025-6168","CVE-2024-12084","CVE-2024-12088"],"exploited":false,"has_exploit":false,"published_at":"2025-07-09T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-1-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-1-2-18-0-4-17-11-6-86954"},{"num":1735,"source_id":"cisa-kev","external_id":"CVE-2019-9621","title":"CVE-2019-9621: Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-9621"],"exploited":true,"has_exploit":true,"published_at":"2025-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9621","csirts_url":"https://www.csirts.com/advisory/cve-2019-9621-1735"},{"num":1782,"source_id":"cisa-kev","external_id":"CVE-2016-10033","title":"CVE-2016-10033: PHPMailer Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-10033"],"exploited":true,"has_exploit":true,"published_at":"2025-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-10033","csirts_url":"https://www.csirts.com/advisory/cve-2016-10033-1782"},{"num":1787,"source_id":"cisa-kev","external_id":"CVE-2014-3931","title":"CVE-2014-3931: Multi-Router Looking Glass (MRLG) Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-3931"],"exploited":true,"has_exploit":false,"published_at":"2025-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-3931","csirts_url":"https://www.csirts.com/advisory/cve-2014-3931-1787"},{"num":1772,"source_id":"cisa-kev","external_id":"CVE-2019-5418","title":"CVE-2019-5418: Rails Ruby on Rails Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-5418"],"exploited":true,"has_exploit":true,"published_at":"2025-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-5418","csirts_url":"https://www.csirts.com/advisory/cve-2019-5418-1772"},{"num":357,"source_id":"cisa-kev","external_id":"CVE-2025-6554","title":"CVE-2025-6554: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-6554"],"exploited":true,"has_exploit":true,"published_at":"2025-07-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-6554","csirts_url":"https://www.csirts.com/advisory/cve-2025-6554-357"},{"num":1788,"source_id":"cisa-kev","external_id":"CVE-2025-48927","title":"CVE-2025-48927: TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48927"],"exploited":true,"has_exploit":false,"published_at":"2025-07-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48927","csirts_url":"https://www.csirts.com/advisory/cve-2025-48927-1788"},{"num":2831,"source_id":"cisa-kev","external_id":"CVE-2025-48928","title":"CVE-2025-48928: TeleMessage TM SGNL Exposure of Core Dump File to an Unauthorized Control Sphere Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-48928"],"exploited":true,"has_exploit":false,"published_at":"2025-07-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-48928","csirts_url":"https://www.csirts.com/advisory/cve-2025-48928-2831"},{"num":1000,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-009/","title":"Multiple vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway (July 1, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-6543","CVE-2025-5777"],"exploited":false,"has_exploit":true,"published_at":"2025-07-01T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-009/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-citrix-1000"},{"num":1792,"source_id":"cisa-kev","external_id":"CVE-2025-6543","title":"CVE-2025-6543: Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-6543"],"exploited":true,"has_exploit":true,"published_at":"2025-06-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-6543","csirts_url":"https://www.csirts.com/advisory/cve-2025-6543-1792"},{"num":1801,"source_id":"cisa-kev","external_id":"CVE-2019-6693","title":"CVE-2019-6693: Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-6693"],"exploited":true,"has_exploit":true,"published_at":"2025-06-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-6693","csirts_url":"https://www.csirts.com/advisory/cve-2019-6693-1801"},{"num":1809,"source_id":"cisa-kev","external_id":"CVE-2024-0769","title":"CVE-2024-0769: D-Link DIR-859 Router Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-0769"],"exploited":true,"has_exploit":false,"published_at":"2025-06-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-0769","csirts_url":"https://www.csirts.com/advisory/cve-2024-0769-1809"},{"num":2254,"source_id":"cisa-kev","external_id":"CVE-2024-54085","title":"CVE-2024-54085: AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-54085"],"exploited":true,"has_exploit":true,"published_at":"2025-06-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-54085","csirts_url":"https://www.csirts.com/advisory/cve-2024-54085-2254"},{"num":86955,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-1-1-released/","title":"GitLab Patch Release: 18.1.1, 18.0.3, 17.11.5","severity":"critical","cvss":null,"cves":["CVE-2025-3279","CVE-2025-1754","CVE-2025-5315","CVE-2025-2938","CVE-2025-5846"],"exploited":false,"has_exploit":false,"published_at":"2025-06-25T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-1-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-1-1-18-0-3-17-11-5-86955"},{"num":1819,"source_id":"cisa-kev","external_id":"CVE-2023-0386","title":"CVE-2023-0386: Linux Kernel Improper Ownership Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-0386"],"exploited":true,"has_exploit":true,"published_at":"2025-06-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-0386","csirts_url":"https://www.csirts.com/advisory/cve-2023-0386-1819"},{"num":2255,"source_id":"cisa-kev","external_id":"CVE-2023-33538","title":"CVE-2023-33538: TP-Link Multiple Routers Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-33538"],"exploited":true,"has_exploit":true,"published_at":"2025-06-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-33538","csirts_url":"https://www.csirts.com/advisory/cve-2023-33538-2255"},{"num":1820,"source_id":"cisa-kev","external_id":"CVE-2025-43200","title":"CVE-2025-43200: Apple Multiple Products Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-43200"],"exploited":true,"has_exploit":false,"published_at":"2025-06-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-43200","csirts_url":"https://www.csirts.com/advisory/cve-2025-43200-1820"},{"num":86956,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-0-2-released/","title":"GitLab Patch Release: 18.0.2, 17.11.4, 17.10.8","severity":"critical","cvss":null,"cves":["CVE-2025-4278","CVE-2025-2254","CVE-2025-5121","CVE-2025-0673","CVE-2025-1516","CVE-2025-1478","CVE-2024-9512","CVE-2025-5996","CVE-2025-5195","CVE-2025-5982"],"exploited":false,"has_exploit":false,"published_at":"2025-06-11T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-0-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-0-2-17-11-4-17-10-86956"},{"num":86849,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-24-257","title":"Information Disclosure on SSLVPN endpoint","severity":"unknown","cvss":null,"cves":["CVE-2025-25250"],"exploited":false,"has_exploit":false,"published_at":"2025-06-10T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-24-257","csirts_url":"https://www.csirts.com/advisory/information-disclosure-on-sslvpn-endpoint-86849"},{"num":1196,"source_id":"cisa-kev","external_id":"CVE-2025-33053","title":"CVE-2025-33053: Microsoft Windows External Control of File Name or Path Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-33053"],"exploited":true,"has_exploit":true,"published_at":"2025-06-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-33053","csirts_url":"https://www.csirts.com/advisory/cve-2025-33053-1196"},{"num":1823,"source_id":"cisa-kev","external_id":"CVE-2025-24016","title":"CVE-2025-24016: Wazuh Server Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24016"],"exploited":true,"has_exploit":true,"published_at":"2025-06-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24016","csirts_url":"https://www.csirts.com/advisory/cve-2025-24016-1823"},{"num":2833,"source_id":"cisa-kev","external_id":"CVE-2024-42009","title":"CVE-2024-42009: RoundCube Webmail Cross-Site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-42009"],"exploited":true,"has_exploit":true,"published_at":"2025-06-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-42009","csirts_url":"https://www.csirts.com/advisory/cve-2024-42009-2833"},{"num":2834,"source_id":"cisa-kev","external_id":"CVE-2025-32433","title":"CVE-2025-32433: Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-32433"],"exploited":true,"has_exploit":true,"published_at":"2025-06-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-32433","csirts_url":"https://www.csirts.com/advisory/cve-2025-32433-2834"},{"num":87032,"source_id":"jenkins","external_id":"jenkins-advisory-2025-06-06","title":"Jenkins Security Advisory 2025-06-06","severity":"unknown","cvss":null,"cves":["CVE-2025-5806"],"exploited":false,"has_exploit":false,"published_at":"2025-06-06T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-06-06/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-06-06-87032"},{"num":572,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-008/","title":"[Update] Vulnerability in Roundcube (June 5, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-49113"],"exploited":false,"has_exploit":true,"published_at":"2025-06-05T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-008/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-roundcube-june-5-572"},{"num":1869,"source_id":"cisa-kev","external_id":"CVE-2025-5419","title":"CVE-2025-5419: Google Chromium V8 Out-of-Bounds Read and Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-5419"],"exploited":true,"has_exploit":true,"published_at":"2025-06-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-5419","csirts_url":"https://www.csirts.com/advisory/cve-2025-5419-1869"},{"num":358,"source_id":"cisa-kev","external_id":"CVE-2025-21479","title":"CVE-2025-21479: Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21479"],"exploited":true,"has_exploit":true,"published_at":"2025-06-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21479","csirts_url":"https://www.csirts.com/advisory/cve-2025-21479-358"},{"num":1870,"source_id":"cisa-kev","external_id":"CVE-2025-21480","title":"CVE-2025-21480: Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21480"],"exploited":true,"has_exploit":false,"published_at":"2025-06-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21480","csirts_url":"https://www.csirts.com/advisory/cve-2025-21480-1870"},{"num":1888,"source_id":"cisa-kev","external_id":"CVE-2025-27038","title":"CVE-2025-27038: Qualcomm Multiple Chipsets Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-27038"],"exploited":true,"has_exploit":false,"published_at":"2025-06-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-27038","csirts_url":"https://www.csirts.com/advisory/cve-2025-27038-1888"},{"num":1890,"source_id":"cisa-kev","external_id":"CVE-2025-35939","title":"CVE-2025-35939: Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-35939"],"exploited":true,"has_exploit":false,"published_at":"2025-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-35939","csirts_url":"https://www.csirts.com/advisory/cve-2025-35939-1890"},{"num":2202,"source_id":"cisa-kev","external_id":"CVE-2025-3935","title":"CVE-2025-3935: ConnectWise ScreenConnect Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-3935"],"exploited":true,"has_exploit":false,"published_at":"2025-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-3935","csirts_url":"https://www.csirts.com/advisory/cve-2025-3935-2202"},{"num":1889,"source_id":"cisa-kev","external_id":"CVE-2021-32030","title":"CVE-2021-32030: ASUS Routers Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-32030"],"exploited":true,"has_exploit":true,"published_at":"2025-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-32030","csirts_url":"https://www.csirts.com/advisory/cve-2021-32030-1889"},{"num":1910,"source_id":"cisa-kev","external_id":"CVE-2023-39780","title":"CVE-2023-39780: ASUS RT-AX55 Routers OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-39780"],"exploited":true,"has_exploit":false,"published_at":"2025-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-39780","csirts_url":"https://www.csirts.com/advisory/cve-2023-39780-1910"},{"num":1909,"source_id":"cisa-kev","external_id":"CVE-2024-56145","title":"CVE-2024-56145: Craft CMS Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-56145"],"exploited":true,"has_exploit":true,"published_at":"2025-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-56145","csirts_url":"https://www.csirts.com/advisory/cve-2024-56145-1909"},{"num":1911,"source_id":"cisa-kev","external_id":"CVE-2025-4632","title":"CVE-2025-4632: Samsung MagicINFO 9 Server Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-4632"],"exploited":true,"has_exploit":true,"published_at":"2025-05-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-4632","csirts_url":"https://www.csirts.com/advisory/cve-2025-4632-1911"},{"num":86957,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-0-1-released/","title":"GitLab Patch Release: 18.0.1, 17.11.3, 17.10.7","severity":"critical","cvss":null,"cves":["CVE-2025-0993","CVE-2024-12093","CVE-2024-7803","CVE-2025-3111","CVE-2025-2853","CVE-2025-4979","CVE-2025-0605","CVE-2025-0679","CVE-2024-9163","CVE-2025-1110"],"exploited":false,"has_exploit":false,"published_at":"2025-05-21T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-18-0-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-18-0-1-17-11-3-17-10-86957"},{"num":2851,"source_id":"cisa-kev","external_id":"CVE-2025-4427","title":"CVE-2025-4427: Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-4427"],"exploited":true,"has_exploit":true,"published_at":"2025-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-4427","csirts_url":"https://www.csirts.com/advisory/cve-2025-4427-2851"},{"num":2850,"source_id":"cisa-kev","external_id":"CVE-2025-4428","title":"CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-4428"],"exploited":true,"has_exploit":true,"published_at":"2025-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-4428","csirts_url":"https://www.csirts.com/advisory/cve-2025-4428-2850"},{"num":2848,"source_id":"cisa-kev","external_id":"CVE-2025-27920","title":"CVE-2025-27920: Srimax Output Messenger Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-27920"],"exploited":true,"has_exploit":false,"published_at":"2025-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-27920","csirts_url":"https://www.csirts.com/advisory/cve-2025-27920-2848"},{"num":2849,"source_id":"cisa-kev","external_id":"CVE-2024-11182","title":"CVE-2024-11182: MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-11182"],"exploited":true,"has_exploit":false,"published_at":"2025-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-11182","csirts_url":"https://www.csirts.com/advisory/cve-2024-11182-2849"},{"num":2844,"source_id":"cisa-kev","external_id":"CVE-2024-27443","title":"CVE-2024-27443: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-27443"],"exploited":true,"has_exploit":true,"published_at":"2025-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-27443","csirts_url":"https://www.csirts.com/advisory/cve-2024-27443-2844"},{"num":1912,"source_id":"cisa-kev","external_id":"CVE-2023-38950","title":"CVE-2023-38950: ZKTeco BioTime Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-38950"],"exploited":true,"has_exploit":true,"published_at":"2025-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-38950","csirts_url":"https://www.csirts.com/advisory/cve-2023-38950-1912"},{"num":1917,"source_id":"cisa-kev","external_id":"CVE-2025-42999","title":"CVE-2025-42999: SAP NetWeaver Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-42999"],"exploited":true,"has_exploit":false,"published_at":"2025-05-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-42999","csirts_url":"https://www.csirts.com/advisory/cve-2025-42999-1917"},{"num":1918,"source_id":"cisa-kev","external_id":"CVE-2024-12987","title":"CVE-2024-12987: DrayTek Vigor Routers OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-12987"],"exploited":true,"has_exploit":true,"published_at":"2025-05-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-12987","csirts_url":"https://www.csirts.com/advisory/cve-2024-12987-1918"},{"num":87033,"source_id":"jenkins","external_id":"jenkins-advisory-2025-05-14","title":"Jenkins Security Advisory 2025-05-14","severity":"unknown","cvss":null,"cves":["CVE-2025-47884","CVE-2025-47885","CVE-2025-47886","CVE-2025-47887","CVE-2025-47888","CVE-2025-47889"],"exploited":false,"has_exploit":false,"published_at":"2025-05-14T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-05-14/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-05-14-87033"},{"num":1920,"source_id":"cisa-kev","external_id":"CVE-2025-32756","title":"CVE-2025-32756: Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-32756"],"exploited":true,"has_exploit":true,"published_at":"2025-05-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-32756","csirts_url":"https://www.csirts.com/advisory/cve-2025-32756-1920"},{"num":562,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-007/","title":"Multiple vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) (May 14, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-4427","CVE-2025-4428"],"exploited":true,"has_exploit":true,"published_at":"2025-05-14T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-007/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-ivanti-562"},{"num":359,"source_id":"cisa-kev","external_id":"CVE-2025-30397","title":"CVE-2025-30397: Microsoft Windows Scripting Engine Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-30397"],"exploited":true,"has_exploit":true,"published_at":"2025-05-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-30397","csirts_url":"https://www.csirts.com/advisory/cve-2025-30397-359"},{"num":1931,"source_id":"cisa-kev","external_id":"CVE-2025-32709","title":"CVE-2025-32709: Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-32709"],"exploited":true,"has_exploit":true,"published_at":"2025-05-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-32709","csirts_url":"https://www.csirts.com/advisory/cve-2025-32709-1931"},{"num":1932,"source_id":"cisa-kev","external_id":"CVE-2025-32701","title":"CVE-2025-32701: Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-32701"],"exploited":true,"has_exploit":false,"published_at":"2025-05-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-32701","csirts_url":"https://www.csirts.com/advisory/cve-2025-32701-1932"},{"num":360,"source_id":"cisa-kev","external_id":"CVE-2025-32706","title":"CVE-2025-32706: Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-32706"],"exploited":true,"has_exploit":false,"published_at":"2025-05-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-32706","csirts_url":"https://www.csirts.com/advisory/cve-2025-32706-360"},{"num":1947,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-006/","title":"Vulnerability in Fortinet products (May 13, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-32756"],"exploited":true,"has_exploit":true,"published_at":"2025-05-13T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-006/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-fortinet-products-may-13-1947"},{"num":1933,"source_id":"cisa-kev","external_id":"CVE-2025-30400","title":"CVE-2025-30400: Microsoft Windows DWM Core Library Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-30400"],"exploited":true,"has_exploit":true,"published_at":"2025-05-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-30400","csirts_url":"https://www.csirts.com/advisory/cve-2025-30400-1933"},{"num":1934,"source_id":"cisa-kev","external_id":"CVE-2025-47729","title":"CVE-2025-47729: TeleMessage TM SGNL Hidden Functionality Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-47729"],"exploited":true,"has_exploit":false,"published_at":"2025-05-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-47729","csirts_url":"https://www.csirts.com/advisory/cve-2025-47729-1934"},{"num":215,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/impact-ai-cyber-threat-now-2027","title":"Impact of AI on cyber threat from now to 2027","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2025-05-07T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/impact-ai-cyber-threat-now-2027","csirts_url":"https://www.csirts.com/advisory/impact-of-ai-on-cyber-threat-from-now-to-215"},{"num":86958,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-11-2-released/","title":"GitLab Patch Release: 17.11.2, 17.10.6, 17.9.8","severity":"critical","cvss":null,"cves":["CVE-2025-0549","CVE-2024-8973","CVE-2025-1278"],"exploited":false,"has_exploit":false,"published_at":"2025-05-07T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-11-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-11-2-17-10-6-17-9-86958"},{"num":1951,"source_id":"cisa-kev","external_id":"CVE-2024-6047","title":"CVE-2024-6047: GeoVision Devices OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-6047"],"exploited":true,"has_exploit":false,"published_at":"2025-05-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-6047","csirts_url":"https://www.csirts.com/advisory/cve-2024-6047-1951"},{"num":1942,"source_id":"cisa-kev","external_id":"CVE-2024-11120","title":"CVE-2024-11120: GeoVision Devices OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-11120"],"exploited":true,"has_exploit":false,"published_at":"2025-05-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-11120","csirts_url":"https://www.csirts.com/advisory/cve-2024-11120-1942"},{"num":1960,"source_id":"cisa-kev","external_id":"CVE-2025-27363","title":"CVE-2025-27363: FreeType Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-27363"],"exploited":true,"has_exploit":true,"published_at":"2025-05-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-27363","csirts_url":"https://www.csirts.com/advisory/cve-2025-27363-1960"},{"num":1961,"source_id":"cisa-kev","external_id":"CVE-2025-3248","title":"CVE-2025-3248: Langflow Missing Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-3248"],"exploited":true,"has_exploit":true,"published_at":"2025-05-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-3248","csirts_url":"https://www.csirts.com/advisory/cve-2025-3248-1961"},{"num":1962,"source_id":"cisa-kev","external_id":"CVE-2025-34028","title":"CVE-2025-34028: Commvault Command Center Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-34028"],"exploited":true,"has_exploit":true,"published_at":"2025-05-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-34028","csirts_url":"https://www.csirts.com/advisory/cve-2025-34028-1962"},{"num":1963,"source_id":"cisa-kev","external_id":"CVE-2024-58136","title":"CVE-2024-58136: Yiiframework Yii Improper Protection of Alternate Path Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-58136"],"exploited":true,"has_exploit":true,"published_at":"2025-05-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-58136","csirts_url":"https://www.csirts.com/advisory/cve-2024-58136-1963"},{"num":1964,"source_id":"cisa-kev","external_id":"CVE-2024-38475","title":"CVE-2024-38475: Apache HTTP Server Improper Escaping of Output Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38475"],"exploited":true,"has_exploit":true,"published_at":"2025-05-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38475","csirts_url":"https://www.csirts.com/advisory/cve-2024-38475-1964"},{"num":2870,"source_id":"cisa-kev","external_id":"CVE-2023-44221","title":"CVE-2023-44221: SonicWall SMA100 Appliances OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-44221"],"exploited":true,"has_exploit":false,"published_at":"2025-05-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-44221","csirts_url":"https://www.csirts.com/advisory/cve-2023-44221-2870"},{"num":1967,"source_id":"cisa-kev","external_id":"CVE-2025-31324","title":"CVE-2025-31324: SAP NetWeaver Unrestricted File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-31324"],"exploited":true,"has_exploit":true,"published_at":"2025-04-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-31324","csirts_url":"https://www.csirts.com/advisory/cve-2025-31324-1967"},{"num":362,"source_id":"cisa-kev","external_id":"CVE-2025-1976","title":"CVE-2025-1976: Broadcom Brocade Fabric OS Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-1976"],"exploited":true,"has_exploit":false,"published_at":"2025-04-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-1976","csirts_url":"https://www.csirts.com/advisory/cve-2025-1976-362"},{"num":1968,"source_id":"cisa-kev","external_id":"CVE-2025-42599","title":"CVE-2025-42599: Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-42599"],"exploited":true,"has_exploit":false,"published_at":"2025-04-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-42599","csirts_url":"https://www.csirts.com/advisory/cve-2025-42599-1968"},{"num":306,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-005/","title":"Vulnerability in SAP NetWeaver (April 28, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-31324"],"exploited":true,"has_exploit":true,"published_at":"2025-04-28T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-005/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-sap-netweaver-april-28-306"},{"num":1974,"source_id":"cisa-kev","external_id":"CVE-2025-3928","title":"CVE-2025-3928: Commvault Web Server Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-3928"],"exploited":true,"has_exploit":false,"published_at":"2025-04-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-3928","csirts_url":"https://www.csirts.com/advisory/cve-2025-3928-1974"},{"num":86959,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-11-1-released/","title":"GitLab Patch Release: 17.11.1, 17.10.5, 17.9.7","severity":"critical","cvss":null,"cves":["CVE-2025-1763","CVE-2025-2443","CVE-2025-1908","CVE-2025-0639","CVE-2024-12244"],"exploited":false,"has_exploit":false,"published_at":"2025-04-23T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-11-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-11-1-17-10-5-17-9-86959"},{"num":1978,"source_id":"cisa-kev","external_id":"CVE-2025-31201","title":"CVE-2025-31201: Apple Multiple Products Arbitrary Read and Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-31201"],"exploited":true,"has_exploit":true,"published_at":"2025-04-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-31201","csirts_url":"https://www.csirts.com/advisory/cve-2025-31201-1978"},{"num":1980,"source_id":"cisa-kev","external_id":"CVE-2025-31200","title":"CVE-2025-31200: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-31200"],"exploited":true,"has_exploit":true,"published_at":"2025-04-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-31200","csirts_url":"https://www.csirts.com/advisory/cve-2025-31200-1980"},{"num":1977,"source_id":"cisa-kev","external_id":"CVE-2025-24054","title":"CVE-2025-24054: Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24054"],"exploited":true,"has_exploit":true,"published_at":"2025-04-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24054","csirts_url":"https://www.csirts.com/advisory/cve-2025-24054-1977"},{"num":1982,"source_id":"cisa-kev","external_id":"CVE-2021-20035","title":"CVE-2021-20035: SonicWall SMA100 Appliances OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20035"],"exploited":true,"has_exploit":false,"published_at":"2025-04-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20035","csirts_url":"https://www.csirts.com/advisory/cve-2021-20035-1982"},{"num":561,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-004/","title":"Post-exploitation activities in Fortinet FortiGate (April 11, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2022-42475","CVE-2023-27997","CVE-2024-21762"],"exploited":false,"has_exploit":true,"published_at":"2025-04-11T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-004/","csirts_url":"https://www.csirts.com/advisory/post-exploitation-activities-in-fortinet-561"},{"num":87034,"source_id":"jenkins","external_id":"jenkins-advisory-2025-04-10","title":"Jenkins Security Advisory 2025-04-10","severity":"unknown","cvss":null,"cves":["CVE-2025-32754","CVE-2025-32755"],"exploited":false,"has_exploit":false,"published_at":"2025-04-10T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-04-10/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-04-10-87034"},{"num":1985,"source_id":"cisa-kev","external_id":"CVE-2024-53150","title":"CVE-2024-53150: Linux Kernel Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-53150"],"exploited":true,"has_exploit":false,"published_at":"2025-04-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-53150","csirts_url":"https://www.csirts.com/advisory/cve-2024-53150-1985"},{"num":86960,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-10-4-released/","title":"GitLab Patch Release: 17.10.4, 17.9.6, 17.8.7","severity":"critical","cvss":null,"cves":["CVE-2025-1677","CVE-2025-0362","CVE-2025-2408","CVE-2024-11129","CVE-2025-2469"],"exploited":false,"has_exploit":false,"published_at":"2025-04-09T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-10-4-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-10-4-17-9-6-17-8-7-86960"},{"num":1986,"source_id":"cisa-kev","external_id":"CVE-2024-53197","title":"CVE-2024-53197: Linux Kernel Out-of-Bounds Access Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-53197"],"exploited":true,"has_exploit":false,"published_at":"2025-04-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-53197","csirts_url":"https://www.csirts.com/advisory/cve-2024-53197-1986"},{"num":2890,"source_id":"cisa-kev","external_id":"CVE-2025-30406","title":"CVE-2025-30406: Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-30406"],"exploited":true,"has_exploit":true,"published_at":"2025-04-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-30406","csirts_url":"https://www.csirts.com/advisory/cve-2025-30406-2890"},{"num":1989,"source_id":"cisa-kev","external_id":"CVE-2025-29824","title":"CVE-2025-29824: Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-29824"],"exploited":true,"has_exploit":true,"published_at":"2025-04-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-29824","csirts_url":"https://www.csirts.com/advisory/cve-2025-29824-1989"},{"num":2891,"source_id":"cisa-kev","external_id":"CVE-2025-31161","title":"CVE-2025-31161: CrushFTP Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-31161"],"exploited":true,"has_exploit":true,"published_at":"2025-04-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-31161","csirts_url":"https://www.csirts.com/advisory/cve-2025-31161-2891"},{"num":1990,"source_id":"cisa-kev","external_id":"CVE-2025-22457","title":"CVE-2025-22457: Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-22457"],"exploited":true,"has_exploit":true,"published_at":"2025-04-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-22457","csirts_url":"https://www.csirts.com/advisory/cve-2025-22457-1990"},{"num":1941,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-003/","title":"[Update] Vulnerability in Ivanti products (April 3, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-22457","CVE-2025-0282"],"exploited":false,"has_exploit":true,"published_at":"2025-04-03T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-003/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-ivanti-products-1941"},{"num":87035,"source_id":"jenkins","external_id":"jenkins-advisory-2025-04-02","title":"Jenkins Security Advisory 2025-04-02","severity":"unknown","cvss":null,"cves":["CVE-2025-31720","CVE-2025-31721","CVE-2025-31722","CVE-2025-31723","CVE-2025-31724","CVE-2025-31725","CVE-2025-31726","CVE-2025-31727","CVE-2025-31728"],"exploited":false,"has_exploit":false,"published_at":"2025-04-02T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-04-02/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-04-02-87035"},{"num":86961,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-10-3-released/","title":"GitLab Patch Release: 17.10.3","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2025-04-02T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-10-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-10-3-86961"},{"num":86962,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-9-5-released/","title":"GitLab Patch Release: 17.9.5","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2025-04-02T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-9-5-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-9-5-86962"},{"num":1996,"source_id":"cisa-kev","external_id":"CVE-2025-24813","title":"CVE-2025-24813: Apache Tomcat Path Equivalence Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24813"],"exploited":true,"has_exploit":true,"published_at":"2025-04-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24813","csirts_url":"https://www.csirts.com/advisory/cve-2025-24813-1996"},{"num":1999,"source_id":"cisa-kev","external_id":"CVE-2024-20439","title":"CVE-2024-20439: Cisco Smart Licensing Utility Static Credential Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-20439"],"exploited":true,"has_exploit":true,"published_at":"2025-03-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-20439","csirts_url":"https://www.csirts.com/advisory/cve-2024-20439-1999"},{"num":2893,"source_id":"cisa-kev","external_id":"CVE-2025-2783","title":"CVE-2025-2783: Google Chromium Mojo Sandbox Escape Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-2783"],"exploited":true,"has_exploit":true,"published_at":"2025-03-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-2783","csirts_url":"https://www.csirts.com/advisory/cve-2025-2783-2893"},{"num":2001,"source_id":"cisa-kev","external_id":"CVE-2019-9874","title":"CVE-2019-9874: Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-9874"],"exploited":true,"has_exploit":true,"published_at":"2025-03-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9874","csirts_url":"https://www.csirts.com/advisory/cve-2019-9874-2001"},{"num":86963,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-10-1-released/","title":"GitLab Patch Release: 17.10.1, 17.9.3, 17.8.6","severity":"critical","cvss":null,"cves":["CVE-2025-2255","CVE-2025-0811","CVE-2025-2242","CVE-2024-12619","CVE-2024-10307","CVE-2024-9773"],"exploited":false,"has_exploit":false,"published_at":"2025-03-26T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-10-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-10-1-17-9-3-17-8-6-86963"},{"num":2894,"source_id":"cisa-kev","external_id":"CVE-2019-9875","title":"CVE-2019-9875: Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-9875"],"exploited":true,"has_exploit":false,"published_at":"2025-03-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9875","csirts_url":"https://www.csirts.com/advisory/cve-2019-9875-2894"},{"num":2275,"source_id":"cisa-kev","external_id":"CVE-2025-30154","title":"CVE-2025-30154: reviewdog/action-setup GitHub Action Embedded Malicious Code Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-30154"],"exploited":true,"has_exploit":false,"published_at":"2025-03-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-30154","csirts_url":"https://www.csirts.com/advisory/cve-2025-30154-2275"},{"num":87134,"source_id":"drupal","external_id":"3514078 at https://www.drupal.org","title":"Drupal core - Moderately critical - Cross Site Scripting - SA-CORE-2025-004","severity":"critical","cvss":null,"cves":["CVE-2025-31675"],"exploited":false,"has_exploit":false,"published_at":"2025-03-19T18:54:35+00:00","link":"https://www.drupal.org/sa-core-2025-004","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-cross-87134"},{"num":87036,"source_id":"jenkins","external_id":"jenkins-advisory-2025-03-19","title":"Jenkins Security Advisory 2025-03-19","severity":"unknown","cvss":null,"cves":["CVE-2020-36843","CVE-2025-30196","CVE-2025-30197"],"exploited":false,"has_exploit":false,"published_at":"2025-03-19T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-03-19/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-03-19-87036"},{"num":2002,"source_id":"cisa-kev","external_id":"CVE-2017-12637","title":"CVE-2017-12637: SAP NetWeaver Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12637"],"exploited":true,"has_exploit":true,"published_at":"2025-03-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12637","csirts_url":"https://www.csirts.com/advisory/cve-2017-12637-2002"},{"num":443,"source_id":"cisa-kev","external_id":"CVE-2024-48248","title":"CVE-2024-48248: NAKIVO Backup and Replication Absolute Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-48248"],"exploited":true,"has_exploit":true,"published_at":"2025-03-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-48248","csirts_url":"https://www.csirts.com/advisory/cve-2024-48248-443"},{"num":2008,"source_id":"cisa-kev","external_id":"CVE-2025-1316","title":"CVE-2025-1316: Edimax IC-7100 IP Camera OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-1316"],"exploited":true,"has_exploit":false,"published_at":"2025-03-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-1316","csirts_url":"https://www.csirts.com/advisory/cve-2025-1316-2008"},{"num":2012,"source_id":"cisa-kev","external_id":"CVE-2025-24472","title":"CVE-2025-24472: Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24472"],"exploited":true,"has_exploit":false,"published_at":"2025-03-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24472","csirts_url":"https://www.csirts.com/advisory/cve-2025-24472-2012"},{"num":2009,"source_id":"cisa-kev","external_id":"CVE-2025-30066","title":"CVE-2025-30066: tj-actions/changed-files GitHub Action Embedded Malicious Code Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-30066"],"exploited":true,"has_exploit":true,"published_at":"2025-03-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-30066","csirts_url":"https://www.csirts.com/advisory/cve-2025-30066-2009"},{"num":363,"source_id":"cisa-kev","external_id":"CVE-2025-21590","title":"CVE-2025-21590: Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21590"],"exploited":true,"has_exploit":false,"published_at":"2025-03-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21590","csirts_url":"https://www.csirts.com/advisory/cve-2025-21590-363"},{"num":364,"source_id":"cisa-kev","external_id":"CVE-2025-24201","title":"CVE-2025-24201: Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24201"],"exploited":true,"has_exploit":true,"published_at":"2025-03-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24201","csirts_url":"https://www.csirts.com/advisory/cve-2025-24201-364"},{"num":86964,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-9-2-released/","title":"GitLab Critical Patch Release: 17.9.2, 17.8.5, 17.7.7","severity":"critical","cvss":null,"cves":["CVE-2025-25291","CVE-2025-25292","CVE-2025-27407","CVE-2024-13054","CVE-2024-12380","CVE-2025-1257","CVE-2025-0652","CVE-2024-8402","CVE-2024-7296"],"exploited":false,"has_exploit":false,"published_at":"2025-03-12T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-9-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-patch-release-17-9-2-17-8-86964"},{"num":86856,"source_id":"fortinet","external_id":"https://fortiguard.fortinet.com/psirt/FG-IR-25-122","title":"Pre-authentication Denial of Service attack in OpenSSH - CVE-2025-26466","severity":"unknown","cvss":null,"cves":["CVE-2025-26466"],"exploited":false,"has_exploit":false,"published_at":"2025-03-11T07:00:00+00:00","link":"https://fortiguard.fortinet.com/psirt/FG-IR-25-122","csirts_url":"https://www.csirts.com/advisory/pre-authentication-denial-of-service-86856"},{"num":2028,"source_id":"cisa-kev","external_id":"CVE-2025-24985","title":"CVE-2025-24985: Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24985"],"exploited":true,"has_exploit":true,"published_at":"2025-03-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24985","csirts_url":"https://www.csirts.com/advisory/cve-2025-24985-2028"},{"num":2910,"source_id":"cisa-kev","external_id":"CVE-2025-24984","title":"CVE-2025-24984: Microsoft Windows NTFS Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24984"],"exploited":true,"has_exploit":false,"published_at":"2025-03-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24984","csirts_url":"https://www.csirts.com/advisory/cve-2025-24984-2910"},{"num":2026,"source_id":"cisa-kev","external_id":"CVE-2025-24993","title":"CVE-2025-24993: Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24993"],"exploited":true,"has_exploit":false,"published_at":"2025-03-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24993","csirts_url":"https://www.csirts.com/advisory/cve-2025-24993-2026"},{"num":2911,"source_id":"cisa-kev","external_id":"CVE-2025-26633","title":"CVE-2025-26633: Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-26633"],"exploited":true,"has_exploit":true,"published_at":"2025-03-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-26633","csirts_url":"https://www.csirts.com/advisory/cve-2025-26633-2911"},{"num":2027,"source_id":"cisa-kev","external_id":"CVE-2025-24991","title":"CVE-2025-24991: Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24991"],"exploited":true,"has_exploit":false,"published_at":"2025-03-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24991","csirts_url":"https://www.csirts.com/advisory/cve-2025-24991-2027"},{"num":2029,"source_id":"cisa-kev","external_id":"CVE-2025-24983","title":"CVE-2025-24983: Microsoft Windows Win32k Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24983"],"exploited":true,"has_exploit":false,"published_at":"2025-03-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24983","csirts_url":"https://www.csirts.com/advisory/cve-2025-24983-2029"},{"num":2036,"source_id":"cisa-kev","external_id":"CVE-2024-13159","title":"CVE-2024-13159: Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-13159"],"exploited":true,"has_exploit":true,"published_at":"2025-03-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-13159","csirts_url":"https://www.csirts.com/advisory/cve-2024-13159-2036"},{"num":2038,"source_id":"cisa-kev","external_id":"CVE-2025-25181","title":"CVE-2025-25181: Advantive VeraCore SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-25181"],"exploited":true,"has_exploit":false,"published_at":"2025-03-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-25181","csirts_url":"https://www.csirts.com/advisory/cve-2025-25181-2038"},{"num":2037,"source_id":"cisa-kev","external_id":"CVE-2024-57968","title":"CVE-2024-57968: Advantive VeraCore Unrestricted File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-57968"],"exploited":true,"has_exploit":false,"published_at":"2025-03-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-57968","csirts_url":"https://www.csirts.com/advisory/cve-2024-57968-2037"},{"num":2033,"source_id":"cisa-kev","external_id":"CVE-2024-13161","title":"CVE-2024-13161: Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-13161"],"exploited":true,"has_exploit":true,"published_at":"2025-03-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-13161","csirts_url":"https://www.csirts.com/advisory/cve-2024-13161-2033"},{"num":2231,"source_id":"cisa-kev","external_id":"CVE-2024-13160","title":"CVE-2024-13160: Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-13160"],"exploited":true,"has_exploit":true,"published_at":"2025-03-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-13160","csirts_url":"https://www.csirts.com/advisory/cve-2024-13160-2231"},{"num":87037,"source_id":"jenkins","external_id":"jenkins-advisory-2025-03-05","title":"Jenkins Security Advisory 2025-03-05","severity":"unknown","cvss":null,"cves":["CVE-2025-27622","CVE-2025-27623","CVE-2025-27624","CVE-2025-27625"],"exploited":false,"has_exploit":false,"published_at":"2025-03-05T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-03-05/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-03-05-87037"},{"num":2054,"source_id":"cisa-kev","external_id":"CVE-2025-22224","title":"CVE-2025-22224: VMware ESXi and Workstation TOCTOU Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-22224"],"exploited":true,"has_exploit":false,"published_at":"2025-03-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-22224","csirts_url":"https://www.csirts.com/advisory/cve-2025-22224-2054"},{"num":2055,"source_id":"cisa-kev","external_id":"CVE-2024-50302","title":"CVE-2024-50302: Linux Kernel Use of Uninitialized Resource Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-50302"],"exploited":true,"has_exploit":false,"published_at":"2025-03-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-50302","csirts_url":"https://www.csirts.com/advisory/cve-2024-50302-2055"},{"num":2053,"source_id":"cisa-kev","external_id":"CVE-2025-22225","title":"CVE-2025-22225: VMware ESXi Arbitrary Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-22225"],"exploited":true,"has_exploit":false,"published_at":"2025-03-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-22225","csirts_url":"https://www.csirts.com/advisory/cve-2025-22225-2053"},{"num":2045,"source_id":"cisa-kev","external_id":"CVE-2025-22226","title":"CVE-2025-22226: VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-22226"],"exploited":true,"has_exploit":false,"published_at":"2025-03-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-22226","csirts_url":"https://www.csirts.com/advisory/cve-2025-22226-2045"},{"num":2062,"source_id":"cisa-kev","external_id":"CVE-2022-43769","title":"CVE-2022-43769: Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-43769"],"exploited":true,"has_exploit":true,"published_at":"2025-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-43769","csirts_url":"https://www.csirts.com/advisory/cve-2022-43769-2062"},{"num":2925,"source_id":"cisa-kev","external_id":"CVE-2023-20118","title":"CVE-2023-20118: Cisco Small Business RV Series Routers Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-20118"],"exploited":true,"has_exploit":false,"published_at":"2025-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-20118","csirts_url":"https://www.csirts.com/advisory/cve-2023-20118-2925"},{"num":2063,"source_id":"cisa-kev","external_id":"CVE-2022-43939","title":"CVE-2022-43939: Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-43939"],"exploited":true,"has_exploit":true,"published_at":"2025-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-43939","csirts_url":"https://www.csirts.com/advisory/cve-2022-43939-2063"},{"num":2061,"source_id":"cisa-kev","external_id":"CVE-2018-8639","title":"CVE-2018-8639: Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8639"],"exploited":true,"has_exploit":true,"published_at":"2025-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8639","csirts_url":"https://www.csirts.com/advisory/cve-2018-8639-2061"},{"num":2056,"source_id":"cisa-kev","external_id":"CVE-2024-4885","title":"CVE-2024-4885: Progress WhatsUp Gold Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4885"],"exploited":true,"has_exploit":true,"published_at":"2025-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4885","csirts_url":"https://www.csirts.com/advisory/cve-2024-4885-2056"},{"num":86965,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-9-1-released/","title":"GitLab Patch Release: 17.9.1, 17.8.4, 17.7.6","severity":"critical","cvss":null,"cves":["CVE-2025-0475","CVE-2025-0555","CVE-2024-8186","CVE-2024-10925","CVE-2025-0307"],"exploited":false,"has_exploit":false,"published_at":"2025-02-26T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-9-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-9-1-17-8-4-17-7-6-86965"},{"num":2926,"source_id":"cisa-kev","external_id":"CVE-2023-34192","title":"CVE-2023-34192: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-34192"],"exploited":true,"has_exploit":true,"published_at":"2025-02-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-34192","csirts_url":"https://www.csirts.com/advisory/cve-2023-34192-2926"},{"num":2064,"source_id":"cisa-kev","external_id":"CVE-2024-49035","title":"CVE-2024-49035: Microsoft Partner Center Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-49035"],"exploited":true,"has_exploit":false,"published_at":"2025-02-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-49035","csirts_url":"https://www.csirts.com/advisory/cve-2024-49035-2064"},{"num":2066,"source_id":"cisa-kev","external_id":"CVE-2017-3066","title":"CVE-2017-3066: Adobe ColdFusion Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-3066"],"exploited":true,"has_exploit":true,"published_at":"2025-02-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-3066","csirts_url":"https://www.csirts.com/advisory/cve-2017-3066-2066"},{"num":2065,"source_id":"cisa-kev","external_id":"CVE-2024-20953","title":"CVE-2024-20953: Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-20953"],"exploited":true,"has_exploit":false,"published_at":"2025-02-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-20953","csirts_url":"https://www.csirts.com/advisory/cve-2024-20953-2065"},{"num":2282,"source_id":"cisa-kev","external_id":"CVE-2025-24989","title":"CVE-2025-24989: Microsoft Power Pages Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24989"],"exploited":true,"has_exploit":false,"published_at":"2025-02-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24989","csirts_url":"https://www.csirts.com/advisory/cve-2025-24989-2282"},{"num":2067,"source_id":"cisa-kev","external_id":"CVE-2025-23209","title":"CVE-2025-23209: Craft CMS Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-23209"],"exploited":true,"has_exploit":false,"published_at":"2025-02-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-23209","csirts_url":"https://www.csirts.com/advisory/cve-2025-23209-2067"},{"num":2294,"source_id":"cisa-kev","external_id":"CVE-2025-0111","title":"CVE-2025-0111: Palo Alto Networks PAN-OS File Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-0111"],"exploited":true,"has_exploit":false,"published_at":"2025-02-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-0111","csirts_url":"https://www.csirts.com/advisory/cve-2025-0111-2294"},{"num":87135,"source_id":"drupal","external_id":"3507831 at https://www.drupal.org","title":"Drupal core - Moderately critical - Gadget Chain - SA-CORE-2025-003","severity":"critical","cvss":null,"cves":["CVE-2025-31674"],"exploited":false,"has_exploit":false,"published_at":"2025-02-19T17:03:28+00:00","link":"https://www.drupal.org/sa-core-2025-003","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-gadget-87135"},{"num":87136,"source_id":"drupal","external_id":"3507828 at https://www.drupal.org","title":"Drupal core - Moderately critical - Access bypass - SA-CORE-2025-002","severity":"critical","cvss":null,"cves":["CVE-2025-31673"],"exploited":false,"has_exploit":false,"published_at":"2025-02-19T16:58:10+00:00","link":"https://www.drupal.org/sa-core-2025-002","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-access-87136"},{"num":87137,"source_id":"drupal","external_id":"3507825 at https://www.drupal.org","title":"Drupal core - Critical - Cross site scripting - SA-CORE-2025-001","severity":"critical","cvss":null,"cves":["CVE-2025-3057"],"exploited":false,"has_exploit":false,"published_at":"2025-02-19T16:49:28+00:00","link":"https://www.drupal.org/sa-core-2025-001","csirts_url":"https://www.csirts.com/advisory/drupal-core-critical-cross-site-scripting-87137"},{"num":2078,"source_id":"cisa-kev","external_id":"CVE-2024-53704","title":"CVE-2024-53704: SonicWall SonicOS SSLVPN Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-53704"],"exploited":true,"has_exploit":true,"published_at":"2025-02-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-53704","csirts_url":"https://www.csirts.com/advisory/cve-2024-53704-2078"},{"num":2068,"source_id":"cisa-kev","external_id":"CVE-2025-0108","title":"CVE-2025-0108: Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-0108"],"exploited":true,"has_exploit":true,"published_at":"2025-02-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-0108","csirts_url":"https://www.csirts.com/advisory/cve-2025-0108-2068"},{"num":2080,"source_id":"cisa-kev","external_id":"CVE-2024-57727","title":"CVE-2024-57727: SimpleHelp Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-57727"],"exploited":true,"has_exploit":true,"published_at":"2025-02-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-57727","csirts_url":"https://www.csirts.com/advisory/cve-2024-57727-2080"},{"num":372,"source_id":"cisa-kev","external_id":"CVE-2024-41710","title":"CVE-2024-41710: Mitel SIP Phones Argument Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-41710"],"exploited":true,"has_exploit":false,"published_at":"2025-02-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-41710","csirts_url":"https://www.csirts.com/advisory/cve-2024-41710-372"},{"num":86966,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-8-2-released/","title":"GitLab Patch Release: 17.8.2, 17.7.4, 17.6.5","severity":"critical","cvss":null,"cves":["CVE-2025-0376","CVE-2024-12379","CVE-2024-3303","CVE-2025-1212","CVE-2024-9870","CVE-2025-0516","CVE-2025-1198","CVE-2025-1042","CVE-2025-1540"],"exploited":false,"has_exploit":false,"published_at":"2025-02-12T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-8-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-8-2-17-7-4-17-6-5-86966"},{"num":2085,"source_id":"cisa-kev","external_id":"CVE-2025-24200","title":"CVE-2025-24200: Apple iOS and iPadOS Incorrect Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24200"],"exploited":true,"has_exploit":false,"published_at":"2025-02-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24200","csirts_url":"https://www.csirts.com/advisory/cve-2025-24200-2085"},{"num":373,"source_id":"cisa-kev","external_id":"CVE-2024-40891","title":"CVE-2024-40891: Zyxel DSL CPE OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-40891"],"exploited":true,"has_exploit":false,"published_at":"2025-02-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-40891","csirts_url":"https://www.csirts.com/advisory/cve-2024-40891-373"},{"num":2939,"source_id":"cisa-kev","external_id":"CVE-2024-40890","title":"CVE-2024-40890: Zyxel DSL CPE OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-40890"],"exploited":true,"has_exploit":false,"published_at":"2025-02-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-40890","csirts_url":"https://www.csirts.com/advisory/cve-2024-40890-2939"},{"num":2942,"source_id":"cisa-kev","external_id":"CVE-2025-21391","title":"CVE-2025-21391: Microsoft Windows Storage Link Following Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21391"],"exploited":true,"has_exploit":false,"published_at":"2025-02-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21391","csirts_url":"https://www.csirts.com/advisory/cve-2025-21391-2942"},{"num":2306,"source_id":"cisa-kev","external_id":"CVE-2025-21418","title":"CVE-2025-21418: Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21418"],"exploited":true,"has_exploit":false,"published_at":"2025-02-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21418","csirts_url":"https://www.csirts.com/advisory/cve-2025-21418-2306"},{"num":2943,"source_id":"cisa-kev","external_id":"CVE-2025-0994","title":"CVE-2025-0994: Trimble Cityworks Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-0994"],"exploited":true,"has_exploit":true,"published_at":"2025-02-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-0994","csirts_url":"https://www.csirts.com/advisory/cve-2025-0994-2943"},{"num":2086,"source_id":"cisa-kev","external_id":"CVE-2024-21413","title":"CVE-2024-21413: Microsoft Outlook Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21413"],"exploited":true,"has_exploit":true,"published_at":"2025-02-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21413","csirts_url":"https://www.csirts.com/advisory/cve-2024-21413-2086"},{"num":2091,"source_id":"cisa-kev","external_id":"CVE-2025-0411","title":"CVE-2025-0411: 7-Zip Mark of the Web Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-0411"],"exploited":true,"has_exploit":true,"published_at":"2025-02-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-0411","csirts_url":"https://www.csirts.com/advisory/cve-2025-0411-2091"},{"num":374,"source_id":"cisa-kev","external_id":"CVE-2020-15069","title":"CVE-2020-15069: Sophos XG Firewall Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-15069"],"exploited":true,"has_exploit":false,"published_at":"2025-02-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-15069","csirts_url":"https://www.csirts.com/advisory/cve-2020-15069-374"},{"num":2317,"source_id":"cisa-kev","external_id":"CVE-2020-29574","title":"CVE-2020-29574: CyberoamOS (CROS) SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-29574"],"exploited":true,"has_exploit":false,"published_at":"2025-02-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-29574","csirts_url":"https://www.csirts.com/advisory/cve-2020-29574-2317"},{"num":2089,"source_id":"cisa-kev","external_id":"CVE-2022-23748","title":"CVE-2022-23748: Dante Discovery Process Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-23748"],"exploited":true,"has_exploit":false,"published_at":"2025-02-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-23748","csirts_url":"https://www.csirts.com/advisory/cve-2022-23748-2089"},{"num":378,"source_id":"cisa-kev","external_id":"CVE-2024-53104","title":"CVE-2024-53104: Linux Kernel Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-53104"],"exploited":true,"has_exploit":false,"published_at":"2025-02-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-53104","csirts_url":"https://www.csirts.com/advisory/cve-2024-53104-378"},{"num":2093,"source_id":"cisa-kev","external_id":"CVE-2018-19410","title":"CVE-2018-19410: Paessler PRTG Network Monitor Local File Inclusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-19410"],"exploited":true,"has_exploit":true,"published_at":"2025-02-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19410","csirts_url":"https://www.csirts.com/advisory/cve-2018-19410-2093"},{"num":2347,"source_id":"cisa-kev","external_id":"CVE-2024-45195","title":"CVE-2024-45195: Apache OFBiz Forced Browsing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-45195"],"exploited":true,"has_exploit":true,"published_at":"2025-02-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-45195","csirts_url":"https://www.csirts.com/advisory/cve-2024-45195-2347"},{"num":2103,"source_id":"cisa-kev","external_id":"CVE-2024-29059","title":"CVE-2024-29059: Microsoft .NET Framework Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-29059"],"exploited":true,"has_exploit":true,"published_at":"2025-02-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-29059","csirts_url":"https://www.csirts.com/advisory/cve-2024-29059-2103"},{"num":2094,"source_id":"cisa-kev","external_id":"CVE-2018-9276","title":"CVE-2018-9276: Paessler PRTG Network Monitor OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-9276"],"exploited":true,"has_exploit":true,"published_at":"2025-02-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-9276","csirts_url":"https://www.csirts.com/advisory/cve-2018-9276-2094"},{"num":2114,"source_id":"cisa-kev","external_id":"CVE-2025-24085","title":"CVE-2025-24085: Apple Multiple Products Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-24085"],"exploited":true,"has_exploit":true,"published_at":"2025-01-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-24085","csirts_url":"https://www.csirts.com/advisory/cve-2025-24085-2114"},{"num":1719,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/a-method-to-assess-forgivable-vs-unforgivable-vulnerabilities","title":"A method to assess 'forgivable' vs 'unforgivable' vulnerabilities","severity":"unknown","cvss":null,"cves":["CVE-2023-34362","CVE-2023-36934","CVE-2023-27997","CVE-2021-26084"],"exploited":true,"has_exploit":true,"published_at":"2025-01-28T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/a-method-to-assess-forgivable-vs-unforgivable-vulnerabilities","csirts_url":"https://www.csirts.com/advisory/a-method-to-assess-forgivable-vs-1719"},{"num":2945,"source_id":"cisa-kev","external_id":"CVE-2025-23006","title":"CVE-2025-23006: SonicWall SMA1000 Appliances Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-23006"],"exploited":true,"has_exploit":false,"published_at":"2025-01-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-23006","csirts_url":"https://www.csirts.com/advisory/cve-2025-23006-2945"},{"num":2116,"source_id":"cisa-kev","external_id":"CVE-2020-11023","title":"CVE-2020-11023: JQuery Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-11023"],"exploited":true,"has_exploit":true,"published_at":"2025-01-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-11023","csirts_url":"https://www.csirts.com/advisory/cve-2020-11023-2116"},{"num":87038,"source_id":"jenkins","external_id":"jenkins-advisory-2025-01-22","title":"Jenkins Security Advisory 2025-01-22","severity":"unknown","cvss":null,"cves":["CVE-2025-24397","CVE-2025-24398","CVE-2025-24399","CVE-2025-0142","CVE-2025-0148","CVE-2025-24400","CVE-2025-24401","CVE-2025-24402","CVE-2025-24403"],"exploited":false,"has_exploit":false,"published_at":"2025-01-22T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2025-01-22/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2025-01-22-87038"},{"num":86967,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-8-1-released/","title":"GitLab Patch Release: 17.8.1, 17.7.3, 17.6.4","severity":"critical","cvss":null,"cves":["CVE-2025-0314","CVE-2024-11931","CVE-2024-6324"],"exploited":false,"has_exploit":false,"published_at":"2025-01-22T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-8-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-8-1-17-7-3-17-6-4-86967"},{"num":2119,"source_id":"cisa-kev","external_id":"CVE-2024-50603","title":"CVE-2024-50603: Aviatrix Controllers OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-50603"],"exploited":true,"has_exploit":true,"published_at":"2025-01-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-50603","csirts_url":"https://www.csirts.com/advisory/cve-2024-50603-2119"},{"num":86968,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-7-2-released/","title":"GitLab Patch Release: 17.7.2","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2025-01-15T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-7-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-7-2-86968"},{"num":2121,"source_id":"cisa-kev","external_id":"CVE-2025-21335","title":"CVE-2025-21335: Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21335"],"exploited":true,"has_exploit":false,"published_at":"2025-01-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21335","csirts_url":"https://www.csirts.com/advisory/cve-2025-21335-2121"},{"num":246,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-002/","title":"[Update] Vulnerability in Fortinet products (January 14, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2024-55591"],"exploited":true,"has_exploit":true,"published_at":"2025-01-14T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-002/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-fortinet-products-246"},{"num":2126,"source_id":"cisa-kev","external_id":"CVE-2024-55591","title":"CVE-2024-55591: Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-55591"],"exploited":true,"has_exploit":true,"published_at":"2025-01-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-55591","csirts_url":"https://www.csirts.com/advisory/cve-2024-55591-2126"},{"num":383,"source_id":"cisa-kev","external_id":"CVE-2025-21333","title":"CVE-2025-21333: Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21333"],"exploited":true,"has_exploit":true,"published_at":"2025-01-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21333","csirts_url":"https://www.csirts.com/advisory/cve-2025-21333-383"},{"num":2125,"source_id":"cisa-kev","external_id":"CVE-2025-21334","title":"CVE-2025-21334: Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-21334"],"exploited":true,"has_exploit":false,"published_at":"2025-01-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-21334","csirts_url":"https://www.csirts.com/advisory/cve-2025-21334-2125"},{"num":2127,"source_id":"cisa-kev","external_id":"CVE-2024-12686","title":"CVE-2024-12686: BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-12686"],"exploited":true,"has_exploit":false,"published_at":"2025-01-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-12686","csirts_url":"https://www.csirts.com/advisory/cve-2024-12686-2127"},{"num":384,"source_id":"cisa-kev","external_id":"CVE-2023-48365","title":"CVE-2023-48365: Qlik Sense HTTP Tunneling Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-48365"],"exploited":true,"has_exploit":false,"published_at":"2025-01-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-48365","csirts_url":"https://www.csirts.com/advisory/cve-2023-48365-384"},{"num":560,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-001/","title":"[Update] Vulnerability in Ivanti products (January 9, 2025)","severity":"unknown","cvss":null,"cves":["CVE-2025-0282"],"exploited":true,"has_exploit":true,"published_at":"2025-01-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2025-ALE-001/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-ivanti-products-560"},{"num":86969,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-7-1-released/","title":"GitLab Patch Release: 17.7.1, 17.6.3, 17.5.5","severity":"critical","cvss":null,"cves":["CVE-2024-5655","CVE-2024-6385","CVE-2024-6678","CVE-2024-8970","CVE-2025-0194","CVE-2024-6324","CVE-2024-12431","CVE-2024-13041"],"exploited":false,"has_exploit":false,"published_at":"2025-01-08T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-7-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-7-1-17-6-3-17-5-5-86969"},{"num":2131,"source_id":"cisa-kev","external_id":"CVE-2025-0282","title":"CVE-2025-0282: Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2025-0282"],"exploited":true,"has_exploit":true,"published_at":"2025-01-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-0282","csirts_url":"https://www.csirts.com/advisory/cve-2025-0282-2131"},{"num":2137,"source_id":"cisa-kev","external_id":"CVE-2024-55550","title":"CVE-2024-55550: Mitel MiCollab Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-55550"],"exploited":true,"has_exploit":true,"published_at":"2025-01-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-55550","csirts_url":"https://www.csirts.com/advisory/cve-2024-55550-2137"},{"num":2132,"source_id":"cisa-kev","external_id":"CVE-2020-2883","title":"CVE-2020-2883: Oracle WebLogic Server Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-2883"],"exploited":true,"has_exploit":true,"published_at":"2025-01-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-2883","csirts_url":"https://www.csirts.com/advisory/cve-2020-2883-2132"},{"num":2141,"source_id":"cisa-kev","external_id":"CVE-2024-41713","title":"CVE-2024-41713: Mitel MiCollab Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-41713"],"exploited":true,"has_exploit":true,"published_at":"2025-01-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-41713","csirts_url":"https://www.csirts.com/advisory/cve-2024-41713-2141"},{"num":2147,"source_id":"cisa-kev","external_id":"CVE-2024-3393","title":"CVE-2024-3393: Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-3393"],"exploited":true,"has_exploit":false,"published_at":"2024-12-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-3393","csirts_url":"https://www.csirts.com/advisory/cve-2024-3393-2147"},{"num":2962,"source_id":"cisa-kev","external_id":"CVE-2021-44207","title":"CVE-2021-44207: Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-44207"],"exploited":true,"has_exploit":false,"published_at":"2024-12-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-44207","csirts_url":"https://www.csirts.com/advisory/cve-2021-44207-2962"},{"num":2965,"source_id":"cisa-kev","external_id":"CVE-2024-12356","title":"CVE-2024-12356: BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-12356"],"exploited":true,"has_exploit":true,"published_at":"2024-12-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-12356","csirts_url":"https://www.csirts.com/advisory/cve-2024-12356-2965"},{"num":2152,"source_id":"cisa-kev","external_id":"CVE-2019-11001","title":"CVE-2019-11001: Reolink Multiple IP Cameras OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11001"],"exploited":true,"has_exploit":false,"published_at":"2024-12-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11001","csirts_url":"https://www.csirts.com/advisory/cve-2019-11001-2152"},{"num":2374,"source_id":"cisa-kev","external_id":"CVE-2022-23227","title":"CVE-2022-23227: NUUO NVRmini2 Devices Missing Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-23227"],"exploited":true,"has_exploit":false,"published_at":"2024-12-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-23227","csirts_url":"https://www.csirts.com/advisory/cve-2022-23227-2374"},{"num":2383,"source_id":"cisa-kev","external_id":"CVE-2018-14933","title":"CVE-2018-14933: NUUO NVRmini Devices OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-14933"],"exploited":true,"has_exploit":true,"published_at":"2024-12-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14933","csirts_url":"https://www.csirts.com/advisory/cve-2018-14933-2383"},{"num":2151,"source_id":"cisa-kev","external_id":"CVE-2021-40407","title":"CVE-2021-40407: Reolink RLC-410W IP Camera OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-40407"],"exploited":true,"has_exploit":false,"published_at":"2024-12-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-40407","csirts_url":"https://www.csirts.com/advisory/cve-2021-40407-2151"},{"num":387,"source_id":"cisa-kev","external_id":"CVE-2024-55956","title":"CVE-2024-55956: Cleo Multiple Products Unauthenticated File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-55956"],"exploited":true,"has_exploit":true,"published_at":"2024-12-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-55956","csirts_url":"https://www.csirts.com/advisory/cve-2024-55956-387"},{"num":1913,"source_id":"cisa-kev","external_id":"CVE-2024-35250","title":"CVE-2024-35250: Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-35250"],"exploited":true,"has_exploit":true,"published_at":"2024-12-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-35250","csirts_url":"https://www.csirts.com/advisory/cve-2024-35250-1913"},{"num":1094,"source_id":"cisa-kev","external_id":"CVE-2024-20767","title":"CVE-2024-20767: Adobe ColdFusion Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-20767"],"exploited":true,"has_exploit":true,"published_at":"2024-12-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-20767","csirts_url":"https://www.csirts.com/advisory/cve-2024-20767-1094"},{"num":911,"source_id":"cisa-kev","external_id":"CVE-2024-50623","title":"CVE-2024-50623: Cleo Multiple Products Unrestricted File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-50623"],"exploited":true,"has_exploit":true,"published_at":"2024-12-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-50623","csirts_url":"https://www.csirts.com/advisory/cve-2024-50623-911"},{"num":86970,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-6-2-released/","title":"GitLab Patch Release: 17.6.2, 17.5.4, 17.4.6","severity":"critical","cvss":null,"cves":["CVE-2024-11274","CVE-2024-8233","CVE-2024-12570","CVE-2024-9387","CVE-2024-8647","CVE-2024-8179","CVE-2024-8116","CVE-2024-8650","CVE-2024-9367","CVE-2024-12292","CVE-2024-10043","CVE-2024-9633"],"exploited":false,"has_exploit":false,"published_at":"2024-12-11T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-6-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-6-2-17-5-4-17-4-6-86970"},{"num":912,"source_id":"cisa-kev","external_id":"CVE-2024-49138","title":"CVE-2024-49138: Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-49138"],"exploited":true,"has_exploit":true,"published_at":"2024-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-49138","csirts_url":"https://www.csirts.com/advisory/cve-2024-49138-912"},{"num":2966,"source_id":"cisa-kev","external_id":"CVE-2024-51378","title":"CVE-2024-51378: CyberPanel Incorrect Default Permissions Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-51378"],"exploited":true,"has_exploit":true,"published_at":"2024-12-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-51378","csirts_url":"https://www.csirts.com/advisory/cve-2024-51378-2966"},{"num":2967,"source_id":"cisa-kev","external_id":"CVE-2024-11667","title":"CVE-2024-11667: Zyxel Multiple Firewalls Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-11667"],"exploited":true,"has_exploit":false,"published_at":"2024-12-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-11667","csirts_url":"https://www.csirts.com/advisory/cve-2024-11667-2967"},{"num":2968,"source_id":"cisa-kev","external_id":"CVE-2023-45727","title":"CVE-2023-45727: North Grid Proself Improper Restriction of XML External Entity (XXE) Reference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-45727"],"exploited":true,"has_exploit":false,"published_at":"2024-12-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-45727","csirts_url":"https://www.csirts.com/advisory/cve-2023-45727-2968"},{"num":2155,"source_id":"cisa-kev","external_id":"CVE-2024-11680","title":"CVE-2024-11680: ProjectSend Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-11680"],"exploited":true,"has_exploit":true,"published_at":"2024-12-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-11680","csirts_url":"https://www.csirts.com/advisory/cve-2024-11680-2155"},{"num":87039,"source_id":"jenkins","external_id":"jenkins-advisory-2024-11-27","title":"Jenkins Security Advisory 2024-11-27","severity":"unknown","cvss":null,"cves":["CVE-2024-47855","CVE-2024-54003","CVE-2024-54004"],"exploited":false,"has_exploit":false,"published_at":"2024-11-27T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-11-27/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-11-27-87039"},{"num":86971,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-6-1-released/","title":"GitLab Patch Release: 17.6.1, 17.5.3, 17.4.5","severity":"critical","cvss":null,"cves":["CVE-2024-8114","CVE-2024-8237","CVE-2024-11669","CVE-2024-8177","CVE-2024-11828","CVE-2024-11668"],"exploited":false,"has_exploit":false,"published_at":"2024-11-26T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-6-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-6-1-17-5-3-17-4-5-86971"},{"num":2402,"source_id":"cisa-kev","external_id":"CVE-2023-28461","title":"CVE-2023-28461: Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28461"],"exploited":true,"has_exploit":false,"published_at":"2024-11-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28461","csirts_url":"https://www.csirts.com/advisory/cve-2023-28461-2402"},{"num":2969,"source_id":"cisa-kev","external_id":"CVE-2024-44308","title":"CVE-2024-44308: Apple Multiple Products Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-44308"],"exploited":true,"has_exploit":true,"published_at":"2024-11-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-44308","csirts_url":"https://www.csirts.com/advisory/cve-2024-44308-2969"},{"num":2417,"source_id":"cisa-kev","external_id":"CVE-2024-44309","title":"CVE-2024-44309: Apple Multiple Products Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-44309"],"exploited":true,"has_exploit":false,"published_at":"2024-11-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-44309","csirts_url":"https://www.csirts.com/advisory/cve-2024-44309-2417"},{"num":2413,"source_id":"cisa-kev","external_id":"CVE-2024-21287","title":"CVE-2024-21287: Oracle Agile Product Lifecycle Management (PLM) Incorrect Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21287"],"exploited":true,"has_exploit":false,"published_at":"2024-11-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21287","csirts_url":"https://www.csirts.com/advisory/cve-2024-21287-2413"},{"num":87138,"source_id":"drupal","external_id":"3488717 at https://www.drupal.org","title":"Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-008","severity":"critical","cvss":null,"cves":["CVE-2024-55638"],"exploited":false,"has_exploit":false,"published_at":"2024-11-20T17:29:59+00:00","link":"https://www.drupal.org/sa-core-2024-008","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-gadget-87138"},{"num":87139,"source_id":"drupal","external_id":"3488713 at https://www.drupal.org","title":"Drupal core - Moderately critical - Gadget chain - SA-CORE-2024-007","severity":"critical","cvss":null,"cves":["CVE-2024-55637"],"exploited":false,"has_exploit":false,"published_at":"2024-11-20T17:27:28+00:00","link":"https://www.drupal.org/sa-core-2024-007","csirts_url":"https://www.csirts.com/advisory/drupal-core-moderately-critical-gadget-87139"},{"num":87140,"source_id":"drupal","external_id":"3488712 at https://www.drupal.org","title":"Drupal core - Less critical - Gadget chain - SA-CORE-2024-006","severity":"critical","cvss":null,"cves":["CVE-2024-55636"],"exploited":false,"has_exploit":false,"published_at":"2024-11-20T17:25:47+00:00","link":"https://www.drupal.org/sa-core-2024-006","csirts_url":"https://www.csirts.com/advisory/drupal-core-less-critical-gadget-chain-sa-87140"},{"num":227,"source_id":"cisa-kev","external_id":"CVE-2024-38812","title":"CVE-2024-38812: VMware vCenter Server Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38812"],"exploited":true,"has_exploit":false,"published_at":"2024-11-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38812","csirts_url":"https://www.csirts.com/advisory/cve-2024-38812-227"},{"num":2970,"source_id":"cisa-kev","external_id":"CVE-2024-38813","title":"CVE-2024-38813: VMware vCenter Server Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38813"],"exploited":true,"has_exploit":false,"published_at":"2024-11-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38813","csirts_url":"https://www.csirts.com/advisory/cve-2024-38813-2970"},{"num":228,"source_id":"cisa-kev","external_id":"CVE-2024-9474","title":"CVE-2024-9474: Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-9474"],"exploited":true,"has_exploit":true,"published_at":"2024-11-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-9474","csirts_url":"https://www.csirts.com/advisory/cve-2024-9474-228"},{"num":2973,"source_id":"cisa-kev","external_id":"CVE-2024-1212","title":"CVE-2024-1212: Progress Kemp LoadMaster OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-1212"],"exploited":true,"has_exploit":true,"published_at":"2024-11-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-1212","csirts_url":"https://www.csirts.com/advisory/cve-2024-1212-2973"},{"num":2972,"source_id":"cisa-kev","external_id":"CVE-2024-0012","title":"CVE-2024-0012: Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-0012"],"exploited":true,"has_exploit":true,"published_at":"2024-11-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-0012","csirts_url":"https://www.csirts.com/advisory/cve-2024-0012-2972"},{"num":245,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-015/","title":"[Update] Multiple vulnerabilities on the administration interface of Palo Alto Networks devices (November 15, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-0012","CVE-2024-9474"],"exploited":false,"has_exploit":true,"published_at":"2024-11-15T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-015/","csirts_url":"https://www.csirts.com/advisory/update-multiple-vulnerabilities-on-the-245"},{"num":2156,"source_id":"cisa-kev","external_id":"CVE-2024-9465","title":"CVE-2024-9465: Palo Alto Networks Expedition SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-9465"],"exploited":true,"has_exploit":true,"published_at":"2024-11-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-9465","csirts_url":"https://www.csirts.com/advisory/cve-2024-9465-2156"},{"num":230,"source_id":"cisa-kev","external_id":"CVE-2024-9463","title":"CVE-2024-9463: Palo Alto Networks Expedition OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-9463"],"exploited":true,"has_exploit":true,"published_at":"2024-11-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-9463","csirts_url":"https://www.csirts.com/advisory/cve-2024-9463-230"},{"num":87040,"source_id":"jenkins","external_id":"jenkins-advisory-2024-11-13","title":"Jenkins Security Advisory 2024-11-13","severity":"unknown","cvss":null,"cves":["CVE-2024-52549","CVE-2024-52550","CVE-2024-52551","CVE-2024-52552","CVE-2024-52553","CVE-2022-46751","CVE-2024-52554"],"exploited":false,"has_exploit":false,"published_at":"2024-11-13T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-11-13/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-11-13-87040"},{"num":86972,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-5-2-released/","title":"GitLab Patch Release: 17.5.2, 17.4.4, 17.3.7","severity":"critical","cvss":null,"cves":["CVE-2024-9693","CVE-2024-7404","CVE-2024-8648","CVE-2024-8180","CVE-2024-10240"],"exploited":false,"has_exploit":false,"published_at":"2024-11-13T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-5-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-5-2-17-4-4-17-3-7-86972"},{"num":2157,"source_id":"cisa-kev","external_id":"CVE-2021-41277","title":"CVE-2021-41277: Metabase GeoJSON API Local File Inclusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-41277"],"exploited":true,"has_exploit":true,"published_at":"2024-11-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-41277","csirts_url":"https://www.csirts.com/advisory/cve-2021-41277-2157"},{"num":2980,"source_id":"cisa-kev","external_id":"CVE-2021-26086","title":"CVE-2021-26086: Atlassian Jira Server and Data Center Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26086"],"exploited":true,"has_exploit":true,"published_at":"2024-11-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26086","csirts_url":"https://www.csirts.com/advisory/cve-2021-26086-2980"},{"num":2162,"source_id":"cisa-kev","external_id":"CVE-2024-43451","title":"CVE-2024-43451: Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-43451"],"exploited":true,"has_exploit":true,"published_at":"2024-11-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-43451","csirts_url":"https://www.csirts.com/advisory/cve-2024-43451-2162"},{"num":390,"source_id":"cisa-kev","external_id":"CVE-2014-2120","title":"CVE-2014-2120: Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-2120"],"exploited":true,"has_exploit":false,"published_at":"2024-11-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-2120","csirts_url":"https://www.csirts.com/advisory/cve-2014-2120-390"},{"num":2163,"source_id":"cisa-kev","external_id":"CVE-2024-49039","title":"CVE-2024-49039: Microsoft Windows Task Scheduler Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-49039"],"exploited":true,"has_exploit":true,"published_at":"2024-11-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-49039","csirts_url":"https://www.csirts.com/advisory/cve-2024-49039-2163"},{"num":2171,"source_id":"cisa-kev","external_id":"CVE-2024-5910","title":"CVE-2024-5910: Palo Alto Networks Expedition Missing Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-5910"],"exploited":true,"has_exploit":true,"published_at":"2024-11-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-5910","csirts_url":"https://www.csirts.com/advisory/cve-2024-5910-2171"},{"num":2164,"source_id":"cisa-kev","external_id":"CVE-2019-16278","title":"CVE-2019-16278: Nostromo nhttpd Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-16278"],"exploited":true,"has_exploit":true,"published_at":"2024-11-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-16278","csirts_url":"https://www.csirts.com/advisory/cve-2019-16278-2164"},{"num":2165,"source_id":"cisa-kev","external_id":"CVE-2024-51567","title":"CVE-2024-51567: CyberPanel Incorrect Default Permissions Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-51567"],"exploited":true,"has_exploit":true,"published_at":"2024-11-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-51567","csirts_url":"https://www.csirts.com/advisory/cve-2024-51567-2165"},{"num":2170,"source_id":"cisa-kev","external_id":"CVE-2024-43093","title":"CVE-2024-43093: Android Framework Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-43093"],"exploited":true,"has_exploit":false,"published_at":"2024-11-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-43093","csirts_url":"https://www.csirts.com/advisory/cve-2024-43093-2170"},{"num":2172,"source_id":"cisa-kev","external_id":"CVE-2024-8956","title":"CVE-2024-8956: PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-8956"],"exploited":true,"has_exploit":false,"published_at":"2024-11-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-8956","csirts_url":"https://www.csirts.com/advisory/cve-2024-8956-2172"},{"num":2173,"source_id":"cisa-kev","external_id":"CVE-2024-8957","title":"CVE-2024-8957: PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-8957"],"exploited":true,"has_exploit":false,"published_at":"2024-11-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-8957","csirts_url":"https://www.csirts.com/advisory/cve-2024-8957-2173"},{"num":2175,"source_id":"cisa-kev","external_id":"CVE-2024-20481","title":"CVE-2024-20481: Cisco ASA and FTD Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-20481"],"exploited":true,"has_exploit":false,"published_at":"2024-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-20481","csirts_url":"https://www.csirts.com/advisory/cve-2024-20481-2175"},{"num":2174,"source_id":"cisa-kev","external_id":"CVE-2024-37383","title":"CVE-2024-37383: RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-37383"],"exploited":true,"has_exploit":true,"published_at":"2024-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-37383","csirts_url":"https://www.csirts.com/advisory/cve-2024-37383-2174"},{"num":1926,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-014/","title":"[Update] Multiple vulnerabilities in Fortinet FortiManager (October 23, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-50566"],"exploited":false,"has_exploit":false,"published_at":"2024-10-23T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-014/","csirts_url":"https://www.csirts.com/advisory/update-multiple-vulnerabilities-in-1926"},{"num":2996,"source_id":"cisa-kev","external_id":"CVE-2024-47575","title":"CVE-2024-47575: Fortinet FortiManager Missing Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-47575"],"exploited":true,"has_exploit":true,"published_at":"2024-10-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-47575","csirts_url":"https://www.csirts.com/advisory/cve-2024-47575-2996"},{"num":86973,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-5-1-released/","title":"GitLab Patch Release: 17.5.1, 17.4.3, 17.3.6","severity":"critical","cvss":null,"cves":["CVE-2024-8312","CVE-2024-6826"],"exploited":false,"has_exploit":false,"published_at":"2024-10-23T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-5-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-5-1-17-4-3-17-3-6-86973"},{"num":2176,"source_id":"cisa-kev","external_id":"CVE-2024-38094","title":"CVE-2024-38094: Microsoft SharePoint Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38094"],"exploited":true,"has_exploit":false,"published_at":"2024-10-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38094","csirts_url":"https://www.csirts.com/advisory/cve-2024-38094-2176"},{"num":1944,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-013/","title":"Exploitation of vulnerabilities in Ivanti Cloud Services Appliance (CSA) (October 22, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-8190"],"exploited":true,"has_exploit":true,"published_at":"2024-10-22T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-013/","csirts_url":"https://www.csirts.com/advisory/exploitation-of-vulnerabilities-in-ivanti-1944"},{"num":2178,"source_id":"cisa-kev","external_id":"CVE-2024-9537","title":"CVE-2024-9537: ScienceLogic SL1 Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-9537"],"exploited":true,"has_exploit":false,"published_at":"2024-10-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-9537","csirts_url":"https://www.csirts.com/advisory/cve-2024-9537-2178"},{"num":393,"source_id":"cisa-kev","external_id":"CVE-2024-40711","title":"CVE-2024-40711: Veeam Backup and Replication Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-40711"],"exploited":true,"has_exploit":true,"published_at":"2024-10-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-40711","csirts_url":"https://www.csirts.com/advisory/cve-2024-40711-393"},{"num":394,"source_id":"cisa-kev","external_id":"CVE-2024-28987","title":"CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-28987"],"exploited":true,"has_exploit":true,"published_at":"2024-10-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-28987","csirts_url":"https://www.csirts.com/advisory/cve-2024-28987-394"},{"num":2181,"source_id":"cisa-kev","external_id":"CVE-2024-30088","title":"CVE-2024-30088: Microsoft Windows Kernel TOCTOU Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-30088"],"exploited":true,"has_exploit":true,"published_at":"2024-10-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-30088","csirts_url":"https://www.csirts.com/advisory/cve-2024-30088-2181"},{"num":2179,"source_id":"cisa-kev","external_id":"CVE-2024-9680","title":"CVE-2024-9680: Mozilla Firefox Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-9680"],"exploited":true,"has_exploit":true,"published_at":"2024-10-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-9680","csirts_url":"https://www.csirts.com/advisory/cve-2024-9680-2179"},{"num":86974,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-4-2-released/","title":"GitLab Critical Patch Release: 17.4.2, 17.3.5, 17.2.9","severity":"critical","cvss":null,"cves":["CVE-2024-9164","CVE-2024-8970","CVE-2024-8977","CVE-2024-9631","CVE-2024-6530","CVE-2024-9623","CVE-2024-5005","CVE-2024-9596"],"exploited":false,"has_exploit":false,"published_at":"2024-10-09T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-4-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-patch-release-17-4-2-17-3-86974"},{"num":2182,"source_id":"cisa-kev","external_id":"CVE-2024-9380","title":"CVE-2024-9380: Ivanti Cloud Services Appliance (CSA) OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-9380"],"exploited":true,"has_exploit":false,"published_at":"2024-10-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-9380","csirts_url":"https://www.csirts.com/advisory/cve-2024-9380-2182"},{"num":2184,"source_id":"cisa-kev","external_id":"CVE-2024-23113","title":"CVE-2024-23113: Fortinet Multiple Products Format String Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-23113"],"exploited":true,"has_exploit":true,"published_at":"2024-10-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-23113","csirts_url":"https://www.csirts.com/advisory/cve-2024-23113-2184"},{"num":2183,"source_id":"cisa-kev","external_id":"CVE-2024-9379","title":"CVE-2024-9379: Ivanti Cloud Services Appliance (CSA) SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-9379"],"exploited":true,"has_exploit":false,"published_at":"2024-10-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-9379","csirts_url":"https://www.csirts.com/advisory/cve-2024-9379-2183"},{"num":2189,"source_id":"cisa-kev","external_id":"CVE-2024-43572","title":"CVE-2024-43572: Microsoft Windows Management Console Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-43572"],"exploited":true,"has_exploit":false,"published_at":"2024-10-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-43572","csirts_url":"https://www.csirts.com/advisory/cve-2024-43572-2189"},{"num":2190,"source_id":"cisa-kev","external_id":"CVE-2024-43047","title":"CVE-2024-43047: Qualcomm Multiple Chipsets Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-43047"],"exploited":true,"has_exploit":false,"published_at":"2024-10-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-43047","csirts_url":"https://www.csirts.com/advisory/cve-2024-43047-2190"},{"num":2187,"source_id":"cisa-kev","external_id":"CVE-2024-43573","title":"CVE-2024-43573: Microsoft Windows MSHTML Platform Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-43573"],"exploited":true,"has_exploit":false,"published_at":"2024-10-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-43573","csirts_url":"https://www.csirts.com/advisory/cve-2024-43573-2187"},{"num":2191,"source_id":"cisa-kev","external_id":"CVE-2024-45519","title":"CVE-2024-45519: Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-45519"],"exploited":true,"has_exploit":true,"published_at":"2024-10-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-45519","csirts_url":"https://www.csirts.com/advisory/cve-2024-45519-2191"},{"num":87041,"source_id":"jenkins","external_id":"jenkins-advisory-2024-10-02","title":"Jenkins Security Advisory 2024-10-02","severity":"unknown","cvss":null,"cves":["CVE-2024-47803","CVE-2024-47804","CVE-2024-47805","CVE-2024-47806","CVE-2024-47807"],"exploited":false,"has_exploit":false,"published_at":"2024-10-02T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-10-02/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-10-02-87041"},{"num":2192,"source_id":"cisa-kev","external_id":"CVE-2024-29824","title":"CVE-2024-29824: Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-29824"],"exploited":true,"has_exploit":true,"published_at":"2024-10-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-29824","csirts_url":"https://www.csirts.com/advisory/cve-2024-29824-2192"},{"num":3015,"source_id":"cisa-kev","external_id":"CVE-2023-25280","title":"CVE-2023-25280: D-Link DIR-820 Router OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-25280"],"exploited":true,"has_exploit":true,"published_at":"2024-09-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-25280","csirts_url":"https://www.csirts.com/advisory/cve-2023-25280-3015"},{"num":3013,"source_id":"cisa-kev","external_id":"CVE-2020-15415","title":"CVE-2020-15415: DrayTek Multiple Vigor Routers OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-15415"],"exploited":true,"has_exploit":true,"published_at":"2024-09-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-15415","csirts_url":"https://www.csirts.com/advisory/cve-2020-15415-3013"},{"num":2194,"source_id":"cisa-kev","external_id":"CVE-2019-0344","title":"CVE-2019-0344: SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0344"],"exploited":true,"has_exploit":false,"published_at":"2024-09-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0344","csirts_url":"https://www.csirts.com/advisory/cve-2019-0344-2194"},{"num":1927,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-012/","title":"[Update] Vulnerabilities affecting OpenPrinting CUPS (September 27, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-47176","CVE-2024-47076","CVE-2024-47175","CVE-2024-47177"],"exploited":false,"has_exploit":false,"published_at":"2024-09-27T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-012/","csirts_url":"https://www.csirts.com/advisory/update-vulnerabilities-affecting-1927"},{"num":86976,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-4-1-released/","title":"GitLab Patch Release: 17.4.1, 17.3.4, 17.2.8","severity":"critical","cvss":null,"cves":["CVE-2024-4278","CVE-2024-4099","CVE-2024-8974"],"exploited":false,"has_exploit":false,"published_at":"2024-09-25T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-4-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-4-1-17-3-4-17-2-8-86976"},{"num":86975,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-10-10-released/","title":"GitLab Critical Patch Release: 16.10.10, 16.9.11, 16.8.10, 16.7.10, 16.6.10, 16.5.10, 16.4.7, 16.3.9, 16.2.11, 16.1.8, 16.0.10","severity":"critical","cvss":null,"cves":["CVE-2024-45409"],"exploited":false,"has_exploit":false,"published_at":"2024-09-25T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-10-10-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-patch-release-16-10-10-16-86975"},{"num":2195,"source_id":"cisa-kev","external_id":"CVE-2024-7593","title":"CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-7593"],"exploited":true,"has_exploit":true,"published_at":"2024-09-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-7593","csirts_url":"https://www.csirts.com/advisory/cve-2024-7593-2195"},{"num":2196,"source_id":"cisa-kev","external_id":"CVE-2024-8963","title":"CVE-2024-8963: Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-8963"],"exploited":true,"has_exploit":true,"published_at":"2024-09-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-8963","csirts_url":"https://www.csirts.com/advisory/cve-2024-8963-2196"},{"num":2198,"source_id":"cisa-kev","external_id":"CVE-2024-27348","title":"CVE-2024-27348: Apache HugeGraph-Server Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-27348"],"exploited":true,"has_exploit":true,"published_at":"2024-09-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-27348","csirts_url":"https://www.csirts.com/advisory/cve-2024-27348-2198"},{"num":396,"source_id":"cisa-kev","external_id":"CVE-2020-14644","title":"CVE-2020-14644: Oracle WebLogic Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-14644"],"exploited":true,"has_exploit":true,"published_at":"2024-09-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-14644","csirts_url":"https://www.csirts.com/advisory/cve-2020-14644-396"},{"num":397,"source_id":"cisa-kev","external_id":"CVE-2022-21445","title":"CVE-2022-21445: Oracle ADF Faces Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-21445"],"exploited":true,"has_exploit":true,"published_at":"2024-09-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-21445","csirts_url":"https://www.csirts.com/advisory/cve-2022-21445-397"},{"num":2197,"source_id":"cisa-kev","external_id":"CVE-2020-0618","title":"CVE-2020-0618: Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0618"],"exploited":true,"has_exploit":true,"published_at":"2024-09-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0618","csirts_url":"https://www.csirts.com/advisory/cve-2020-0618-2197"},{"num":2206,"source_id":"cisa-kev","external_id":"CVE-2014-0497","title":"CVE-2014-0497: Adobe Flash Player Integer Underflow Vulnerablity","severity":"critical","cvss":null,"cves":["CVE-2014-0497"],"exploited":true,"has_exploit":true,"published_at":"2024-09-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0497","csirts_url":"https://www.csirts.com/advisory/cve-2014-0497-2206"},{"num":86977,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-3-3-released/","title":"GitLab Critical Patch Release: 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10","severity":"critical","cvss":null,"cves":["CVE-2024-45409"],"exploited":false,"has_exploit":false,"published_at":"2024-09-17T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-3-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-patch-release-17-3-3-17-2-86977"},{"num":2503,"source_id":"cisa-kev","external_id":"CVE-2014-0502","title":"CVE-2014-0502: Adobe Flash Player Double Free Vulnerablity","severity":"critical","cvss":null,"cves":["CVE-2014-0502"],"exploited":true,"has_exploit":false,"published_at":"2024-09-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0502","csirts_url":"https://www.csirts.com/advisory/cve-2014-0502-2503"},{"num":2200,"source_id":"cisa-kev","external_id":"CVE-2013-0643","title":"CVE-2013-0643: Adobe Flash Player Incorrect Default Permissions Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0643"],"exploited":true,"has_exploit":false,"published_at":"2024-09-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0643","csirts_url":"https://www.csirts.com/advisory/cve-2013-0643-2200"},{"num":2199,"source_id":"cisa-kev","external_id":"CVE-2013-0648","title":"CVE-2013-0648: Adobe Flash Player Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0648"],"exploited":true,"has_exploit":false,"published_at":"2024-09-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0648","csirts_url":"https://www.csirts.com/advisory/cve-2013-0648-2199"},{"num":2212,"source_id":"cisa-kev","external_id":"CVE-2024-43461","title":"CVE-2024-43461: Microsoft Windows MSHTML Platform Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-43461"],"exploited":true,"has_exploit":false,"published_at":"2024-09-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-43461","csirts_url":"https://www.csirts.com/advisory/cve-2024-43461-2212"},{"num":2210,"source_id":"cisa-kev","external_id":"CVE-2024-6670","title":"CVE-2024-6670: Progress WhatsUp Gold SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-6670"],"exploited":true,"has_exploit":true,"published_at":"2024-09-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-6670","csirts_url":"https://www.csirts.com/advisory/cve-2024-6670-2210"},{"num":2217,"source_id":"cisa-kev","external_id":"CVE-2024-8190","title":"CVE-2024-8190: Ivanti Cloud Services Appliance OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-8190"],"exploited":true,"has_exploit":true,"published_at":"2024-09-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-8190","csirts_url":"https://www.csirts.com/advisory/cve-2024-8190-2217"},{"num":86978,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-3-2-released/","title":"GitLab Critical Patch Release: 17.3.2, 17.2.5, 17.1.7","severity":"critical","cvss":null,"cves":["CVE-2024-6678","CVE-2024-8640","CVE-2024-8635","CVE-2024-8124","CVE-2024-8641","CVE-2024-8311","CVE-2024-4660","CVE-2024-4283","CVE-2024-4612","CVE-2024-8631","CVE-2024-2743","CVE-2024-5435","CVE-2024-6389","CVE-2024-4472","CVE-2024-6446","CVE-2024-6685"],"exploited":false,"has_exploit":false,"published_at":"2024-09-11T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-3-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-patch-release-17-3-2-17-2-86978"},{"num":86979,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-11-9-released/","title":"GitLab Patch Release: 16.11.9","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2024-09-11T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-11-9-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-11-9-86979"},{"num":2276,"source_id":"cisa-kev","external_id":"CVE-2024-38014","title":"CVE-2024-38014: Microsoft Windows Installer Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38014"],"exploited":true,"has_exploit":false,"published_at":"2024-09-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38014","csirts_url":"https://www.csirts.com/advisory/cve-2024-38014-2276"},{"num":2218,"source_id":"cisa-kev","external_id":"CVE-2024-38217","title":"CVE-2024-38217: Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38217"],"exploited":true,"has_exploit":false,"published_at":"2024-09-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38217","csirts_url":"https://www.csirts.com/advisory/cve-2024-38217-2218"},{"num":2220,"source_id":"cisa-kev","external_id":"CVE-2024-38226","title":"CVE-2024-38226: Microsoft Publisher Protection Mechanism Failure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38226"],"exploited":true,"has_exploit":false,"published_at":"2024-09-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38226","csirts_url":"https://www.csirts.com/advisory/cve-2024-38226-2220"},{"num":1925,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-011/","title":"Vulnerability in SonicWall (September 10, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-40766"],"exploited":true,"has_exploit":false,"published_at":"2024-09-10T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-011/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-sonicwall-september-10-1925"},{"num":398,"source_id":"cisa-kev","external_id":"CVE-2017-1000253","title":"CVE-2017-1000253: Linux Kernel PIE Stack Buffer Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-1000253"],"exploited":true,"has_exploit":true,"published_at":"2024-09-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000253","csirts_url":"https://www.csirts.com/advisory/cve-2017-1000253-398"},{"num":2233,"source_id":"cisa-kev","external_id":"CVE-2024-40766","title":"CVE-2024-40766: SonicWall SonicOS Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-40766"],"exploited":true,"has_exploit":false,"published_at":"2024-09-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-40766","csirts_url":"https://www.csirts.com/advisory/cve-2024-40766-2233"},{"num":2234,"source_id":"cisa-kev","external_id":"CVE-2016-3714","title":"CVE-2016-3714: ImageMagick Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3714"],"exploited":true,"has_exploit":true,"published_at":"2024-09-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3714","csirts_url":"https://www.csirts.com/advisory/cve-2016-3714-2234"},{"num":2238,"source_id":"cisa-kev","external_id":"CVE-2021-20123","title":"CVE-2021-20123: Draytek VigorConnect Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20123"],"exploited":true,"has_exploit":true,"published_at":"2024-09-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20123","csirts_url":"https://www.csirts.com/advisory/cve-2021-20123-2238"},{"num":2237,"source_id":"cisa-kev","external_id":"CVE-2021-20124","title":"CVE-2021-20124: Draytek VigorConnect Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20124"],"exploited":true,"has_exploit":true,"published_at":"2024-09-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20124","csirts_url":"https://www.csirts.com/advisory/cve-2021-20124-2237"},{"num":2235,"source_id":"cisa-kev","external_id":"CVE-2024-7262","title":"CVE-2024-7262: Kingsoft WPS Office Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-7262"],"exploited":true,"has_exploit":false,"published_at":"2024-09-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-7262","csirts_url":"https://www.csirts.com/advisory/cve-2024-7262-2235"},{"num":2242,"source_id":"cisa-kev","external_id":"CVE-2024-7965","title":"CVE-2024-7965: Google Chromium V8 Inappropriate Implementation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-7965"],"exploited":true,"has_exploit":true,"published_at":"2024-08-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-7965","csirts_url":"https://www.csirts.com/advisory/cve-2024-7965-2242"},{"num":2243,"source_id":"cisa-kev","external_id":"CVE-2024-38856","title":"CVE-2024-38856: Apache OFBiz Incorrect Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38856"],"exploited":true,"has_exploit":true,"published_at":"2024-08-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38856","csirts_url":"https://www.csirts.com/advisory/cve-2024-38856-2243"},{"num":2246,"source_id":"cisa-kev","external_id":"CVE-2024-7971","title":"CVE-2024-7971: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-7971"],"exploited":true,"has_exploit":true,"published_at":"2024-08-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-7971","csirts_url":"https://www.csirts.com/advisory/cve-2024-7971-2246"},{"num":2249,"source_id":"cisa-kev","external_id":"CVE-2024-39717","title":"CVE-2024-39717: Versa Director Dangerous File Type Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-39717"],"exploited":true,"has_exploit":false,"published_at":"2024-08-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-39717","csirts_url":"https://www.csirts.com/advisory/cve-2024-39717-2249"},{"num":2251,"source_id":"cisa-kev","external_id":"CVE-2022-0185","title":"CVE-2022-0185: Linux Kernel Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-0185"],"exploited":true,"has_exploit":true,"published_at":"2024-08-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-0185","csirts_url":"https://www.csirts.com/advisory/cve-2022-0185-2251"},{"num":86980,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-3-1-released/","title":"GitLab Patch Release: 17.3.1, 17.2.4, 17.1.6","severity":"critical","cvss":null,"cves":["CVE-2024-6502","CVE-2024-8041","CVE-2024-7110","CVE-2024-3127"],"exploited":false,"has_exploit":false,"published_at":"2024-08-21T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-3-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-3-1-17-2-4-17-1-6-86980"},{"num":3048,"source_id":"cisa-kev","external_id":"CVE-2021-33044","title":"CVE-2021-33044: Dahua IP Camera Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-33044"],"exploited":true,"has_exploit":true,"published_at":"2024-08-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-33044","csirts_url":"https://www.csirts.com/advisory/cve-2021-33044-3048"},{"num":2434,"source_id":"cisa-kev","external_id":"CVE-2021-31196","title":"CVE-2021-31196: Microsoft Exchange Server Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31196"],"exploited":true,"has_exploit":true,"published_at":"2024-08-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31196","csirts_url":"https://www.csirts.com/advisory/cve-2021-31196-2434"},{"num":2252,"source_id":"cisa-kev","external_id":"CVE-2021-33045","title":"CVE-2021-33045: Dahua IP Camera Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-33045"],"exploited":true,"has_exploit":true,"published_at":"2024-08-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-33045","csirts_url":"https://www.csirts.com/advisory/cve-2021-33045-2252"},{"num":3049,"source_id":"cisa-kev","external_id":"CVE-2024-23897","title":"CVE-2024-23897: Jenkins Command Line Interface (CLI) Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-23897"],"exploited":true,"has_exploit":true,"published_at":"2024-08-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-23897","csirts_url":"https://www.csirts.com/advisory/cve-2024-23897-3049"},{"num":2253,"source_id":"cisa-kev","external_id":"CVE-2024-28986","title":"CVE-2024-28986: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-28986"],"exploited":true,"has_exploit":true,"published_at":"2024-08-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-28986","csirts_url":"https://www.csirts.com/advisory/cve-2024-28986-2253"},{"num":399,"source_id":"cisa-kev","external_id":"CVE-2024-38213","title":"CVE-2024-38213: Microsoft Windows SmartScreen Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38213"],"exploited":true,"has_exploit":false,"published_at":"2024-08-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38213","csirts_url":"https://www.csirts.com/advisory/cve-2024-38213-399"},{"num":2262,"source_id":"cisa-kev","external_id":"CVE-2024-38106","title":"CVE-2024-38106: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38106"],"exploited":true,"has_exploit":false,"published_at":"2024-08-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38106","csirts_url":"https://www.csirts.com/advisory/cve-2024-38106-2262"},{"num":2256,"source_id":"cisa-kev","external_id":"CVE-2024-38107","title":"CVE-2024-38107: Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38107"],"exploited":true,"has_exploit":false,"published_at":"2024-08-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38107","csirts_url":"https://www.csirts.com/advisory/cve-2024-38107-2256"},{"num":2264,"source_id":"cisa-kev","external_id":"CVE-2024-38178","title":"CVE-2024-38178: Microsoft Windows Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38178"],"exploited":true,"has_exploit":false,"published_at":"2024-08-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38178","csirts_url":"https://www.csirts.com/advisory/cve-2024-38178-2264"},{"num":2265,"source_id":"cisa-kev","external_id":"CVE-2024-38189","title":"CVE-2024-38189: Microsoft Project Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38189"],"exploited":true,"has_exploit":false,"published_at":"2024-08-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38189","csirts_url":"https://www.csirts.com/advisory/cve-2024-38189-2265"},{"num":2263,"source_id":"cisa-kev","external_id":"CVE-2024-38193","title":"CVE-2024-38193: Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38193"],"exploited":true,"has_exploit":true,"published_at":"2024-08-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38193","csirts_url":"https://www.csirts.com/advisory/cve-2024-38193-2263"},{"num":1896,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-010/","title":"Multiple vulnerabilities in Roundcube (August 9, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-42008","CVE-2024-42009"],"exploited":true,"has_exploit":true,"published_at":"2024-08-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-010/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-roundcube-1896"},{"num":87042,"source_id":"jenkins","external_id":"jenkins-advisory-2024-08-07","title":"Jenkins Security Advisory 2024-08-07","severity":"unknown","cvss":null,"cves":["CVE-2024-43044","CVE-2024-43045"],"exploited":false,"has_exploit":false,"published_at":"2024-08-07T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-08-07/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-08-07-87042"},{"num":86981,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-2-2-released/","title":"GitLab Patch Release: 17.2.2, 17.1.4, 17.0.6","severity":"critical","cvss":null,"cves":["CVE-2024-3035","CVE-2024-6356","CVE-2024-5423","CVE-2024-4210","CVE-2024-2800","CVE-2024-6329","CVE-2024-4207","CVE-2024-3958","CVE-2024-4784","CVE-2024-3114","CVE-2024-7586"],"exploited":false,"has_exploit":false,"published_at":"2024-08-07T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-2-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-2-2-17-1-4-17-0-6-86981"},{"num":2268,"source_id":"cisa-kev","external_id":"CVE-2024-36971","title":"CVE-2024-36971: Android Kernel Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-36971"],"exploited":true,"has_exploit":true,"published_at":"2024-08-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-36971","csirts_url":"https://www.csirts.com/advisory/cve-2024-36971-2268"},{"num":2267,"source_id":"cisa-kev","external_id":"CVE-2024-32113","title":"CVE-2024-32113: Apache OFBiz Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-32113"],"exploited":true,"has_exploit":true,"published_at":"2024-08-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-32113","csirts_url":"https://www.csirts.com/advisory/cve-2024-32113-2267"},{"num":2269,"source_id":"cisa-kev","external_id":"CVE-2018-0824","title":"CVE-2018-0824: Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0824"],"exploited":true,"has_exploit":true,"published_at":"2024-08-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0824","csirts_url":"https://www.csirts.com/advisory/cve-2018-0824-2269"},{"num":2270,"source_id":"cisa-kev","external_id":"CVE-2024-37085","title":"CVE-2024-37085: VMware ESXi Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-37085"],"exploited":true,"has_exploit":true,"published_at":"2024-07-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-37085","csirts_url":"https://www.csirts.com/advisory/cve-2024-37085-2270"},{"num":3064,"source_id":"cisa-kev","external_id":"CVE-2024-5217","title":"CVE-2024-5217: ServiceNow Incomplete List of Disallowed Inputs Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-5217"],"exploited":true,"has_exploit":true,"published_at":"2024-07-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-5217","csirts_url":"https://www.csirts.com/advisory/cve-2024-5217-3064"},{"num":2271,"source_id":"cisa-kev","external_id":"CVE-2023-45249","title":"CVE-2023-45249: Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-45249"],"exploited":true,"has_exploit":true,"published_at":"2024-07-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-45249","csirts_url":"https://www.csirts.com/advisory/cve-2023-45249-2271"},{"num":3066,"source_id":"cisa-kev","external_id":"CVE-2024-4879","title":"CVE-2024-4879: ServiceNow Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4879"],"exploited":true,"has_exploit":true,"published_at":"2024-07-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4879","csirts_url":"https://www.csirts.com/advisory/cve-2024-4879-3066"},{"num":86982,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-2-1-released/","title":"GitLab Patch Release: 17.2.1, 17.1.3, 17.0.5","severity":"critical","cvss":null,"cves":["CVE-2024-5067","CVE-2024-7057","CVE-2024-0231"],"exploited":false,"has_exploit":false,"published_at":"2024-07-24T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-2-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-2-1-17-1-3-17-0-5-86982"},{"num":3068,"source_id":"cisa-kev","external_id":"CVE-2024-39891","title":"CVE-2024-39891: Twilio Authy Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-39891"],"exploited":true,"has_exploit":false,"published_at":"2024-07-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-39891","csirts_url":"https://www.csirts.com/advisory/cve-2024-39891-3068"},{"num":3069,"source_id":"cisa-kev","external_id":"CVE-2012-4792","title":"CVE-2012-4792: Microsoft Internet Explorer Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-4792"],"exploited":true,"has_exploit":true,"published_at":"2024-07-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-4792","csirts_url":"https://www.csirts.com/advisory/cve-2012-4792-3069"},{"num":2272,"source_id":"cisa-kev","external_id":"CVE-2024-34102","title":"CVE-2024-34102: Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-34102"],"exploited":true,"has_exploit":true,"published_at":"2024-07-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-34102","csirts_url":"https://www.csirts.com/advisory/cve-2024-34102-2272"},{"num":1261,"source_id":"cisa-kev","external_id":"CVE-2024-28995","title":"CVE-2024-28995: SolarWinds Serv-U Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-28995"],"exploited":true,"has_exploit":true,"published_at":"2024-07-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-28995","csirts_url":"https://www.csirts.com/advisory/cve-2024-28995-1261"},{"num":1232,"source_id":"cisa-kev","external_id":"CVE-2022-22948","title":"CVE-2022-22948: VMware vCenter Server Incorrect Default File Permissions Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22948"],"exploited":true,"has_exploit":true,"published_at":"2024-07-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22948","csirts_url":"https://www.csirts.com/advisory/cve-2022-22948-1232"},{"num":2273,"source_id":"cisa-kev","external_id":"CVE-2024-36401","title":"CVE-2024-36401: OSGeo GeoServer GeoTools Eval Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-36401"],"exploited":true,"has_exploit":true,"published_at":"2024-07-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-36401","csirts_url":"https://www.csirts.com/advisory/cve-2024-36401-2273"},{"num":86983,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-1-2-released/","title":"GitLab Critical Patch Release: 17.1.2, 17.0.4, 16.11.6","severity":"critical","cvss":null,"cves":["CVE-2024-6385","CVE-2024-5257","CVE-2024-5470","CVE-2024-6595","CVE-2024-2880","CVE-2024-5528"],"exploited":false,"has_exploit":false,"published_at":"2024-07-10T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-1-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-patch-release-17-1-2-17-0-86983"},{"num":2277,"source_id":"cisa-kev","external_id":"CVE-2024-23692","title":"CVE-2024-23692: Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-23692"],"exploited":true,"has_exploit":true,"published_at":"2024-07-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-23692","csirts_url":"https://www.csirts.com/advisory/cve-2024-23692-2277"},{"num":3070,"source_id":"cisa-kev","external_id":"CVE-2024-38112","title":"CVE-2024-38112: Microsoft Windows MSHTML Platform Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38112"],"exploited":true,"has_exploit":true,"published_at":"2024-07-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38112","csirts_url":"https://www.csirts.com/advisory/cve-2024-38112-3070"},{"num":2278,"source_id":"cisa-kev","external_id":"CVE-2024-38080","title":"CVE-2024-38080: Microsoft Windows Hyper-V Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-38080"],"exploited":true,"has_exploit":true,"published_at":"2024-07-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-38080","csirts_url":"https://www.csirts.com/advisory/cve-2024-38080-2278"},{"num":3071,"source_id":"cisa-kev","external_id":"CVE-2024-20399","title":"CVE-2024-20399: Cisco NX-OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-20399"],"exploited":true,"has_exploit":true,"published_at":"2024-07-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-20399","csirts_url":"https://www.csirts.com/advisory/cve-2024-20399-3071"},{"num":1954,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-009/","title":"Vulnerability in OpenSSH (July 1, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-6387"],"exploited":false,"has_exploit":false,"published_at":"2024-07-01T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-009/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-openssh-july-1-2024-1954"},{"num":87043,"source_id":"jenkins","external_id":"jenkins-advisory-2024-06-26","title":"Jenkins Security Advisory 2024-06-26","severity":"unknown","cvss":null,"cves":["CVE-2024-39458","CVE-2024-39459","CVE-2024-39460"],"exploited":false,"has_exploit":false,"published_at":"2024-06-26T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-06-26/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-06-26-87043"},{"num":2280,"source_id":"cisa-kev","external_id":"CVE-2020-13965","title":"CVE-2020-13965: Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-13965"],"exploited":true,"has_exploit":true,"published_at":"2024-06-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-13965","csirts_url":"https://www.csirts.com/advisory/cve-2020-13965-2280"},{"num":2286,"source_id":"cisa-kev","external_id":"CVE-2022-24816","title":"CVE-2022-24816: OSGeo GeoServer JAI-EXT Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-24816"],"exploited":true,"has_exploit":true,"published_at":"2024-06-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-24816","csirts_url":"https://www.csirts.com/advisory/cve-2022-24816-2286"},{"num":86984,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-1-1-released/","title":"GitLab Critical Patch Release: 17.1.1, 17.0.3, 16.11.5","severity":"critical","cvss":null,"cves":["CVE-2024-5655","CVE-2024-4901","CVE-2024-4994","CVE-2024-6323","CVE-2024-2177","CVE-2024-5430","CVE-2024-4025","CVE-2024-3959","CVE-2024-4557","CVE-2024-1493","CVE-2024-1816","CVE-2024-2191","CVE-2024-3115","CVE-2024-4011"],"exploited":false,"has_exploit":false,"published_at":"2024-06-26T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-1-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-patch-release-17-1-1-17-0-86984"},{"num":2285,"source_id":"cisa-kev","external_id":"CVE-2022-2586","title":"CVE-2022-2586: Linux Kernel Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-2586"],"exploited":true,"has_exploit":true,"published_at":"2024-06-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-2586","csirts_url":"https://www.csirts.com/advisory/cve-2022-2586-2285"},{"num":2288,"source_id":"cisa-kev","external_id":"CVE-2024-26169","title":"CVE-2024-26169: Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-26169"],"exploited":true,"has_exploit":true,"published_at":"2024-06-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-26169","csirts_url":"https://www.csirts.com/advisory/cve-2024-26169-2288"},{"num":2287,"source_id":"cisa-kev","external_id":"CVE-2024-4358","title":"CVE-2024-4358: Progress Telerik Report Server Authentication Bypass by Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4358"],"exploited":true,"has_exploit":true,"published_at":"2024-06-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4358","csirts_url":"https://www.csirts.com/advisory/cve-2024-4358-2287"},{"num":2290,"source_id":"cisa-kev","external_id":"CVE-2024-32896","title":"CVE-2024-32896: Android Pixel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-32896"],"exploited":true,"has_exploit":false,"published_at":"2024-06-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-32896","csirts_url":"https://www.csirts.com/advisory/cve-2024-32896-2290"},{"num":86985,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-0-2-released/","title":"GitLab Patch Release: 17.0.2, 16.11.4, 16.10.7","severity":"critical","cvss":null,"cves":["CVE-2024-1495","CVE-2024-1736","CVE-2024-1963","CVE-2024-4201","CVE-2024-5469"],"exploited":false,"has_exploit":false,"published_at":"2024-06-12T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-0-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-0-2-16-11-4-16-10-86985"},{"num":2296,"source_id":"cisa-kev","external_id":"CVE-2024-4610","title":"CVE-2024-4610: Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4610"],"exploited":true,"has_exploit":false,"published_at":"2024-06-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4610","csirts_url":"https://www.csirts.com/advisory/cve-2024-4610-2296"},{"num":2295,"source_id":"cisa-kev","external_id":"CVE-2024-4577","title":"CVE-2024-4577: PHP-CGI OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4577"],"exploited":true,"has_exploit":true,"published_at":"2024-06-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4577","csirts_url":"https://www.csirts.com/advisory/cve-2024-4577-2295"},{"num":2298,"source_id":"cisa-kev","external_id":"CVE-2017-3506","title":"CVE-2017-3506: Oracle WebLogic Server OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-3506"],"exploited":true,"has_exploit":true,"published_at":"2024-06-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-3506","csirts_url":"https://www.csirts.com/advisory/cve-2017-3506-2298"},{"num":2300,"source_id":"cisa-kev","external_id":"CVE-2024-1086","title":"CVE-2024-1086: Linux Kernel Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-1086"],"exploited":true,"has_exploit":true,"published_at":"2024-05-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-1086","csirts_url":"https://www.csirts.com/advisory/cve-2024-1086-2300"},{"num":1895,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-008/","title":"[Update] Vulnerability in Check Point products (May 30, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-24919"],"exploited":false,"has_exploit":true,"published_at":"2024-05-30T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-008/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-check-point-1895"},{"num":2307,"source_id":"cisa-kev","external_id":"CVE-2024-24919","title":"CVE-2024-24919: Check Point Quantum Security Gateways Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-24919"],"exploited":true,"has_exploit":true,"published_at":"2024-05-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-24919","csirts_url":"https://www.csirts.com/advisory/cve-2024-24919-2307"},{"num":2318,"source_id":"cisa-kev","external_id":"CVE-2024-4978","title":"CVE-2024-4978: Justice AV Solutions (JAVS) Viewer Installer Embedded Malicious Code Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4978"],"exploited":true,"has_exploit":false,"published_at":"2024-05-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4978","csirts_url":"https://www.csirts.com/advisory/cve-2024-4978-2318"},{"num":2319,"source_id":"cisa-kev","external_id":"CVE-2024-5274","title":"CVE-2024-5274: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-5274"],"exploited":true,"has_exploit":true,"published_at":"2024-05-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-5274","csirts_url":"https://www.csirts.com/advisory/cve-2024-5274-2319"},{"num":87044,"source_id":"jenkins","external_id":"jenkins-advisory-2024-05-24","title":"Jenkins Security Advisory 2024-05-24","severity":"unknown","cvss":null,"cves":["CVE-2024-28793","CVE-2024-4189","CVE-2024-4184","CVE-2024-4690","CVE-2024-4211","CVE-2024-4691","CVE-2024-4692","CVE-2024-5273"],"exploited":false,"has_exploit":false,"published_at":"2024-05-24T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-05-24/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-05-24-87044"},{"num":1276,"source_id":"cisa-kev","external_id":"CVE-2020-17519","title":"CVE-2020-17519: Apache Flink Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-17519"],"exploited":true,"has_exploit":true,"published_at":"2024-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-17519","csirts_url":"https://www.csirts.com/advisory/cve-2020-17519-1276"},{"num":86986,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-0-1-released/","title":"GitLab Patch Release: 17.0.1, 16.11.3, 16.10.6","severity":"critical","cvss":null,"cves":["CVE-2024-4835","CVE-2024-2874","CVE-2023-7045","CVE-2024-5258","CVE-2023-6502","CVE-2024-1947","CVE-2024-5318","CVE-2024-4367"],"exploited":false,"has_exploit":false,"published_at":"2024-05-22T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-17-0-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-17-0-1-16-11-3-16-10-86986"},{"num":2325,"source_id":"cisa-kev","external_id":"CVE-2024-4947","title":"CVE-2024-4947: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4947"],"exploited":true,"has_exploit":true,"published_at":"2024-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4947","csirts_url":"https://www.csirts.com/advisory/cve-2024-4947-2325"},{"num":2333,"source_id":"cisa-kev","external_id":"CVE-2023-43208","title":"CVE-2023-43208: NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-43208"],"exploited":true,"has_exploit":true,"published_at":"2024-05-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-43208","csirts_url":"https://www.csirts.com/advisory/cve-2023-43208-2333"},{"num":2334,"source_id":"cisa-kev","external_id":"CVE-2024-4761","title":"CVE-2024-4761: Google Chromium V8 Out-of-Bounds Memory Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4761"],"exploited":true,"has_exploit":true,"published_at":"2024-05-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4761","csirts_url":"https://www.csirts.com/advisory/cve-2024-4761-2334"},{"num":493,"source_id":"cisa-kev","external_id":"CVE-2014-100005","title":"CVE-2014-100005: D-Link DIR-600 Router Cross-Site Request Forgery (CSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-100005"],"exploited":true,"has_exploit":true,"published_at":"2024-05-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-100005","csirts_url":"https://www.csirts.com/advisory/cve-2014-100005-493"},{"num":490,"source_id":"cisa-kev","external_id":"CVE-2021-40655","title":"CVE-2021-40655: D-Link DIR-605 Router Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-40655"],"exploited":true,"has_exploit":true,"published_at":"2024-05-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-40655","csirts_url":"https://www.csirts.com/advisory/cve-2021-40655-490"},{"num":2335,"source_id":"cisa-kev","external_id":"CVE-2024-30051","title":"CVE-2024-30051: Microsoft DWM Core Library Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-30051"],"exploited":true,"has_exploit":true,"published_at":"2024-05-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-30051","csirts_url":"https://www.csirts.com/advisory/cve-2024-30051-2335"},{"num":496,"source_id":"cisa-kev","external_id":"CVE-2024-30040","title":"CVE-2024-30040: Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-30040"],"exploited":true,"has_exploit":false,"published_at":"2024-05-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-30040","csirts_url":"https://www.csirts.com/advisory/cve-2024-30040-496"},{"num":2338,"source_id":"cisa-kev","external_id":"CVE-2024-4671","title":"CVE-2024-4671: Google Chromium Visuals Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4671"],"exploited":true,"has_exploit":false,"published_at":"2024-05-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4671","csirts_url":"https://www.csirts.com/advisory/cve-2024-4671-2338"},{"num":86987,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-9-8-released/","title":"GitLab Patch Release: 16.9.8","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2024-05-09T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-9-8-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-9-8-86987"},{"num":86988,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-11-2-released/","title":"GitLab Patch Release: 16.11.2, 16.10.5, 16.9.7","severity":"critical","cvss":null,"cves":["CVE-2024-2878","CVE-2024-2651","CVE-2023-6682","CVE-2023-6688","CVE-2024-2454","CVE-2024-4539","CVE-2024-4597","CVE-2024-1539","CVE-2024-1211","CVE-2024-3976","CVE-2023-6195"],"exploited":false,"has_exploit":false,"published_at":"2024-05-08T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-11-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-11-2-16-10-5-16-9-86988"},{"num":87045,"source_id":"jenkins","external_id":"jenkins-advisory-2024-05-02","title":"Jenkins Security Advisory 2024-05-02","severity":"unknown","cvss":null,"cves":["CVE-2024-34144","CVE-2024-34145","CVE-2024-34146","CVE-2024-34147","CVE-2024-34148","CVE-2016-3721"],"exploited":false,"has_exploit":false,"published_at":"2024-05-02T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-05-02/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-05-02-87045"},{"num":2339,"source_id":"cisa-kev","external_id":"CVE-2023-7028","title":"CVE-2023-7028: GitLab Community and Enterprise Editions Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-7028"],"exploited":true,"has_exploit":true,"published_at":"2024-05-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-7028","csirts_url":"https://www.csirts.com/advisory/cve-2023-7028-2339"},{"num":2313,"source_id":"cisa-kev","external_id":"CVE-2024-29988","title":"CVE-2024-29988: Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-29988"],"exploited":true,"has_exploit":true,"published_at":"2024-04-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-29988","csirts_url":"https://www.csirts.com/advisory/cve-2024-29988-2313"},{"num":1894,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-007/","title":"Multiple vulnerabilities in Cisco products (April 25, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-20353","CVE-2024-20359"],"exploited":true,"has_exploit":false,"published_at":"2024-04-25T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-007/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-cisco-1894"},{"num":2340,"source_id":"cisa-kev","external_id":"CVE-2024-4040","title":"CVE-2024-4040: CrushFTP VFS Sandbox Escape Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-4040"],"exploited":true,"has_exploit":true,"published_at":"2024-04-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-4040","csirts_url":"https://www.csirts.com/advisory/cve-2024-4040-2340"},{"num":2350,"source_id":"cisa-kev","external_id":"CVE-2024-20353","title":"CVE-2024-20353: Cisco ASA and FTD Denial of Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-20353"],"exploited":true,"has_exploit":false,"published_at":"2024-04-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-20353","csirts_url":"https://www.csirts.com/advisory/cve-2024-20353-2350"},{"num":2345,"source_id":"cisa-kev","external_id":"CVE-2024-20359","title":"CVE-2024-20359: Cisco ASA and FTD Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-20359"],"exploited":true,"has_exploit":false,"published_at":"2024-04-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-20359","csirts_url":"https://www.csirts.com/advisory/cve-2024-20359-2345"},{"num":86989,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-11-1-released/","title":"GitLab Patch Release: 16.11.1, 16.10.4, 16.9.6","severity":"critical","cvss":null,"cves":["CVE-2024-4024","CVE-2024-2434","CVE-2024-2829","CVE-2024-4006","CVE-2024-1347"],"exploited":false,"has_exploit":false,"published_at":"2024-04-24T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-11-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-11-1-16-10-4-16-9-86989"},{"num":2447,"source_id":"cisa-kev","external_id":"CVE-2022-38028","title":"CVE-2022-38028: Microsoft Windows Print Spooler Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-38028"],"exploited":true,"has_exploit":false,"published_at":"2024-04-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-38028","csirts_url":"https://www.csirts.com/advisory/cve-2022-38028-2447"},{"num":87046,"source_id":"jenkins","external_id":"jenkins-advisory-2024-04-17","title":"Jenkins Security Advisory 2024-04-17","severity":"unknown","cvss":null,"cves":["CVE-2023-48795"],"exploited":false,"has_exploit":false,"published_at":"2024-04-17T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-04-17/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-04-17-87046"},{"num":86990,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-10-3-released/","title":"GitLab Patch Release: 16.10.3, 16.9.5, 16.8.7","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2024-04-15T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-10-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-10-3-16-9-5-16-8-7-86990"},{"num":2351,"source_id":"cisa-kev","external_id":"CVE-2024-3400","title":"CVE-2024-3400: Palo Alto Networks PAN-OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-3400"],"exploited":true,"has_exploit":true,"published_at":"2024-04-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-3400","csirts_url":"https://www.csirts.com/advisory/cve-2024-3400-2351"},{"num":999,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-006/","title":"[Update] Vulnerability in Palo Alto Networks GlobalProtect (April 12, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-3400"],"exploited":false,"has_exploit":true,"published_at":"2024-04-12T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-006/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-palo-alto-999"},{"num":403,"source_id":"cisa-kev","external_id":"CVE-2024-3272","title":"CVE-2024-3272: D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-3272"],"exploited":true,"has_exploit":true,"published_at":"2024-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-3272","csirts_url":"https://www.csirts.com/advisory/cve-2024-3272-403"},{"num":402,"source_id":"cisa-kev","external_id":"CVE-2024-3273","title":"CVE-2024-3273: D-Link Multiple NAS Devices Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-3273"],"exploited":true,"has_exploit":true,"published_at":"2024-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-3273","csirts_url":"https://www.csirts.com/advisory/cve-2024-3273-402"},{"num":86991,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-10-2-released/","title":"GitLab Patch Release: 16.10.2, 16.9.4, 16.8.6","severity":"critical","cvss":null,"cves":["CVE-2024-3092","CVE-2024-2279","CVE-2023-6489","CVE-2023-6678"],"exploited":false,"has_exploit":false,"published_at":"2024-04-10T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-10-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-10-2-16-9-4-16-8-6-86991"},{"num":2326,"source_id":"cisa-kev","external_id":"CVE-2024-29748","title":"CVE-2024-29748: Android Pixel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-29748"],"exploited":true,"has_exploit":false,"published_at":"2024-04-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-29748","csirts_url":"https://www.csirts.com/advisory/cve-2024-29748-2326"},{"num":2352,"source_id":"cisa-kev","external_id":"CVE-2024-29745","title":"CVE-2024-29745: Android Pixel Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-29745"],"exploited":true,"has_exploit":false,"published_at":"2024-04-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-29745","csirts_url":"https://www.csirts.com/advisory/cve-2024-29745-2352"},{"num":86992,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-10-1-released/","title":"GitLab Security Release: 16.10.1, 16.9.3, 16.8.5","severity":"critical","cvss":null,"cves":["CVE-2023-6371","CVE-2024-2818"],"exploited":false,"has_exploit":false,"published_at":"2024-03-27T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-10-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-10-1-16-9-3-16-86992"},{"num":3098,"source_id":"cisa-kev","external_id":"CVE-2023-24955","title":"CVE-2023-24955: Microsoft SharePoint Server Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-24955"],"exploited":true,"has_exploit":true,"published_at":"2024-03-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-24955","csirts_url":"https://www.csirts.com/advisory/cve-2023-24955-3098"},{"num":3105,"source_id":"cisa-kev","external_id":"CVE-2021-44529","title":"CVE-2021-44529: Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-44529"],"exploited":true,"has_exploit":true,"published_at":"2024-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-44529","csirts_url":"https://www.csirts.com/advisory/cve-2021-44529-3105"},{"num":2188,"source_id":"cisa-kev","external_id":"CVE-2019-7256","title":"CVE-2019-7256: Nice Linear eMerge E3-Series OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7256"],"exploited":true,"has_exploit":true,"published_at":"2024-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7256","csirts_url":"https://www.csirts.com/advisory/cve-2019-7256-2188"},{"num":3106,"source_id":"cisa-kev","external_id":"CVE-2023-48788","title":"CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-48788"],"exploited":true,"has_exploit":true,"published_at":"2024-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-48788","csirts_url":"https://www.csirts.com/advisory/cve-2023-48788-3106"},{"num":87047,"source_id":"jenkins","external_id":"jenkins-advisory-2024-03-20","title":"Jenkins Security Advisory 2024-03-20","severity":"unknown","cvss":null,"cves":["CVE-2024-22201"],"exploited":false,"has_exploit":false,"published_at":"2024-03-20T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-03-20/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-03-20-87047"},{"num":2353,"source_id":"cisa-kev","external_id":"CVE-2024-27198","title":"CVE-2024-27198: JetBrains TeamCity Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-27198"],"exploited":true,"has_exploit":true,"published_at":"2024-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-27198","csirts_url":"https://www.csirts.com/advisory/cve-2024-27198-2353"},{"num":87048,"source_id":"jenkins","external_id":"jenkins-advisory-2024-03-06","title":"Jenkins Security Advisory 2024-03-06","severity":"unknown","cvss":null,"cves":["CVE-2023-48795","CVE-2024-28149","CVE-2024-28150","CVE-2024-28151","CVE-2024-28152","CVE-2024-28153","CVE-2024-28154","CVE-2024-28155","CVE-2024-28161","CVE-2024-28162","CVE-2024-2215","CVE-2024-2216","CVE-2024-28156","CVE-2024-28157","CVE-2024-28158","CVE-2024-28159","CVE-2024-28160"],"exploited":false,"has_exploit":false,"published_at":"2024-03-06T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-03-06/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-03-06-87048"},{"num":2354,"source_id":"cisa-kev","external_id":"CVE-2024-23225","title":"CVE-2024-23225: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-23225"],"exploited":true,"has_exploit":false,"published_at":"2024-03-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-23225","csirts_url":"https://www.csirts.com/advisory/cve-2024-23225-2354"},{"num":86993,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-9-2-released/","title":"GitLab Security Release: 16.9.2, 16.8.4, 16.7.7","severity":"critical","cvss":null,"cves":["CVE-2024-0199","CVE-2024-1299"],"exploited":false,"has_exploit":false,"published_at":"2024-03-06T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-9-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-9-2-16-8-4-16-86993"},{"num":2355,"source_id":"cisa-kev","external_id":"CVE-2024-23296","title":"CVE-2024-23296: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-23296"],"exploited":true,"has_exploit":true,"published_at":"2024-03-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-23296","csirts_url":"https://www.csirts.com/advisory/cve-2024-23296-2355"},{"num":2358,"source_id":"cisa-kev","external_id":"CVE-2021-36380","title":"CVE-2021-36380: Sunhillo SureLine OS Command Injection Vulnerablity","severity":"critical","cvss":null,"cves":["CVE-2021-36380"],"exploited":true,"has_exploit":true,"published_at":"2024-03-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-36380","csirts_url":"https://www.csirts.com/advisory/cve-2021-36380-2358"},{"num":3108,"source_id":"cisa-kev","external_id":"CVE-2023-21237","title":"CVE-2023-21237: Android Pixel Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-21237"],"exploited":true,"has_exploit":false,"published_at":"2024-03-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21237","csirts_url":"https://www.csirts.com/advisory/cve-2023-21237-3108"},{"num":2361,"source_id":"cisa-kev","external_id":"CVE-2024-21338","title":"CVE-2024-21338: Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21338"],"exploited":true,"has_exploit":true,"published_at":"2024-03-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21338","csirts_url":"https://www.csirts.com/advisory/cve-2024-21338-2361"},{"num":2364,"source_id":"cisa-kev","external_id":"CVE-2023-29360","title":"CVE-2023-29360: Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-29360"],"exploited":true,"has_exploit":true,"published_at":"2024-02-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-29360","csirts_url":"https://www.csirts.com/advisory/cve-2023-29360-2364"},{"num":2384,"source_id":"cisa-kev","external_id":"CVE-2024-1709","title":"CVE-2024-1709: ConnectWise ScreenConnect Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-1709"],"exploited":true,"has_exploit":true,"published_at":"2024-02-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-1709","csirts_url":"https://www.csirts.com/advisory/cve-2024-1709-2384"},{"num":86994,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-9-1-released/","title":"GitLab Security Release: 16.9.1, 16.8.3, 16.7.6","severity":"critical","cvss":null,"cves":["CVE-2024-1451","CVE-2023-6477","CVE-2023-6736","CVE-2024-1525","CVE-2023-4895","CVE-2024-0861","CVE-2023-3509","CVE-2024-0410"],"exploited":false,"has_exploit":false,"published_at":"2024-02-21T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-9-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-9-1-16-8-3-16-86994"},{"num":2386,"source_id":"cisa-kev","external_id":"CVE-2020-3259","title":"CVE-2020-3259: Cisco ASA and FTD Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3259"],"exploited":true,"has_exploit":false,"published_at":"2024-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3259","csirts_url":"https://www.csirts.com/advisory/cve-2020-3259-2386"},{"num":2336,"source_id":"cisa-kev","external_id":"CVE-2024-21410","title":"CVE-2024-21410: Microsoft Exchange Server Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21410"],"exploited":true,"has_exploit":true,"published_at":"2024-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21410","csirts_url":"https://www.csirts.com/advisory/cve-2024-21410-2336"},{"num":1886,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-005/","title":"[Update] Vulnerability in Microsoft Outlook (February 15, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-21413"],"exploited":true,"has_exploit":true,"published_at":"2024-02-15T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-005/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-microsoft-outlook-1886"},{"num":2397,"source_id":"cisa-kev","external_id":"CVE-2024-21351","title":"CVE-2024-21351: Microsoft Windows SmartScreen Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21351"],"exploited":true,"has_exploit":false,"published_at":"2024-02-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21351","csirts_url":"https://www.csirts.com/advisory/cve-2024-21351-2397"},{"num":499,"source_id":"cisa-kev","external_id":"CVE-2024-21412","title":"CVE-2024-21412: Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21412"],"exploited":true,"has_exploit":true,"published_at":"2024-02-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21412","csirts_url":"https://www.csirts.com/advisory/cve-2024-21412-499"},{"num":2398,"source_id":"cisa-kev","external_id":"CVE-2023-43770","title":"CVE-2023-43770: Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-43770"],"exploited":true,"has_exploit":true,"published_at":"2024-02-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-43770","csirts_url":"https://www.csirts.com/advisory/cve-2023-43770-2398"},{"num":2399,"source_id":"cisa-kev","external_id":"CVE-2024-21762","title":"CVE-2024-21762: Fortinet FortiOS Out-of-Bound Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21762"],"exploited":true,"has_exploit":true,"published_at":"2024-02-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21762","csirts_url":"https://www.csirts.com/advisory/cve-2024-21762-2399"},{"num":559,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-004/","title":"[Update] Vulnerability in Fortinet FortiOS (February 9, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-21762"],"exploited":true,"has_exploit":true,"published_at":"2024-02-09T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-004/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-fortinet-fortios-559"},{"num":86995,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-8-2-released/","title":"GitLab Security Release: 16.8.2, 16.7.5, 16.6.7","severity":"critical","cvss":null,"cves":["CVE-2024-1250","CVE-2023-6840","CVE-2023-6386","CVE-2024-1066"],"exploited":false,"has_exploit":false,"published_at":"2024-02-07T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-8-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-8-2-16-7-5-16-86995"},{"num":2400,"source_id":"cisa-kev","external_id":"CVE-2023-4762","title":"CVE-2023-4762: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-4762"],"exploited":true,"has_exploit":true,"published_at":"2024-02-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-4762","csirts_url":"https://www.csirts.com/advisory/cve-2023-4762-2400"},{"num":998,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-003/","title":"[Update] Incident affecting AnyDesk solutions (February 5, 2024)","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2024-02-05T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-003/","csirts_url":"https://www.csirts.com/advisory/update-incident-affecting-anydesk-998"},{"num":2409,"source_id":"cisa-kev","external_id":"CVE-2024-21893","title":"CVE-2024-21893: Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21893"],"exploited":true,"has_exploit":true,"published_at":"2024-01-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21893","csirts_url":"https://www.csirts.com/advisory/cve-2024-21893-2409"},{"num":2405,"source_id":"cisa-kev","external_id":"CVE-2022-48618","title":"CVE-2022-48618: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-48618"],"exploited":true,"has_exploit":false,"published_at":"2024-01-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-48618","csirts_url":"https://www.csirts.com/advisory/cve-2022-48618-2405"},{"num":86996,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-8-1-released/","title":"GitLab Critical Security Release: 16.8.1, 16.7.4, 16.6.6, 16.5.8","severity":"critical","cvss":null,"cves":["CVE-2024-0402","CVE-2023-6159","CVE-2023-5933","CVE-2023-5612","CVE-2024-0456","CVE-2023-45322","CVE-2023-41056"],"exploited":false,"has_exploit":false,"published_at":"2024-01-25T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-8-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-security-release-16-8-1-86996"},{"num":1720,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/impact-of-ai-on-cyber-threat","title":"The near-term impact of AI on the cyber threat","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2024-01-24T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/impact-of-ai-on-cyber-threat","csirts_url":"https://www.csirts.com/advisory/the-near-term-impact-of-ai-on-the-cyber-1720"},{"num":87049,"source_id":"jenkins","external_id":"jenkins-advisory-2024-01-24","title":"Jenkins Security Advisory 2024-01-24","severity":"unknown","cvss":null,"cves":["CVE-2024-23897","CVE-2024-23898","CVE-2024-23899","CVE-2024-23900","CVE-2024-23901","CVE-2024-23902","CVE-2024-23903","CVE-2023-6148","CVE-2023-6147","CVE-2024-23905","CVE-2024-23904"],"exploited":false,"has_exploit":true,"published_at":"2024-01-24T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2024-01-24/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2024-01-24-87049"},{"num":3121,"source_id":"cisa-kev","external_id":"CVE-2023-22527","title":"CVE-2023-22527: Atlassian Confluence Data Center and Server Template Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-22527"],"exploited":true,"has_exploit":true,"published_at":"2024-01-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-22527","csirts_url":"https://www.csirts.com/advisory/cve-2023-22527-3121"},{"num":3122,"source_id":"cisa-kev","external_id":"CVE-2024-23222","title":"CVE-2024-23222: Apple Multiple Products WebKit Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-23222"],"exploited":true,"has_exploit":true,"published_at":"2024-01-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-23222","csirts_url":"https://www.csirts.com/advisory/cve-2024-23222-3122"},{"num":3127,"source_id":"cisa-kev","external_id":"CVE-2023-34048","title":"CVE-2023-34048: VMware vCenter Server Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-34048"],"exploited":true,"has_exploit":true,"published_at":"2024-01-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-34048","csirts_url":"https://www.csirts.com/advisory/cve-2023-34048-3127"},{"num":3128,"source_id":"cisa-kev","external_id":"CVE-2023-35082","title":"CVE-2023-35082: Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-35082"],"exploited":true,"has_exploit":true,"published_at":"2024-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-35082","csirts_url":"https://www.csirts.com/advisory/cve-2023-35082-3128"},{"num":3131,"source_id":"cisa-kev","external_id":"CVE-2023-6549","title":"CVE-2023-6549: Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-6549"],"exploited":true,"has_exploit":true,"published_at":"2024-01-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-6549","csirts_url":"https://www.csirts.com/advisory/cve-2023-6549-3131"},{"num":3130,"source_id":"cisa-kev","external_id":"CVE-2024-0519","title":"CVE-2024-0519: Google Chromium V8 Out-of-Bounds Memory Access Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-0519"],"exploited":true,"has_exploit":true,"published_at":"2024-01-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-0519","csirts_url":"https://www.csirts.com/advisory/cve-2024-0519-3130"},{"num":2410,"source_id":"cisa-kev","external_id":"CVE-2023-6548","title":"CVE-2023-6548: Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-6548"],"exploited":true,"has_exploit":false,"published_at":"2024-01-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-6548","csirts_url":"https://www.csirts.com/advisory/cve-2023-6548-2410"},{"num":2418,"source_id":"cisa-kev","external_id":"CVE-2018-15133","title":"CVE-2018-15133: Laravel Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-15133"],"exploited":true,"has_exploit":true,"published_at":"2024-01-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-15133","csirts_url":"https://www.csirts.com/advisory/cve-2018-15133-2418"},{"num":1877,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-002/","title":"[Update] Multiple Vulnerabilities in GitLab (January 12, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-0402"],"exploited":false,"has_exploit":false,"published_at":"2024-01-12T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-002/","csirts_url":"https://www.csirts.com/advisory/update-multiple-vulnerabilities-in-gitlab-1877"},{"num":86997,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-7-3-released/","title":"GitLab Patch Release: 16.7.3 16.6.5 16.5.7","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2024-01-12T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-7-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-7-3-16-6-5-16-5-7-86997"},{"num":1875,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-001/","title":"[Update] Multiple vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways (January 11, 2024)","severity":"unknown","cvss":null,"cves":["CVE-2024-21888","CVE-2024-21893","CVE-2023-46805","CVE-2024-21887","CVE-2024-22024"],"exploited":false,"has_exploit":true,"published_at":"2024-01-11T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-001/","csirts_url":"https://www.csirts.com/advisory/update-multiple-vulnerabilities-in-ivanti-1875"},{"num":86998,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-7-2-released/","title":"GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6","severity":"critical","cvss":null,"cves":["CVE-2023-7028","CVE-2023-4812","CVE-2023-5356","CVE-2023-6955","CVE-2023-2030"],"exploited":true,"has_exploit":true,"published_at":"2024-01-11T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-7-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-security-release-16-7-2-86998"},{"num":2435,"source_id":"cisa-kev","external_id":"CVE-2024-21887","title":"CVE-2024-21887: Ivanti Connect Secure and Policy Secure Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2024-21887"],"exploited":true,"has_exploit":true,"published_at":"2024-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2024-21887","csirts_url":"https://www.csirts.com/advisory/cve-2024-21887-2435"},{"num":2426,"source_id":"cisa-kev","external_id":"CVE-2023-46805","title":"CVE-2023-46805: Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-46805"],"exploited":true,"has_exploit":true,"published_at":"2024-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-46805","csirts_url":"https://www.csirts.com/advisory/cve-2023-46805-2426"},{"num":2423,"source_id":"cisa-kev","external_id":"CVE-2023-29357","title":"CVE-2023-29357: Microsoft SharePoint Server Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-29357"],"exploited":true,"has_exploit":true,"published_at":"2024-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-29357","csirts_url":"https://www.csirts.com/advisory/cve-2023-29357-2423"},{"num":2437,"source_id":"cisa-kev","external_id":"CVE-2023-41990","title":"CVE-2023-41990: Apple Multiple Products Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41990"],"exploited":true,"has_exploit":false,"published_at":"2024-01-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41990","csirts_url":"https://www.csirts.com/advisory/cve-2023-41990-2437"},{"num":2444,"source_id":"cisa-kev","external_id":"CVE-2023-27524","title":"CVE-2023-27524: Apache Superset Insecure Default Initialization of Resource Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-27524"],"exploited":true,"has_exploit":true,"published_at":"2024-01-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-27524","csirts_url":"https://www.csirts.com/advisory/cve-2023-27524-2444"},{"num":2362,"source_id":"cisa-kev","external_id":"CVE-2023-29300","title":"CVE-2023-29300: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-29300"],"exploited":true,"has_exploit":true,"published_at":"2024-01-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-29300","csirts_url":"https://www.csirts.com/advisory/cve-2023-29300-2362"},{"num":2436,"source_id":"cisa-kev","external_id":"CVE-2023-23752","title":"CVE-2023-23752: Joomla! Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-23752"],"exploited":true,"has_exploit":true,"published_at":"2024-01-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-23752","csirts_url":"https://www.csirts.com/advisory/cve-2023-23752-2436"},{"num":413,"source_id":"cisa-kev","external_id":"CVE-2023-38203","title":"CVE-2023-38203: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-38203"],"exploited":true,"has_exploit":true,"published_at":"2024-01-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-38203","csirts_url":"https://www.csirts.com/advisory/cve-2023-38203-413"},{"num":2207,"source_id":"cisa-kev","external_id":"CVE-2016-20017","title":"CVE-2016-20017: D-Link DSL-2750B Devices Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-20017"],"exploited":true,"has_exploit":true,"published_at":"2024-01-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-20017","csirts_url":"https://www.csirts.com/advisory/cve-2016-20017-2207"},{"num":2448,"source_id":"cisa-kev","external_id":"CVE-2023-7101","title":"CVE-2023-7101: Spreadsheet::ParseExcel Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-7101"],"exploited":true,"has_exploit":true,"published_at":"2024-01-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-7101","csirts_url":"https://www.csirts.com/advisory/cve-2023-7101-2448"},{"num":3139,"source_id":"cisa-kev","external_id":"CVE-2023-7024","title":"CVE-2023-7024: Google Chromium WebRTC Heap Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-7024"],"exploited":true,"has_exploit":true,"published_at":"2024-01-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-7024","csirts_url":"https://www.csirts.com/advisory/cve-2023-7024-3139"},{"num":2449,"source_id":"cisa-kev","external_id":"CVE-2023-47565","title":"CVE-2023-47565: QNAP VioStor NVR OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-47565"],"exploited":true,"has_exploit":false,"published_at":"2023-12-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-47565","csirts_url":"https://www.csirts.com/advisory/cve-2023-47565-2449"},{"num":414,"source_id":"cisa-kev","external_id":"CVE-2023-49897","title":"CVE-2023-49897: FXC AE1021, AE1021PE OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-49897"],"exploited":true,"has_exploit":false,"published_at":"2023-12-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-49897","csirts_url":"https://www.csirts.com/advisory/cve-2023-49897-414"},{"num":87050,"source_id":"jenkins","external_id":"jenkins-advisory-2023-12-13","title":"Jenkins Security Advisory 2023-12-13","severity":"unknown","cvss":null,"cves":["CVE-2023-5072","CVE-2023-50764","CVE-2023-50765","CVE-2023-50766","CVE-2023-50767","CVE-2023-50768","CVE-2023-50769","CVE-2023-50770","CVE-2023-50771","CVE-2023-50772","CVE-2023-50773","CVE-2023-50774","CVE-2023-50775","CVE-2023-50776","CVE-2023-50777","CVE-2023-50778","CVE-2023-50779"],"exploited":false,"has_exploit":false,"published_at":"2023-12-13T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-12-13/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-12-13-87050"},{"num":86999,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-6-2-released/","title":"GitLab Security Release: 16.6.2, 16.5.4, 16.4.4","severity":"critical","cvss":null,"cves":["CVE-2023-6680","CVE-2023-6564","CVE-2023-6051","CVE-2023-3907","CVE-2023-5512","CVE-2023-3904","CVE-2023-5061","CVE-2023-3511"],"exploited":false,"has_exploit":false,"published_at":"2023-12-13T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-6-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-6-2-16-5-4-16-86999"},{"num":558,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-013/","title":"Vulnerability in Apache Struts 2 (December 13, 2023)","severity":"unknown","cvss":null,"cves":["CVE-2023-50164"],"exploited":false,"has_exploit":false,"published_at":"2023-12-13T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-013/","csirts_url":"https://www.csirts.com/advisory/vulnerability-in-apache-struts-2-december-558"},{"num":2452,"source_id":"cisa-kev","external_id":"CVE-2023-6448","title":"CVE-2023-6448: Unitronics Vision PLC and HMI Insecure Default Password Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-6448"],"exploited":true,"has_exploit":false,"published_at":"2023-12-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-6448","csirts_url":"https://www.csirts.com/advisory/cve-2023-6448-2452"},{"num":2453,"source_id":"cisa-kev","external_id":"CVE-2023-41266","title":"CVE-2023-41266: Qlik Sense Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41266"],"exploited":true,"has_exploit":true,"published_at":"2023-12-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41266","csirts_url":"https://www.csirts.com/advisory/cve-2023-41266-2453"},{"num":2458,"source_id":"cisa-kev","external_id":"CVE-2023-41265","title":"CVE-2023-41265: Qlik Sense HTTP Tunneling Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41265"],"exploited":true,"has_exploit":true,"published_at":"2023-12-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41265","csirts_url":"https://www.csirts.com/advisory/cve-2023-41265-2458"},{"num":2464,"source_id":"cisa-kev","external_id":"CVE-2023-33106","title":"CVE-2023-33106: Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-33106"],"exploited":true,"has_exploit":false,"published_at":"2023-12-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-33106","csirts_url":"https://www.csirts.com/advisory/cve-2023-33106-2464"},{"num":2463,"source_id":"cisa-kev","external_id":"CVE-2023-33107","title":"CVE-2023-33107: Qualcomm Multiple Chipsets Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-33107"],"exploited":true,"has_exploit":true,"published_at":"2023-12-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-33107","csirts_url":"https://www.csirts.com/advisory/cve-2023-33107-2463"},{"num":2465,"source_id":"cisa-kev","external_id":"CVE-2023-33063","title":"CVE-2023-33063: Qualcomm Multiple Chipsets Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-33063"],"exploited":true,"has_exploit":false,"published_at":"2023-12-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-33063","csirts_url":"https://www.csirts.com/advisory/cve-2023-33063-2465"},{"num":2466,"source_id":"cisa-kev","external_id":"CVE-2022-22071","title":"CVE-2022-22071: Qualcomm Multiple Chipsets Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22071"],"exploited":true,"has_exploit":false,"published_at":"2023-12-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22071","csirts_url":"https://www.csirts.com/advisory/cve-2022-22071-2466"},{"num":2473,"source_id":"cisa-kev","external_id":"CVE-2023-42916","title":"CVE-2023-42916: Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-42916"],"exploited":true,"has_exploit":false,"published_at":"2023-12-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-42916","csirts_url":"https://www.csirts.com/advisory/cve-2023-42916-2473"},{"num":2470,"source_id":"cisa-kev","external_id":"CVE-2023-42917","title":"CVE-2023-42917: Apple Multiple Products WebKit Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-42917"],"exploited":true,"has_exploit":false,"published_at":"2023-12-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-42917","csirts_url":"https://www.csirts.com/advisory/cve-2023-42917-2470"},{"num":2474,"source_id":"cisa-kev","external_id":"CVE-2023-6345","title":"CVE-2023-6345: Google Skia Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-6345"],"exploited":true,"has_exploit":false,"published_at":"2023-11-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-6345","csirts_url":"https://www.csirts.com/advisory/cve-2023-6345-2474"},{"num":87000,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-6-1-released/","title":"GitLab Security Release: 16.6.1, 16.5.3, 16.4.3","severity":"critical","cvss":null,"cves":["CVE-2023-3401","CVE-2023-6033","CVE-2023-6396","CVE-2023-3949","CVE-2023-5226","CVE-2023-5995","CVE-2023-4912","CVE-2023-4317","CVE-2023-3964","CVE-2023-4658","CVE-2023-3443","CVE-2023-39417","CVE-2022-41409"],"exploited":false,"has_exploit":false,"published_at":"2023-11-30T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-6-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-6-1-16-5-3-16-87000"},{"num":2475,"source_id":"cisa-kev","external_id":"CVE-2023-49103","title":"CVE-2023-49103: ownCloud graphapi Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-49103"],"exploited":true,"has_exploit":true,"published_at":"2023-11-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-49103","csirts_url":"https://www.csirts.com/advisory/cve-2023-49103-2475"},{"num":87051,"source_id":"jenkins","external_id":"jenkins-advisory-2023-11-29","title":"Jenkins Security Advisory 2023-11-29","severity":"unknown","cvss":null,"cves":["CVE-2023-49653","CVE-2023-49652","CVE-2023-49654","CVE-2023-49655","CVE-2023-49656","CVE-2023-49673","CVE-2023-49674"],"exploited":false,"has_exploit":false,"published_at":"2023-11-29T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-11-29/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-11-29-87051"},{"num":2476,"source_id":"cisa-kev","external_id":"CVE-2023-4911","title":"CVE-2023-4911: GNU C Library Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-4911"],"exploited":true,"has_exploit":true,"published_at":"2023-11-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-4911","csirts_url":"https://www.csirts.com/advisory/cve-2023-4911-2476"},{"num":2467,"source_id":"cisa-kev","external_id":"CVE-2020-2551","title":"CVE-2020-2551: Oracle Fusion Middleware Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-2551"],"exploited":true,"has_exploit":true,"published_at":"2023-11-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-2551","csirts_url":"https://www.csirts.com/advisory/cve-2020-2551-2467"},{"num":3156,"source_id":"cisa-kev","external_id":"CVE-2023-1671","title":"CVE-2023-1671: Sophos Web Appliance Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-1671"],"exploited":true,"has_exploit":true,"published_at":"2023-11-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-1671","csirts_url":"https://www.csirts.com/advisory/cve-2023-1671-3156"},{"num":3155,"source_id":"cisa-kev","external_id":"CVE-2023-36584","title":"CVE-2023-36584: Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36584"],"exploited":true,"has_exploit":false,"published_at":"2023-11-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36584","csirts_url":"https://www.csirts.com/advisory/cve-2023-36584-3155"},{"num":2477,"source_id":"cisa-kev","external_id":"CVE-2023-36033","title":"CVE-2023-36033: Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36033"],"exploited":true,"has_exploit":false,"published_at":"2023-11-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36033","csirts_url":"https://www.csirts.com/advisory/cve-2023-36033-2477"},{"num":87001,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-5-2-released/","title":"GitLab Patch Release: 16.5.2","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-11-14T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-5-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-5-2-87001"},{"num":2481,"source_id":"cisa-kev","external_id":"CVE-2023-36036","title":"CVE-2023-36036: Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36036"],"exploited":true,"has_exploit":false,"published_at":"2023-11-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36036","csirts_url":"https://www.csirts.com/advisory/cve-2023-36036-2481"},{"num":2480,"source_id":"cisa-kev","external_id":"CVE-2023-36025","title":"CVE-2023-36025: Microsoft Windows SmartScreen Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36025"],"exploited":true,"has_exploit":true,"published_at":"2023-11-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36025","csirts_url":"https://www.csirts.com/advisory/cve-2023-36025-2480"},{"num":2491,"source_id":"cisa-kev","external_id":"CVE-2023-36851","title":"CVE-2023-36851: Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36851"],"exploited":true,"has_exploit":false,"published_at":"2023-11-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36851","csirts_url":"https://www.csirts.com/advisory/cve-2023-36851-2491"},{"num":2489,"source_id":"cisa-kev","external_id":"CVE-2023-36844","title":"CVE-2023-36844: Juniper Junos OS EX Series PHP External Variable Modification Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36844"],"exploited":true,"has_exploit":true,"published_at":"2023-11-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36844","csirts_url":"https://www.csirts.com/advisory/cve-2023-36844-2489"},{"num":3158,"source_id":"cisa-kev","external_id":"CVE-2023-36846","title":"CVE-2023-36846: Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36846"],"exploited":true,"has_exploit":true,"published_at":"2023-11-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36846","csirts_url":"https://www.csirts.com/advisory/cve-2023-36846-3158"},{"num":3159,"source_id":"cisa-kev","external_id":"CVE-2023-36847","title":"CVE-2023-36847: Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36847"],"exploited":true,"has_exploit":true,"published_at":"2023-11-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36847","csirts_url":"https://www.csirts.com/advisory/cve-2023-36847-3159"},{"num":3157,"source_id":"cisa-kev","external_id":"CVE-2023-36845","title":"CVE-2023-36845: Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36845"],"exploited":true,"has_exploit":true,"published_at":"2023-11-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36845","csirts_url":"https://www.csirts.com/advisory/cve-2023-36845-3157"},{"num":2488,"source_id":"cisa-kev","external_id":"CVE-2023-47246","title":"CVE-2023-47246: SysAid Server Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-47246"],"exploited":true,"has_exploit":true,"published_at":"2023-11-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-47246","csirts_url":"https://www.csirts.com/advisory/cve-2023-47246-2488"},{"num":3160,"source_id":"cisa-kev","external_id":"CVE-2023-29552","title":"CVE-2023-29552: Service Location Protocol (SLP) Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-29552"],"exploited":true,"has_exploit":false,"published_at":"2023-11-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-29552","csirts_url":"https://www.csirts.com/advisory/cve-2023-29552-3160"},{"num":3161,"source_id":"cisa-kev","external_id":"CVE-2023-22518","title":"CVE-2023-22518: Atlassian Confluence Data Center and Server Improper Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-22518"],"exploited":true,"has_exploit":true,"published_at":"2023-11-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-22518","csirts_url":"https://www.csirts.com/advisory/cve-2023-22518-3161"},{"num":2492,"source_id":"cisa-kev","external_id":"CVE-2023-46604","title":"CVE-2023-46604: Apache ActiveMQ Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-46604"],"exploited":true,"has_exploit":true,"published_at":"2023-11-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-46604","csirts_url":"https://www.csirts.com/advisory/cve-2023-46604-2492"},{"num":3162,"source_id":"cisa-kev","external_id":"CVE-2023-46748","title":"CVE-2023-46748: F5 BIG-IP Configuration Utility SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-46748"],"exploited":true,"has_exploit":false,"published_at":"2023-10-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-46748","csirts_url":"https://www.csirts.com/advisory/cve-2023-46748-3162"},{"num":279,"source_id":"cisa-kev","external_id":"CVE-2023-46747","title":"CVE-2023-46747: F5 BIG-IP Configuration Utility Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-46747"],"exploited":true,"has_exploit":true,"published_at":"2023-10-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-46747","csirts_url":"https://www.csirts.com/advisory/cve-2023-46747-279"},{"num":87002,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-5-1-released/","title":"GitLab Security Release: 16.5.1, 16.4.2, 16.3.6","severity":"critical","cvss":null,"cves":["CVE-2023-5831","CVE-2023-3399","CVE-2023-5825","CVE-2023-3909","CVE-2023-3246","CVE-2023-5600","CVE-2023-4700","CVE-2023-38545","CVE-2023-44487"],"exploited":true,"has_exploit":true,"published_at":"2023-10-31T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-5-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-5-1-16-4-2-16-87002"},{"num":282,"source_id":"cisa-kev","external_id":"CVE-2023-5631","title":"CVE-2023-5631: Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-5631"],"exploited":true,"has_exploit":false,"published_at":"2023-10-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-5631","csirts_url":"https://www.csirts.com/advisory/cve-2023-5631-282"},{"num":87052,"source_id":"jenkins","external_id":"jenkins-advisory-2023-10-25","title":"Jenkins Security Advisory 2023-10-25","severity":"unknown","cvss":null,"cves":["CVE-2023-46650","CVE-2023-46651","CVE-2023-46652","CVE-2023-46653","CVE-2023-46654","CVE-2023-46655","CVE-2023-46656","CVE-2023-46657","CVE-2023-46658","CVE-2023-46659","CVE-2023-46660"],"exploited":false,"has_exploit":false,"published_at":"2023-10-25T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-10-25/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-10-25-87052"},{"num":283,"source_id":"cisa-kev","external_id":"CVE-2023-20273","title":"CVE-2023-20273: Cisco IOS XE Web UI Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-20273"],"exploited":true,"has_exploit":true,"published_at":"2023-10-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-20273","csirts_url":"https://www.csirts.com/advisory/cve-2023-20273-283"},{"num":527,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-012/","title":"[Update] Vulnerability in Citrix NetScaler ADC and NetScaler Gateway (October 23, 2023)","severity":"unknown","cvss":null,"cves":["CVE-2023-4966"],"exploited":false,"has_exploit":true,"published_at":"2023-10-23T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-012/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-citrix-netscaler-527"},{"num":87053,"source_id":"jenkins","external_id":"jenkins-advisory-2023-10-18","title":"Jenkins Security Advisory 2023-10-18","severity":"unknown","cvss":null,"cves":["CVE-2023-36478","CVE-2023-44487"],"exploited":false,"has_exploit":true,"published_at":"2023-10-18T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-10-18/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-10-18-87053"},{"num":284,"source_id":"cisa-kev","external_id":"CVE-2023-4966","title":"CVE-2023-4966: Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-4966"],"exploited":true,"has_exploit":true,"published_at":"2023-10-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-4966","csirts_url":"https://www.csirts.com/advisory/cve-2023-4966-284"},{"num":835,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-011/","title":"[Update] Multiple vulnerabilities in Cisco IOS XE (October 17, 2023)","severity":"unknown","cvss":null,"cves":["CVE-2023-20198"],"exploited":true,"has_exploit":true,"published_at":"2023-10-17T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-011/","csirts_url":"https://www.csirts.com/advisory/update-multiple-vulnerabilities-in-cisco-835"},{"num":285,"source_id":"cisa-kev","external_id":"CVE-2023-20198","title":"CVE-2023-20198: Cisco IOS XE Web UI Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-20198"],"exploited":true,"has_exploit":true,"published_at":"2023-10-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-20198","csirts_url":"https://www.csirts.com/advisory/cve-2023-20198-285"},{"num":2497,"source_id":"cisa-kev","external_id":"CVE-2023-36563","title":"CVE-2023-36563: Microsoft WordPad Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36563"],"exploited":true,"has_exploit":false,"published_at":"2023-10-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36563","csirts_url":"https://www.csirts.com/advisory/cve-2023-36563-2497"},{"num":2496,"source_id":"cisa-kev","external_id":"CVE-2023-20109","title":"CVE-2023-20109: Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-20109"],"exploited":true,"has_exploit":false,"published_at":"2023-10-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-20109","csirts_url":"https://www.csirts.com/advisory/cve-2023-20109-2496"},{"num":2493,"source_id":"cisa-kev","external_id":"CVE-2023-21608","title":"CVE-2023-21608: Adobe Acrobat and Reader Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-21608"],"exploited":true,"has_exploit":true,"published_at":"2023-10-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21608","csirts_url":"https://www.csirts.com/advisory/cve-2023-21608-2493"},{"num":2498,"source_id":"cisa-kev","external_id":"CVE-2023-44487","title":"CVE-2023-44487: HTTP/2 Rapid Reset Attack Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-44487"],"exploited":true,"has_exploit":true,"published_at":"2023-10-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-44487","csirts_url":"https://www.csirts.com/advisory/cve-2023-44487-2498"},{"num":1271,"source_id":"cisa-kev","external_id":"CVE-2023-41763","title":"CVE-2023-41763: Microsoft Skype for Business Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41763"],"exploited":true,"has_exploit":true,"published_at":"2023-10-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41763","csirts_url":"https://www.csirts.com/advisory/cve-2023-41763-1271"},{"num":3173,"source_id":"cisa-kev","external_id":"CVE-2023-22515","title":"CVE-2023-22515: Atlassian Confluence Data Center and Server Broken Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-22515"],"exploited":true,"has_exploit":true,"published_at":"2023-10-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-22515","csirts_url":"https://www.csirts.com/advisory/cve-2023-22515-3173"},{"num":2500,"source_id":"cisa-kev","external_id":"CVE-2023-42824","title":"CVE-2023-42824: Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-42824"],"exploited":true,"has_exploit":true,"published_at":"2023-10-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-42824","csirts_url":"https://www.csirts.com/advisory/cve-2023-42824-2500"},{"num":3176,"source_id":"cisa-kev","external_id":"CVE-2023-40044","title":"CVE-2023-40044: Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-40044"],"exploited":true,"has_exploit":true,"published_at":"2023-10-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-40044","csirts_url":"https://www.csirts.com/advisory/cve-2023-40044-3176"},{"num":2509,"source_id":"cisa-kev","external_id":"CVE-2023-42793","title":"CVE-2023-42793: JetBrains TeamCity Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-42793"],"exploited":true,"has_exploit":true,"published_at":"2023-10-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-42793","csirts_url":"https://www.csirts.com/advisory/cve-2023-42793-2509"},{"num":2511,"source_id":"cisa-kev","external_id":"CVE-2023-28229","title":"CVE-2023-28229: Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28229"],"exploited":true,"has_exploit":true,"published_at":"2023-10-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28229","csirts_url":"https://www.csirts.com/advisory/cve-2023-28229-2511"},{"num":2514,"source_id":"cisa-kev","external_id":"CVE-2023-4211","title":"CVE-2023-4211: Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-4211"],"exploited":true,"has_exploit":false,"published_at":"2023-10-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-4211","csirts_url":"https://www.csirts.com/advisory/cve-2023-4211-2514"},{"num":525,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-010/","title":"Multiple vulnerabilities in Exim (October 2, 2023)","severity":"unknown","cvss":null,"cves":["CVE-2023-42117","CVE-2023-42118","CVE-2023-42119","CVE-2023-42114","CVE-2023-42115","CVE-2023-42116"],"exploited":false,"has_exploit":false,"published_at":"2023-10-02T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-010/","csirts_url":"https://www.csirts.com/advisory/multiple-vulnerabilities-in-exim-october-525"},{"num":2517,"source_id":"cisa-kev","external_id":"CVE-2023-5217","title":"CVE-2023-5217: Google Chromium libvpx Heap Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-5217"],"exploited":true,"has_exploit":true,"published_at":"2023-10-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-5217","csirts_url":"https://www.csirts.com/advisory/cve-2023-5217-2517"},{"num":2520,"source_id":"cisa-kev","external_id":"CVE-2018-14667","title":"CVE-2018-14667: Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-14667"],"exploited":true,"has_exploit":true,"published_at":"2023-09-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14667","csirts_url":"https://www.csirts.com/advisory/cve-2018-14667-2520"},{"num":87003,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-4-1-released/","title":"GitLab Security Release: 16.4.1, 16.3.5, and 16.2.8","severity":"critical","cvss":null,"cves":["CVE-2023-5207","CVE-2023-5106","CVE-2023-4379","CVE-2023-3413","CVE-2023-5332","CVE-2023-3914","CVE-2023-3115","CVE-2023-5198","CVE-2023-4532","CVE-2023-3917","CVE-2023-3920","CVE-2023-0989","CVE-2023-3906","CVE-2023-4658","CVE-2023-3979","CVE-2023-2233","CVE-2023-3922"],"exploited":false,"has_exploit":false,"published_at":"2023-09-28T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-4-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-4-1-16-3-5-and-87003"},{"num":2375,"source_id":"cisa-kev","external_id":"CVE-2023-41991","title":"CVE-2023-41991: Apple Multiple Products Improper Certificate Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41991"],"exploited":true,"has_exploit":true,"published_at":"2023-09-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41991","csirts_url":"https://www.csirts.com/advisory/cve-2023-41991-2375"},{"num":2529,"source_id":"cisa-kev","external_id":"CVE-2023-41993","title":"CVE-2023-41993: Apple Multiple Products WebKit Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41993"],"exploited":true,"has_exploit":true,"published_at":"2023-09-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41993","csirts_url":"https://www.csirts.com/advisory/cve-2023-41993-2529"},{"num":2521,"source_id":"cisa-kev","external_id":"CVE-2023-41992","title":"CVE-2023-41992: Apple Multiple Products Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41992"],"exploited":true,"has_exploit":true,"published_at":"2023-09-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41992","csirts_url":"https://www.csirts.com/advisory/cve-2023-41992-2521"},{"num":2530,"source_id":"cisa-kev","external_id":"CVE-2023-41179","title":"CVE-2023-41179: Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41179"],"exploited":true,"has_exploit":false,"published_at":"2023-09-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41179","csirts_url":"https://www.csirts.com/advisory/cve-2023-41179-2530"},{"num":87054,"source_id":"jenkins","external_id":"jenkins-advisory-2023-09-20","title":"Jenkins Security Advisory 2023-09-20","severity":"unknown","cvss":null,"cves":["CVE-2023-43494","CVE-2023-43495","CVE-2023-43496","CVE-2023-43497","CVE-2023-43498","CVE-2023-43499","CVE-2023-43500","CVE-2023-43501","CVE-2023-43502"],"exploited":false,"has_exploit":false,"published_at":"2023-09-20T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-09-20/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-09-20-87054"},{"num":3188,"source_id":"cisa-kev","external_id":"CVE-2023-28434","title":"CVE-2023-28434: MinIO Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28434"],"exploited":true,"has_exploit":true,"published_at":"2023-09-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28434","csirts_url":"https://www.csirts.com/advisory/cve-2023-28434-3188"},{"num":2535,"source_id":"cisa-kev","external_id":"CVE-2014-8361","title":"CVE-2014-8361: Realtek SDK Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-8361"],"exploited":true,"has_exploit":true,"published_at":"2023-09-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-8361","csirts_url":"https://www.csirts.com/advisory/cve-2014-8361-2535"},{"num":3189,"source_id":"cisa-kev","external_id":"CVE-2022-22265","title":"CVE-2022-22265: Samsung Mobile Devices Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22265"],"exploited":true,"has_exploit":false,"published_at":"2023-09-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22265","csirts_url":"https://www.csirts.com/advisory/cve-2022-22265-3189"},{"num":87004,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-3-4-released/","title":"GitLab Critical Security Release: 16.3.4 and 16.2.7","severity":"critical","cvss":null,"cves":["CVE-2023-3932","CVE-2023-5009"],"exploited":false,"has_exploit":false,"published_at":"2023-09-18T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-3-4-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-security-release-16-3-4-87004"},{"num":2542,"source_id":"cisa-kev","external_id":"CVE-2021-3129","title":"CVE-2021-3129: Laravel Ignition File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-3129"],"exploited":true,"has_exploit":true,"published_at":"2023-09-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-3129","csirts_url":"https://www.csirts.com/advisory/cve-2021-3129-2542"},{"num":2536,"source_id":"cisa-kev","external_id":"CVE-2017-6884","title":"CVE-2017-6884: Zyxel EMG2926 Routers Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6884"],"exploited":true,"has_exploit":true,"published_at":"2023-09-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6884","csirts_url":"https://www.csirts.com/advisory/cve-2017-6884-2536"},{"num":2544,"source_id":"cisa-kev","external_id":"CVE-2023-26369","title":"CVE-2023-26369: Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-26369"],"exploited":true,"has_exploit":false,"published_at":"2023-09-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-26369","csirts_url":"https://www.csirts.com/advisory/cve-2023-26369-2544"},{"num":2545,"source_id":"cisa-kev","external_id":"CVE-2023-35674","title":"CVE-2023-35674: Android Framework Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-35674"],"exploited":true,"has_exploit":true,"published_at":"2023-09-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-35674","csirts_url":"https://www.csirts.com/advisory/cve-2023-35674-2545"},{"num":2547,"source_id":"cisa-kev","external_id":"CVE-2023-4863","title":"CVE-2023-4863: Google Chromium WebP Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-4863"],"exploited":true,"has_exploit":true,"published_at":"2023-09-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-4863","csirts_url":"https://www.csirts.com/advisory/cve-2023-4863-2547"},{"num":2546,"source_id":"cisa-kev","external_id":"CVE-2023-20269","title":"CVE-2023-20269: Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-20269"],"exploited":true,"has_exploit":false,"published_at":"2023-09-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-20269","csirts_url":"https://www.csirts.com/advisory/cve-2023-20269-2546"},{"num":87006,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-3-3-released/","title":"GitLab Patch Release: 16.3.3","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-09-12T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-3-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-3-3-87006"},{"num":2549,"source_id":"cisa-kev","external_id":"CVE-2023-36761","title":"CVE-2023-36761: Microsoft Word Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36761"],"exploited":true,"has_exploit":false,"published_at":"2023-09-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36761","csirts_url":"https://www.csirts.com/advisory/cve-2023-36761-2549"},{"num":2385,"source_id":"cisa-kev","external_id":"CVE-2023-36802","title":"CVE-2023-36802: Microsoft Streaming Service Proxy Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36802"],"exploited":true,"has_exploit":true,"published_at":"2023-09-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36802","csirts_url":"https://www.csirts.com/advisory/cve-2023-36802-2385"},{"num":87005,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-6-released/","title":"GitLab Patch Release: 16.2.6","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-09-12T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-6-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-2-6-87005"},{"num":425,"source_id":"cisa-kev","external_id":"CVE-2023-41064","title":"CVE-2023-41064: Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41064"],"exploited":true,"has_exploit":true,"published_at":"2023-09-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41064","csirts_url":"https://www.csirts.com/advisory/cve-2023-41064-425"},{"num":3190,"source_id":"cisa-kev","external_id":"CVE-2023-41061","title":"CVE-2023-41061: Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-41061"],"exploited":true,"has_exploit":false,"published_at":"2023-09-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-41061","csirts_url":"https://www.csirts.com/advisory/cve-2023-41061-3190"},{"num":87055,"source_id":"jenkins","external_id":"jenkins-advisory-2023-09-06","title":"Jenkins Security Advisory 2023-09-06","severity":"unknown","cvss":null,"cves":["CVE-2023-41930","CVE-2023-41931","CVE-2023-41932","CVE-2023-41933","CVE-2023-41934","CVE-2023-41935","CVE-2023-41936","CVE-2023-41937","CVE-2023-4777","CVE-2022-46751","CVE-2023-41938","CVE-2023-41939","CVE-2023-41940","CVE-2023-41941","CVE-2023-41942","CVE-2023-41943","CVE-2023-41944","CVE-2023-41945","CVE-2023-41946","CVE-2023-41947"],"exploited":false,"has_exploit":false,"published_at":"2023-09-06T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-09-06/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-09-06-87055"},{"num":3191,"source_id":"cisa-kev","external_id":"CVE-2023-33246","title":"CVE-2023-33246: Apache RocketMQ Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-33246"],"exploited":true,"has_exploit":true,"published_at":"2023-09-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-33246","csirts_url":"https://www.csirts.com/advisory/cve-2023-33246-3191"},{"num":87007,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-3-2-released/","title":"GitLab Patch Release: 16.3.2","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-09-05T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-3-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-3-2-87007"},{"num":87008,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-3-1-released/","title":"GitLab Security Release: 16.3.1, 16.2.5, and 16.1.5","severity":"critical","cvss":null,"cves":["CVE-2023-3915","CVE-2022-4365","CVE-2023-4378","CVE-2023-3950","CVE-2023-4630","CVE-2022-4343","CVE-2023-4638","CVE-2023-4018","CVE-2023-3205","CVE-2023-4647","CVE-2023-1279","CVE-2023-0120","CVE-2023-1555"],"exploited":false,"has_exploit":false,"published_at":"2023-08-31T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-3-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-3-1-16-2-5-and-87008"},{"num":426,"source_id":"cisa-kev","external_id":"CVE-2023-32315","title":"CVE-2023-32315: Ignite Realtime Openfire Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-32315"],"exploited":true,"has_exploit":true,"published_at":"2023-08-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-32315","csirts_url":"https://www.csirts.com/advisory/cve-2023-32315-426"},{"num":2531,"source_id":"cisa-kev","external_id":"CVE-2023-38831","title":"CVE-2023-38831: RARLAB WinRAR Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-38831"],"exploited":true,"has_exploit":true,"published_at":"2023-08-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-38831","csirts_url":"https://www.csirts.com/advisory/cve-2023-38831-2531"},{"num":2550,"source_id":"cisa-kev","external_id":"CVE-2023-38035","title":"CVE-2023-38035: Ivanti Sentry Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-38035"],"exploited":true,"has_exploit":true,"published_at":"2023-08-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-38035","csirts_url":"https://www.csirts.com/advisory/cve-2023-38035-2550"},{"num":2551,"source_id":"cisa-kev","external_id":"CVE-2023-27532","title":"CVE-2023-27532: Veeam Backup & Replication Cloud Connect Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-27532"],"exploited":true,"has_exploit":true,"published_at":"2023-08-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-27532","csirts_url":"https://www.csirts.com/advisory/cve-2023-27532-2551"},{"num":2552,"source_id":"cisa-kev","external_id":"CVE-2023-26359","title":"CVE-2023-26359: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-26359"],"exploited":true,"has_exploit":false,"published_at":"2023-08-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-26359","csirts_url":"https://www.csirts.com/advisory/cve-2023-26359-2552"},{"num":87056,"source_id":"jenkins","external_id":"jenkins-advisory-2023-08-16","title":"Jenkins Security Advisory 2023-08-16","severity":"unknown","cvss":null,"cves":["CVE-2023-40336","CVE-2023-40337","CVE-2023-40338","CVE-2023-40339","CVE-2023-40340","CVE-2023-40341","CVE-2023-4301","CVE-2023-4302","CVE-2023-4303","CVE-2023-40342","CVE-2023-40343","CVE-2023-40344","CVE-2023-40345","CVE-2023-40346","CVE-2023-40347","CVE-2023-40348","CVE-2023-40349","CVE-2023-40350","CVE-2023-40351"],"exploited":false,"has_exploit":false,"published_at":"2023-08-16T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-08-16/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-08-16-87056"},{"num":2392,"source_id":"cisa-kev","external_id":"CVE-2023-24489","title":"CVE-2023-24489: Citrix Content Collaboration ShareFile Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-24489"],"exploited":true,"has_exploit":true,"published_at":"2023-08-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-24489","csirts_url":"https://www.csirts.com/advisory/cve-2023-24489-2392"},{"num":87009,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-4-released/","title":"GitLab Patch Release: 16.2.4","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-08-11T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-4-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-2-4-87009"},{"num":2553,"source_id":"cisa-kev","external_id":"CVE-2023-38180","title":"CVE-2023-38180: Microsoft .NET Core and Visual Studio Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-38180"],"exploited":true,"has_exploit":false,"published_at":"2023-08-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-38180","csirts_url":"https://www.csirts.com/advisory/cve-2023-38180-2553"},{"num":2554,"source_id":"cisa-kev","external_id":"CVE-2017-18368","title":"CVE-2017-18368: Zyxel P660HN-T1A Routers Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-18368"],"exploited":true,"has_exploit":true,"published_at":"2023-08-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-18368","csirts_url":"https://www.csirts.com/advisory/cve-2017-18368-2554"},{"num":87011,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-3-released/","title":"GitLab Patch Release: 16.2.3","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-08-03T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-2-3-87011"},{"num":87010,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-1-4-released/","title":"GitLab Patch Release: 16.1.4","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-08-03T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-1-4-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-1-4-87010"},{"num":87012,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-2-released/","title":"GitLab Security Release: 16.2.2, 16.1.3, and 16.0.8","severity":"critical","cvss":null,"cves":["CVE-2023-3994","CVE-2023-3364","CVE-2023-3932","CVE-2023-0632","CVE-2023-3385","CVE-2023-2164","CVE-2023-4002","CVE-2023-4008","CVE-2023-3993","CVE-2023-3500","CVE-2023-3401","CVE-2023-3900","CVE-2023-2022","CVE-2023-4011","CVE-2023-1210"],"exploited":false,"has_exploit":false,"published_at":"2023-08-01T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-2-2-16-1-3-and-87012"},{"num":2555,"source_id":"cisa-kev","external_id":"CVE-2023-35081","title":"CVE-2023-35081: Ivanti Endpoint Manager Mobile (EPMM) Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-35081"],"exploited":true,"has_exploit":false,"published_at":"2023-07-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-35081","csirts_url":"https://www.csirts.com/advisory/cve-2023-35081-2555"},{"num":2228,"source_id":"cisa-kev","external_id":"CVE-2023-37580","title":"CVE-2023-37580: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-37580"],"exploited":true,"has_exploit":true,"published_at":"2023-07-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-37580","csirts_url":"https://www.csirts.com/advisory/cve-2023-37580-2228"},{"num":87057,"source_id":"jenkins","external_id":"jenkins-advisory-2023-07-26","title":"Jenkins Security Advisory 2023-07-26","severity":"unknown","cvss":null,"cves":["CVE-2023-39151","CVE-2023-39152","CVE-2023-39153","CVE-2023-3414","CVE-2023-3442","CVE-2023-39154","CVE-2023-39155","CVE-2023-39156"],"exploited":false,"has_exploit":false,"published_at":"2023-07-26T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-07-26/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-07-26-87057"},{"num":2230,"source_id":"cisa-kev","external_id":"CVE-2023-38606","title":"CVE-2023-38606: Apple Multiple Products Kernel Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-38606"],"exploited":true,"has_exploit":false,"published_at":"2023-07-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-38606","csirts_url":"https://www.csirts.com/advisory/cve-2023-38606-2230"},{"num":87013,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-1-released/","title":"GitLab Patch Release: 16.2.1","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-07-25T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-2-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-2-1-87013"},{"num":2556,"source_id":"cisa-kev","external_id":"CVE-2023-35078","title":"CVE-2023-35078: Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-35078"],"exploited":true,"has_exploit":true,"published_at":"2023-07-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-35078","csirts_url":"https://www.csirts.com/advisory/cve-2023-35078-2556"},{"num":431,"source_id":"cisa-kev","external_id":"CVE-2023-38205","title":"CVE-2023-38205: Adobe ColdFusion Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-38205"],"exploited":true,"has_exploit":true,"published_at":"2023-07-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-38205","csirts_url":"https://www.csirts.com/advisory/cve-2023-38205-431"},{"num":430,"source_id":"cisa-kev","external_id":"CVE-2023-29298","title":"CVE-2023-29298: Adobe ColdFusion Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-29298"],"exploited":true,"has_exploit":true,"published_at":"2023-07-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-29298","csirts_url":"https://www.csirts.com/advisory/cve-2023-29298-430"},{"num":1946,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-008/","title":"[Update] Vulnerability in Citrix NetScaler ADC and NetScaler Gateway (July 19, 2023)","severity":"unknown","cvss":null,"cves":["CVE-2023-3519"],"exploited":true,"has_exploit":true,"published_at":"2023-07-19T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-008/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-citrix-netscaler-1946"},{"num":2558,"source_id":"cisa-kev","external_id":"CVE-2023-3519","title":"CVE-2023-3519: Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-3519"],"exploited":true,"has_exploit":true,"published_at":"2023-07-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-3519","csirts_url":"https://www.csirts.com/advisory/cve-2023-3519-2558"},{"num":2559,"source_id":"cisa-kev","external_id":"CVE-2023-36884","title":"CVE-2023-36884: Microsoft Windows Search Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36884"],"exploited":true,"has_exploit":true,"published_at":"2023-07-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36884","csirts_url":"https://www.csirts.com/advisory/cve-2023-36884-2559"},{"num":900,"source_id":"cert-fr-alerte","external_id":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-007/","title":"[Update] Vulnerability in Zimbra Collaboration Suite (July 17, 2023)","severity":"unknown","cvss":null,"cves":["CVE-2023-37580"],"exploited":true,"has_exploit":true,"published_at":"2023-07-17T00:00:00+00:00","link":"https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-007/","csirts_url":"https://www.csirts.com/advisory/update-vulnerability-in-zimbra-900"},{"num":2564,"source_id":"cisa-kev","external_id":"CVE-2022-29303","title":"CVE-2022-29303: SolarView Compact Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-29303"],"exploited":true,"has_exploit":true,"published_at":"2023-07-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-29303","csirts_url":"https://www.csirts.com/advisory/cve-2022-29303-2564"},{"num":2565,"source_id":"cisa-kev","external_id":"CVE-2023-37450","title":"CVE-2023-37450: Apple Multiple Products WebKit Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-37450"],"exploited":true,"has_exploit":false,"published_at":"2023-07-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-37450","csirts_url":"https://www.csirts.com/advisory/cve-2023-37450-2565"},{"num":87058,"source_id":"jenkins","external_id":"jenkins-advisory-2023-07-12","title":"Jenkins Security Advisory 2023-07-12","severity":"unknown","cvss":null,"cves":["CVE-2023-37942","CVE-2023-37943","CVE-2023-37944","CVE-2023-37945","CVE-2023-37946","CVE-2023-37947","CVE-2023-37948","CVE-2023-37949","CVE-2023-37950","CVE-2023-37951","CVE-2023-37952","CVE-2023-37953","CVE-2023-37954","CVE-2023-37955","CVE-2023-37956","CVE-2023-37957","CVE-2023-37958","CVE-2023-37959","CVE-2023-37960","CVE-2023-37961","CVE-2023-37962","CVE-2023-37963","CVE-2023-37964","CVE-2023-37965"],"exploited":false,"has_exploit":false,"published_at":"2023-07-12T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-07-12/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-07-12-87058"},{"num":2568,"source_id":"cisa-kev","external_id":"CVE-2023-35311","title":"CVE-2023-35311: Microsoft Outlook Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-35311"],"exploited":true,"has_exploit":false,"published_at":"2023-07-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-35311","csirts_url":"https://www.csirts.com/advisory/cve-2023-35311-2568"},{"num":2570,"source_id":"cisa-kev","external_id":"CVE-2022-31199","title":"CVE-2022-31199: Netwrix Auditor Insecure Object Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-31199"],"exploited":true,"has_exploit":true,"published_at":"2023-07-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-31199","csirts_url":"https://www.csirts.com/advisory/cve-2022-31199-2570"},{"num":2566,"source_id":"cisa-kev","external_id":"CVE-2023-32046","title":"CVE-2023-32046: Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-32046"],"exploited":true,"has_exploit":false,"published_at":"2023-07-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-32046","csirts_url":"https://www.csirts.com/advisory/cve-2023-32046-2566"},{"num":2569,"source_id":"cisa-kev","external_id":"CVE-2023-36874","title":"CVE-2023-36874: Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-36874"],"exploited":true,"has_exploit":true,"published_at":"2023-07-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-36874","csirts_url":"https://www.csirts.com/advisory/cve-2023-36874-2569"},{"num":2567,"source_id":"cisa-kev","external_id":"CVE-2023-32049","title":"CVE-2023-32049: Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-32049"],"exploited":true,"has_exploit":false,"published_at":"2023-07-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-32049","csirts_url":"https://www.csirts.com/advisory/cve-2023-32049-2567"},{"num":1310,"source_id":"cisa-kev","external_id":"CVE-2021-29256","title":"CVE-2021-29256: Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-29256"],"exploited":true,"has_exploit":false,"published_at":"2023-07-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-29256","csirts_url":"https://www.csirts.com/advisory/cve-2021-29256-1310"},{"num":709,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/acd-the-sixth-year","title":"ACD - The Sixth Year","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-07-06T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/acd-the-sixth-year","csirts_url":"https://www.csirts.com/advisory/acd-the-sixth-year-709"},{"num":87014,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-1-2-released/","title":"GitLab Security Release: 16.1.2, 16.0.7, and 15.11.11","severity":"critical","cvss":null,"cves":["CVE-2023-3484"],"exploited":false,"has_exploit":false,"published_at":"2023-07-05T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-1-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-1-2-16-0-7-and-87014"},{"num":2585,"source_id":"cisa-kev","external_id":"CVE-2021-25395","title":"CVE-2021-25395: Samsung Mobile Devices Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25395"],"exploited":true,"has_exploit":false,"published_at":"2023-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25395","csirts_url":"https://www.csirts.com/advisory/cve-2021-25395-2585"},{"num":2572,"source_id":"cisa-kev","external_id":"CVE-2019-17621","title":"CVE-2019-17621: D-Link DIR-859 Router Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-17621"],"exploited":true,"has_exploit":true,"published_at":"2023-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-17621","csirts_url":"https://www.csirts.com/advisory/cve-2019-17621-2572"},{"num":433,"source_id":"cisa-kev","external_id":"CVE-2021-25487","title":"CVE-2021-25487: Samsung Mobile Devices Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25487"],"exploited":true,"has_exploit":false,"published_at":"2023-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25487","csirts_url":"https://www.csirts.com/advisory/cve-2021-25487-433"},{"num":2582,"source_id":"cisa-kev","external_id":"CVE-2021-25394","title":"CVE-2021-25394: Samsung Mobile Devices Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25394"],"exploited":true,"has_exploit":false,"published_at":"2023-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25394","csirts_url":"https://www.csirts.com/advisory/cve-2021-25394-2582"},{"num":2581,"source_id":"cisa-kev","external_id":"CVE-2021-25489","title":"CVE-2021-25489: Samsung Mobile Devices Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25489"],"exploited":true,"has_exploit":false,"published_at":"2023-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25489","csirts_url":"https://www.csirts.com/advisory/cve-2021-25489-2581"},{"num":87015,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-1-1-released/","title":"GitLab Security Release: 16.1.1, 16.0.6, and 15.11.10","severity":"critical","cvss":null,"cves":["CVE-2023-3424","CVE-2023-2190","CVE-2023-3444","CVE-2023-0838","CVE-2023-2620","CVE-2023-3362","CVE-2023-3102","CVE-2023-2576","CVE-2023-2200","CVE-2023-3363","CVE-2023-1936"],"exploited":false,"has_exploit":false,"published_at":"2023-06-29T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-1-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-1-1-16-0-6-and-87015"},{"num":2573,"source_id":"cisa-kev","external_id":"CVE-2019-20500","title":"CVE-2019-20500: D-Link DWL-2600AP Access Point Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-20500"],"exploited":true,"has_exploit":true,"published_at":"2023-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-20500","csirts_url":"https://www.csirts.com/advisory/cve-2019-20500-2573"},{"num":2588,"source_id":"cisa-kev","external_id":"CVE-2021-25372","title":"CVE-2021-25372: Samsung Mobile Devices Improper Boundary Check Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25372"],"exploited":true,"has_exploit":false,"published_at":"2023-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25372","csirts_url":"https://www.csirts.com/advisory/cve-2021-25372-2588"},{"num":2586,"source_id":"cisa-kev","external_id":"CVE-2021-25371","title":"CVE-2021-25371: Samsung Mobile Devices Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25371"],"exploited":true,"has_exploit":false,"published_at":"2023-06-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25371","csirts_url":"https://www.csirts.com/advisory/cve-2021-25371-2586"},{"num":2589,"source_id":"cisa-kev","external_id":"CVE-2023-32439","title":"CVE-2023-32439: Apple Multiple Products WebKit Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-32439"],"exploited":true,"has_exploit":false,"published_at":"2023-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-32439","csirts_url":"https://www.csirts.com/advisory/cve-2023-32439-2589"},{"num":2591,"source_id":"cisa-kev","external_id":"CVE-2023-27992","title":"CVE-2023-27992: Zyxel Multiple NAS Devices Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-27992"],"exploited":true,"has_exploit":false,"published_at":"2023-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-27992","csirts_url":"https://www.csirts.com/advisory/cve-2023-27992-2591"},{"num":2590,"source_id":"cisa-kev","external_id":"CVE-2023-20867","title":"CVE-2023-20867: VMware Tools Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-20867"],"exploited":true,"has_exploit":false,"published_at":"2023-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-20867","csirts_url":"https://www.csirts.com/advisory/cve-2023-20867-2590"},{"num":2508,"source_id":"cisa-kev","external_id":"CVE-2023-32434","title":"CVE-2023-32434: Apple Multiple Products Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-32434"],"exploited":true,"has_exploit":true,"published_at":"2023-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-32434","csirts_url":"https://www.csirts.com/advisory/cve-2023-32434-2508"},{"num":3226,"source_id":"cisa-kev","external_id":"CVE-2023-32435","title":"CVE-2023-32435: Apple Multiple Products WebKit Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-32435"],"exploited":true,"has_exploit":false,"published_at":"2023-06-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-32435","csirts_url":"https://www.csirts.com/advisory/cve-2023-32435-3226"},{"num":710,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/cyber-threat-report-uk-legal-sector","title":"Cyber Threat Report: UK Legal Sector","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-06-22T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/cyber-threat-report-uk-legal-sector","csirts_url":"https://www.csirts.com/advisory/cyber-threat-report-uk-legal-sector-710"},{"num":2596,"source_id":"cisa-kev","external_id":"CVE-2020-35730","title":"CVE-2020-35730: Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-35730"],"exploited":true,"has_exploit":true,"published_at":"2023-06-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-35730","csirts_url":"https://www.csirts.com/advisory/cve-2020-35730-2596"},{"num":2597,"source_id":"cisa-kev","external_id":"CVE-2020-12641","title":"CVE-2020-12641: Roundcube Webmail Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-12641"],"exploited":true,"has_exploit":true,"published_at":"2023-06-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-12641","csirts_url":"https://www.csirts.com/advisory/cve-2020-12641-2597"},{"num":2599,"source_id":"cisa-kev","external_id":"CVE-2016-0165","title":"CVE-2016-0165: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0165"],"exploited":true,"has_exploit":true,"published_at":"2023-06-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0165","csirts_url":"https://www.csirts.com/advisory/cve-2016-0165-2599"},{"num":2595,"source_id":"cisa-kev","external_id":"CVE-2023-20887","title":"CVE-2023-20887: Vmware Aria Operations for Networks Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-20887"],"exploited":true,"has_exploit":true,"published_at":"2023-06-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-20887","csirts_url":"https://www.csirts.com/advisory/cve-2023-20887-2595"},{"num":2598,"source_id":"cisa-kev","external_id":"CVE-2016-9079","title":"CVE-2016-9079: Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-9079"],"exploited":true,"has_exploit":true,"published_at":"2023-06-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-9079","csirts_url":"https://www.csirts.com/advisory/cve-2016-9079-2598"},{"num":3227,"source_id":"cisa-kev","external_id":"CVE-2021-44026","title":"CVE-2021-44026: Roundcube Webmail SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-44026"],"exploited":true,"has_exploit":true,"published_at":"2023-06-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-44026","csirts_url":"https://www.csirts.com/advisory/cve-2021-44026-3227"},{"num":87016,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-5-released/","title":"GitLab Patch Release: 16.0.5","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-06-16T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-5-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-0-5-87016"},{"num":87059,"source_id":"jenkins","external_id":"jenkins-advisory-2023-06-14","title":"Jenkins Security Advisory 2023-06-14","severity":"unknown","cvss":null,"cves":["CVE-2023-35141","CVE-2023-35142","CVE-2023-3315","CVE-2023-32261","CVE-2023-32262","CVE-2023-35143","CVE-2023-35144","CVE-2023-35145","CVE-2023-35146","CVE-2023-35147","CVE-2023-35148","CVE-2023-35149"],"exploited":false,"has_exploit":false,"published_at":"2023-06-14T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-06-14/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-06-14-87059"},{"num":2600,"source_id":"cisa-kev","external_id":"CVE-2023-27997","title":"CVE-2023-27997: Fortinet FortiOS and FortiProxy SSL-VPN Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-27997"],"exploited":true,"has_exploit":true,"published_at":"2023-06-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-27997","csirts_url":"https://www.csirts.com/advisory/cve-2023-27997-2600"},{"num":87017,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-4-released/","title":"GitLab Patch Release: 16.0.4","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-06-08T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-4-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-0-4-87017"},{"num":2601,"source_id":"cisa-kev","external_id":"CVE-2023-3079","title":"CVE-2023-3079: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-3079"],"exploited":true,"has_exploit":true,"published_at":"2023-06-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-3079","csirts_url":"https://www.csirts.com/advisory/cve-2023-3079-2601"},{"num":87018,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-3-released/","title":"GitLab Patch Release: 16.0.3","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-06-07T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-3-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-patch-release-16-0-3-87018"},{"num":3241,"source_id":"cisa-kev","external_id":"CVE-2023-33009","title":"CVE-2023-33009: Zyxel Multiple Firewalls Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-33009"],"exploited":true,"has_exploit":false,"published_at":"2023-06-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-33009","csirts_url":"https://www.csirts.com/advisory/cve-2023-33009-3241"},{"num":2602,"source_id":"cisa-kev","external_id":"CVE-2023-33010","title":"CVE-2023-33010: Zyxel Multiple Firewalls Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-33010"],"exploited":true,"has_exploit":false,"published_at":"2023-06-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-33010","csirts_url":"https://www.csirts.com/advisory/cve-2023-33010-2602"},{"num":87019,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-2-released/","title":"GitLab Security Release: 16.0.2, 15.11.7, and 15.10.8","severity":"critical","cvss":null,"cves":["CVE-2023-2442","CVE-2023-2199","CVE-2023-2198","CVE-2023-2132","CVE-2023-0121","CVE-2023-2589","CVE-2023-2015","CVE-2023-2485","CVE-2023-2001","CVE-2023-0921","CVE-2023-1204","CVE-2023-0508","CVE-2023-1825","CVE-2023-2013"],"exploited":false,"has_exploit":false,"published_at":"2023-06-05T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-2-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-security-release-16-0-2-15-11-7-87019"},{"num":2603,"source_id":"cisa-kev","external_id":"CVE-2023-34362","title":"CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-34362"],"exploited":true,"has_exploit":true,"published_at":"2023-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-34362","csirts_url":"https://www.csirts.com/advisory/cve-2023-34362-2603"},{"num":2604,"source_id":"cisa-kev","external_id":"CVE-2023-28771","title":"CVE-2023-28771: Zyxel Multiple Firewalls OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28771"],"exploited":true,"has_exploit":true,"published_at":"2023-05-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28771","csirts_url":"https://www.csirts.com/advisory/cve-2023-28771-2604"},{"num":2608,"source_id":"cisa-kev","external_id":"CVE-2023-2868","title":"CVE-2023-2868: Barracuda Networks ESG Appliance Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-2868"],"exploited":true,"has_exploit":true,"published_at":"2023-05-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-2868","csirts_url":"https://www.csirts.com/advisory/cve-2023-2868-2608"},{"num":87020,"source_id":"gitlab","external_id":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-1-released/","title":"GitLab Critical Security Release: 16.0.1","severity":"critical","cvss":null,"cves":["CVE-2023-2825"],"exploited":false,"has_exploit":false,"published_at":"2023-05-23T00:00:00+00:00","link":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-16-0-1-released/","csirts_url":"https://www.csirts.com/advisory/gitlab-critical-security-release-16-0-1-87020"},{"num":2610,"source_id":"cisa-kev","external_id":"CVE-2023-32373","title":"CVE-2023-32373: Apple Multiple Products WebKit Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-32373"],"exploited":true,"has_exploit":false,"published_at":"2023-05-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-32373","csirts_url":"https://www.csirts.com/advisory/cve-2023-32373-2610"},{"num":2244,"source_id":"cisa-kev","external_id":"CVE-2023-28204","title":"CVE-2023-28204: Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28204"],"exploited":true,"has_exploit":false,"published_at":"2023-05-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28204","csirts_url":"https://www.csirts.com/advisory/cve-2023-28204-2244"},{"num":2609,"source_id":"cisa-kev","external_id":"CVE-2023-32409","title":"CVE-2023-32409: Apple Multiple Products WebKit Sandbox Escape Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-32409"],"exploited":true,"has_exploit":false,"published_at":"2023-05-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-32409","csirts_url":"https://www.csirts.com/advisory/cve-2023-32409-2609"},{"num":2614,"source_id":"cisa-kev","external_id":"CVE-2023-21492","title":"CVE-2023-21492: Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-21492"],"exploited":true,"has_exploit":false,"published_at":"2023-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21492","csirts_url":"https://www.csirts.com/advisory/cve-2023-21492-2614"},{"num":2612,"source_id":"cisa-kev","external_id":"CVE-2016-6415","title":"CVE-2016-6415: Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-6415"],"exploited":true,"has_exploit":true,"published_at":"2023-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-6415","csirts_url":"https://www.csirts.com/advisory/cve-2016-6415-2612"},{"num":2611,"source_id":"cisa-kev","external_id":"CVE-2004-1464","title":"CVE-2004-1464: Cisco IOS Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2004-1464"],"exploited":true,"has_exploit":false,"published_at":"2023-05-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2004-1464","csirts_url":"https://www.csirts.com/advisory/cve-2004-1464-2611"},{"num":87060,"source_id":"jenkins","external_id":"jenkins-advisory-2023-05-16","title":"Jenkins Security Advisory 2023-05-16","severity":"unknown","cvss":null,"cves":["CVE-2023-32977","CVE-2023-32978","CVE-2023-32979","CVE-2023-32980","CVE-2023-32981","CVE-2023-32982","CVE-2023-32983","CVE-2023-32984","CVE-2023-32985","CVE-2023-32986","CVE-2023-32987","CVE-2023-32988","CVE-2023-32989","CVE-2023-32990","CVE-2023-32991","CVE-2023-32992","CVE-2023-32993","CVE-2023-32994","CVE-2023-32995","CVE-2023-32996","CVE-2023-32997","CVE-2023-2195","CVE-2023-2631","CVE-2023-2196","CVE-2023-2632","CVE-2023-2633","CVE-2023-32998","CVE-2023-32999","CVE-2023-33000","CVE-2023-33001","CVE-2023-33002","CVE-2023-33003","CVE-2023-33004","CVE-2023-33005","CVE-2023-33006","CVE-2023-33007"],"exploited":false,"has_exploit":false,"published_at":"2023-05-16T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-05-16/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-05-16-87060"},{"num":2618,"source_id":"cisa-kev","external_id":"CVE-2016-3427","title":"CVE-2016-3427: Oracle Java SE and JRockit Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3427"],"exploited":true,"has_exploit":true,"published_at":"2023-05-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3427","csirts_url":"https://www.csirts.com/advisory/cve-2016-3427-2618"},{"num":2615,"source_id":"cisa-kev","external_id":"CVE-2023-25717","title":"CVE-2023-25717: Multiple Ruckus Wireless Products CSRF and RCE Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-25717"],"exploited":true,"has_exploit":true,"published_at":"2023-05-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-25717","csirts_url":"https://www.csirts.com/advisory/cve-2023-25717-2615"},{"num":2616,"source_id":"cisa-kev","external_id":"CVE-2010-3904","title":"CVE-2010-3904: Linux Kernel Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-3904"],"exploited":true,"has_exploit":true,"published_at":"2023-05-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-3904","csirts_url":"https://www.csirts.com/advisory/cve-2010-3904-2616"},{"num":3257,"source_id":"cisa-kev","external_id":"CVE-2014-0196","title":"CVE-2014-0196: Linux Kernel Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-0196"],"exploited":true,"has_exploit":true,"published_at":"2023-05-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0196","csirts_url":"https://www.csirts.com/advisory/cve-2014-0196-3257"},{"num":2619,"source_id":"cisa-kev","external_id":"CVE-2016-8735","title":"CVE-2016-8735: Apache Tomcat Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-8735"],"exploited":true,"has_exploit":true,"published_at":"2023-05-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-8735","csirts_url":"https://www.csirts.com/advisory/cve-2016-8735-2619"},{"num":3256,"source_id":"cisa-kev","external_id":"CVE-2021-3560","title":"CVE-2021-3560: Red Hat Polkit Incorrect Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-3560"],"exploited":true,"has_exploit":true,"published_at":"2023-05-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-3560","csirts_url":"https://www.csirts.com/advisory/cve-2021-3560-3256"},{"num":2617,"source_id":"cisa-kev","external_id":"CVE-2015-5317","title":"CVE-2015-5317: Jenkins User Interface (UI) Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-5317"],"exploited":true,"has_exploit":false,"published_at":"2023-05-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-5317","csirts_url":"https://www.csirts.com/advisory/cve-2015-5317-2617"},{"num":2620,"source_id":"cisa-kev","external_id":"CVE-2023-29336","title":"CVE-2023-29336: Microsoft Win32K Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-29336"],"exploited":true,"has_exploit":true,"published_at":"2023-05-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-29336","csirts_url":"https://www.csirts.com/advisory/cve-2023-29336-2620"},{"num":2622,"source_id":"cisa-kev","external_id":"CVE-2021-45046","title":"CVE-2021-45046: Apache Log4j2 Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-45046"],"exploited":true,"has_exploit":true,"published_at":"2023-05-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-45046","csirts_url":"https://www.csirts.com/advisory/cve-2021-45046-2622"},{"num":2621,"source_id":"cisa-kev","external_id":"CVE-2023-1389","title":"CVE-2023-1389: TP-Link Archer AX-21 Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-1389"],"exploited":true,"has_exploit":true,"published_at":"2023-05-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-1389","csirts_url":"https://www.csirts.com/advisory/cve-2023-1389-2621"},{"num":2623,"source_id":"cisa-kev","external_id":"CVE-2023-21839","title":"CVE-2023-21839: Oracle WebLogic Server Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-21839"],"exploited":true,"has_exploit":true,"published_at":"2023-05-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21839","csirts_url":"https://www.csirts.com/advisory/cve-2023-21839-2623"},{"num":2635,"source_id":"cisa-kev","external_id":"CVE-2023-2136","title":"CVE-2023-2136: Google Chrome Skia Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-2136"],"exploited":true,"has_exploit":false,"published_at":"2023-04-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-2136","csirts_url":"https://www.csirts.com/advisory/cve-2023-2136-2635"},{"num":2625,"source_id":"cisa-kev","external_id":"CVE-2023-27350","title":"CVE-2023-27350: PaperCut MF/NG Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-27350"],"exploited":true,"has_exploit":true,"published_at":"2023-04-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-27350","csirts_url":"https://www.csirts.com/advisory/cve-2023-27350-2625"},{"num":2624,"source_id":"cisa-kev","external_id":"CVE-2023-28432","title":"CVE-2023-28432: MinIO Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28432"],"exploited":true,"has_exploit":true,"published_at":"2023-04-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28432","csirts_url":"https://www.csirts.com/advisory/cve-2023-28432-2624"},{"num":711,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/commercial-cyber-proliferation-assessment","title":"The threat from commercial cyber proliferation","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2023-04-19T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/commercial-cyber-proliferation-assessment","csirts_url":"https://www.csirts.com/advisory/the-threat-from-commercial-cyber-711"},{"num":2638,"source_id":"cisa-kev","external_id":"CVE-2017-6742","title":"CVE-2017-6742: Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6742"],"exploited":true,"has_exploit":true,"published_at":"2023-04-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6742","csirts_url":"https://www.csirts.com/advisory/cve-2017-6742-2638"},{"num":2639,"source_id":"cisa-kev","external_id":"CVE-2023-2033","title":"CVE-2023-2033: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-2033"],"exploited":true,"has_exploit":true,"published_at":"2023-04-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-2033","csirts_url":"https://www.csirts.com/advisory/cve-2023-2033-2639"},{"num":440,"source_id":"cisa-kev","external_id":"CVE-2019-8526","title":"CVE-2019-8526: Apple macOS Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-8526"],"exploited":true,"has_exploit":false,"published_at":"2023-04-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-8526","csirts_url":"https://www.csirts.com/advisory/cve-2019-8526-440"},{"num":3274,"source_id":"cisa-kev","external_id":"CVE-2023-29492","title":"CVE-2023-29492: Novi Survey Insecure Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-29492"],"exploited":true,"has_exploit":false,"published_at":"2023-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-29492","csirts_url":"https://www.csirts.com/advisory/cve-2023-29492-3274"},{"num":3272,"source_id":"cisa-kev","external_id":"CVE-2023-20963","title":"CVE-2023-20963: Android Framework Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-20963"],"exploited":true,"has_exploit":true,"published_at":"2023-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-20963","csirts_url":"https://www.csirts.com/advisory/cve-2023-20963-3272"},{"num":87061,"source_id":"jenkins","external_id":"jenkins-advisory-2023-04-12","title":"Jenkins Security Advisory 2023-04-12","severity":"unknown","cvss":null,"cves":["CVE-2023-30513","CVE-2023-30514","CVE-2023-30515","CVE-2023-30516","CVE-2023-30517","CVE-2023-30518","CVE-2023-30519","CVE-2023-30520","CVE-2023-30521","CVE-2023-30522","CVE-2023-30523","CVE-2023-30524","CVE-2023-30525","CVE-2023-30526","CVE-2023-30527","CVE-2023-30528","CVE-2023-30529","CVE-2023-30530","CVE-2023-30531","CVE-2023-30532"],"exploited":false,"has_exploit":false,"published_at":"2023-04-12T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-04-12/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-04-12-87061"},{"num":2640,"source_id":"cisa-kev","external_id":"CVE-2023-28252","title":"CVE-2023-28252: Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28252"],"exploited":true,"has_exploit":true,"published_at":"2023-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28252","csirts_url":"https://www.csirts.com/advisory/cve-2023-28252-2640"},{"num":2642,"source_id":"cisa-kev","external_id":"CVE-2023-28206","title":"CVE-2023-28206: Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28206"],"exploited":true,"has_exploit":true,"published_at":"2023-04-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28206","csirts_url":"https://www.csirts.com/advisory/cve-2023-28206-2642"},{"num":2641,"source_id":"cisa-kev","external_id":"CVE-2023-28205","title":"CVE-2023-28205: Apple Multiple Products WebKit Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-28205"],"exploited":true,"has_exploit":true,"published_at":"2023-04-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-28205","csirts_url":"https://www.csirts.com/advisory/cve-2023-28205-2641"},{"num":2646,"source_id":"cisa-kev","external_id":"CVE-2019-1388","title":"CVE-2019-1388: Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1388"],"exploited":true,"has_exploit":true,"published_at":"2023-04-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1388","csirts_url":"https://www.csirts.com/advisory/cve-2019-1388-2646"},{"num":2644,"source_id":"cisa-kev","external_id":"CVE-2021-27877","title":"CVE-2021-27877: Veritas Backup Exec Agent Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27877"],"exploited":true,"has_exploit":true,"published_at":"2023-04-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27877","csirts_url":"https://www.csirts.com/advisory/cve-2021-27877-2644"},{"num":2647,"source_id":"cisa-kev","external_id":"CVE-2023-26083","title":"CVE-2023-26083: Arm Mali GPU Kernel Driver Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-26083"],"exploited":true,"has_exploit":true,"published_at":"2023-04-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-26083","csirts_url":"https://www.csirts.com/advisory/cve-2023-26083-2647"},{"num":2643,"source_id":"cisa-kev","external_id":"CVE-2021-27876","title":"CVE-2021-27876: Veritas Backup Exec Agent File Access Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27876"],"exploited":true,"has_exploit":true,"published_at":"2023-04-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27876","csirts_url":"https://www.csirts.com/advisory/cve-2021-27876-2643"},{"num":2645,"source_id":"cisa-kev","external_id":"CVE-2021-27878","title":"CVE-2021-27878: Veritas Backup Exec Agent Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27878"],"exploited":true,"has_exploit":true,"published_at":"2023-04-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27878","csirts_url":"https://www.csirts.com/advisory/cve-2021-27878-2645"},{"num":2648,"source_id":"cisa-kev","external_id":"CVE-2022-27926","title":"CVE-2022-27926: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-27926"],"exploited":true,"has_exploit":true,"published_at":"2023-04-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-27926","csirts_url":"https://www.csirts.com/advisory/cve-2022-27926-2648"},{"num":2656,"source_id":"cisa-kev","external_id":"CVE-2022-3038","title":"CVE-2022-3038: Google Chromium Network Service Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-3038"],"exploited":true,"has_exploit":false,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-3038","csirts_url":"https://www.csirts.com/advisory/cve-2022-3038-2656"},{"num":2653,"source_id":"cisa-kev","external_id":"CVE-2022-38181","title":"CVE-2022-38181: Arm Mali GPU Kernel Driver Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-38181"],"exploited":true,"has_exploit":true,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-38181","csirts_url":"https://www.csirts.com/advisory/cve-2022-38181-2653"},{"num":2649,"source_id":"cisa-kev","external_id":"CVE-2013-3163","title":"CVE-2013-3163: Microsoft Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3163"],"exploited":true,"has_exploit":true,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3163","csirts_url":"https://www.csirts.com/advisory/cve-2013-3163-2649"},{"num":2654,"source_id":"cisa-kev","external_id":"CVE-2023-0266","title":"CVE-2023-0266: Linux Kernel Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-0266"],"exploited":true,"has_exploit":true,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-0266","csirts_url":"https://www.csirts.com/advisory/cve-2023-0266-2654"},{"num":2651,"source_id":"cisa-kev","external_id":"CVE-2022-42948","title":"CVE-2022-42948: Fortra Cobalt Strike User Interface Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-42948"],"exploited":true,"has_exploit":false,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-42948","csirts_url":"https://www.csirts.com/advisory/cve-2022-42948-2651"},{"num":2650,"source_id":"cisa-kev","external_id":"CVE-2017-7494","title":"CVE-2017-7494: Samba Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-7494"],"exploited":true,"has_exploit":true,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-7494","csirts_url":"https://www.csirts.com/advisory/cve-2017-7494-2650"},{"num":2665,"source_id":"cisa-kev","external_id":"CVE-2022-22706","title":"CVE-2022-22706: Arm Mali GPU Kernel Driver Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22706"],"exploited":true,"has_exploit":false,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22706","csirts_url":"https://www.csirts.com/advisory/cve-2022-22706-2665"},{"num":2652,"source_id":"cisa-kev","external_id":"CVE-2021-30900","title":"CVE-2021-30900: Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30900"],"exploited":true,"has_exploit":false,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30900","csirts_url":"https://www.csirts.com/advisory/cve-2021-30900-2652"},{"num":3286,"source_id":"cisa-kev","external_id":"CVE-2022-39197","title":"CVE-2022-39197: Fortra Cobalt Strike Teamserver Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-39197"],"exploited":true,"has_exploit":true,"published_at":"2023-03-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-39197","csirts_url":"https://www.csirts.com/advisory/cve-2022-39197-3286"},{"num":87062,"source_id":"jenkins","external_id":"jenkins-advisory-2023-03-21","title":"Jenkins Security Advisory 2023-03-21","severity":"unknown","cvss":null,"cves":["CVE-2023-28668","CVE-2023-28669","CVE-2023-28670","CVE-2023-28671","CVE-2023-28672","CVE-2023-28673","CVE-2023-28674","CVE-2023-28675","CVE-2023-28676","CVE-2023-28677","CVE-2023-28678","CVE-2023-28679","CVE-2023-28680","CVE-2023-28681","CVE-2023-28682","CVE-2023-28683","CVE-2023-28684","CVE-2023-28685"],"exploited":false,"has_exploit":false,"published_at":"2023-03-21T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-03-21/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-03-21-87062"},{"num":2666,"source_id":"cisa-kev","external_id":"CVE-2023-26360","title":"CVE-2023-26360: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-26360"],"exploited":true,"has_exploit":true,"published_at":"2023-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-26360","csirts_url":"https://www.csirts.com/advisory/cve-2023-26360-2666"},{"num":2667,"source_id":"cisa-kev","external_id":"CVE-2023-23397","title":"CVE-2023-23397: Microsoft Office Outlook Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-23397"],"exploited":true,"has_exploit":true,"published_at":"2023-03-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-23397","csirts_url":"https://www.csirts.com/advisory/cve-2023-23397-2667"},{"num":2668,"source_id":"cisa-kev","external_id":"CVE-2023-24880","title":"CVE-2023-24880: Microsoft Windows SmartScreen Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-24880"],"exploited":true,"has_exploit":false,"published_at":"2023-03-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-24880","csirts_url":"https://www.csirts.com/advisory/cve-2023-24880-2668"},{"num":2669,"source_id":"cisa-kev","external_id":"CVE-2022-41328","title":"CVE-2022-41328: Fortinet FortiOS Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41328"],"exploited":true,"has_exploit":false,"published_at":"2023-03-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41328","csirts_url":"https://www.csirts.com/advisory/cve-2022-41328-2669"},{"num":2671,"source_id":"cisa-kev","external_id":"CVE-2020-5741","title":"CVE-2020-5741: Plex Media Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-5741"],"exploited":true,"has_exploit":true,"published_at":"2023-03-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-5741","csirts_url":"https://www.csirts.com/advisory/cve-2020-5741-2671"},{"num":2670,"source_id":"cisa-kev","external_id":"CVE-2021-39144","title":"CVE-2021-39144: XStream Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-39144"],"exploited":true,"has_exploit":true,"published_at":"2023-03-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-39144","csirts_url":"https://www.csirts.com/advisory/cve-2021-39144-2670"},{"num":87063,"source_id":"jenkins","external_id":"jenkins-advisory-2023-03-08","title":"Jenkins Security Advisory 2023-03-08","severity":"unknown","cvss":null,"cves":["CVE-2023-27898","CVE-2023-27899","CVE-2023-24998","CVE-2023-27900","CVE-2023-27901","CVE-2023-27902","CVE-2023-27903","CVE-2023-27904","CVE-2023-27905"],"exploited":false,"has_exploit":false,"published_at":"2023-03-08T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-03-08/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-03-08-87063"},{"num":2673,"source_id":"cisa-kev","external_id":"CVE-2022-33891","title":"CVE-2022-33891: Apache Spark Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-33891"],"exploited":true,"has_exploit":true,"published_at":"2023-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-33891","csirts_url":"https://www.csirts.com/advisory/cve-2022-33891-2673"},{"num":553,"source_id":"cisa-kev","external_id":"CVE-2022-35914","title":"CVE-2022-35914: Teclib GLPI Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-35914"],"exploited":true,"has_exploit":true,"published_at":"2023-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-35914","csirts_url":"https://www.csirts.com/advisory/cve-2022-35914-553"},{"num":2672,"source_id":"cisa-kev","external_id":"CVE-2022-28810","title":"CVE-2022-28810: Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-28810"],"exploited":true,"has_exploit":true,"published_at":"2023-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-28810","csirts_url":"https://www.csirts.com/advisory/cve-2022-28810-2672"},{"num":2674,"source_id":"cisa-kev","external_id":"CVE-2022-36537","title":"CVE-2022-36537: ZK Framework AuUploader Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-36537"],"exploited":true,"has_exploit":true,"published_at":"2023-02-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-36537","csirts_url":"https://www.csirts.com/advisory/cve-2022-36537-2674"},{"num":2675,"source_id":"cisa-kev","external_id":"CVE-2022-47986","title":"CVE-2022-47986: IBM Aspera Faspex Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-47986"],"exploited":true,"has_exploit":true,"published_at":"2023-02-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-47986","csirts_url":"https://www.csirts.com/advisory/cve-2022-47986-2675"},{"num":3300,"source_id":"cisa-kev","external_id":"CVE-2022-41223","title":"CVE-2022-41223: Mitel MiVoice Connect Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41223"],"exploited":true,"has_exploit":false,"published_at":"2023-02-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41223","csirts_url":"https://www.csirts.com/advisory/cve-2022-41223-3300"},{"num":3301,"source_id":"cisa-kev","external_id":"CVE-2022-40765","title":"CVE-2022-40765: Mitel MiVoice Connect Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-40765"],"exploited":true,"has_exploit":false,"published_at":"2023-02-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-40765","csirts_url":"https://www.csirts.com/advisory/cve-2022-40765-3301"},{"num":3302,"source_id":"cisa-kev","external_id":"CVE-2022-46169","title":"CVE-2022-46169: Cacti Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-46169"],"exploited":true,"has_exploit":true,"published_at":"2023-02-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-46169","csirts_url":"https://www.csirts.com/advisory/cve-2022-46169-3302"},{"num":87064,"source_id":"jenkins","external_id":"jenkins-advisory-2023-02-15","title":"Jenkins Security Advisory 2023-02-15","severity":"unknown","cvss":null,"cves":["CVE-2023-25761","CVE-2023-25762","CVE-2023-25763","CVE-2023-25764","CVE-2023-25765","CVE-2023-25766","CVE-2023-25767","CVE-2023-25768","CVE-2023-23850","CVE-2023-23847","CVE-2023-23848"],"exploited":false,"has_exploit":false,"published_at":"2023-02-15T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-02-15/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-02-15-87064"},{"num":444,"source_id":"cisa-kev","external_id":"CVE-2023-21823","title":"CVE-2023-21823: Microsoft Windows Graphic Component Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-21823"],"exploited":true,"has_exploit":true,"published_at":"2023-02-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21823","csirts_url":"https://www.csirts.com/advisory/cve-2023-21823-444"},{"num":3303,"source_id":"cisa-kev","external_id":"CVE-2023-21715","title":"CVE-2023-21715: Microsoft Office Publisher Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-21715"],"exploited":true,"has_exploit":false,"published_at":"2023-02-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21715","csirts_url":"https://www.csirts.com/advisory/cve-2023-21715-3303"},{"num":2676,"source_id":"cisa-kev","external_id":"CVE-2023-23376","title":"CVE-2023-23376: Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-23376"],"exploited":true,"has_exploit":false,"published_at":"2023-02-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-23376","csirts_url":"https://www.csirts.com/advisory/cve-2023-23376-2676"},{"num":2677,"source_id":"cisa-kev","external_id":"CVE-2023-23529","title":"CVE-2023-23529: Apple Multiple Products WebKit Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-23529"],"exploited":true,"has_exploit":false,"published_at":"2023-02-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-23529","csirts_url":"https://www.csirts.com/advisory/cve-2023-23529-2677"},{"num":3310,"source_id":"cisa-kev","external_id":"CVE-2022-24990","title":"CVE-2022-24990: TerraMaster OS Remote Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-24990"],"exploited":true,"has_exploit":true,"published_at":"2023-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-24990","csirts_url":"https://www.csirts.com/advisory/cve-2022-24990-3310"},{"num":3311,"source_id":"cisa-kev","external_id":"CVE-2023-0669","title":"CVE-2023-0669: Fortra GoAnywhere MFT Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-0669"],"exploited":true,"has_exploit":true,"published_at":"2023-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-0669","csirts_url":"https://www.csirts.com/advisory/cve-2023-0669-3311"},{"num":451,"source_id":"cisa-kev","external_id":"CVE-2015-2291","title":"CVE-2015-2291: Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2291"],"exploited":true,"has_exploit":true,"published_at":"2023-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2291","csirts_url":"https://www.csirts.com/advisory/cve-2015-2291-451"},{"num":87065,"source_id":"jenkins","external_id":"jenkins-advisory-2023-02-09","title":"Jenkins Security Advisory 2023-02-09","severity":"unknown","cvss":null,"cves":["CVE-2022-23521","CVE-2022-41903"],"exploited":false,"has_exploit":false,"published_at":"2023-02-09T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-02-09/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-02-09-87065"},{"num":2678,"source_id":"cisa-kev","external_id":"CVE-2023-22952","title":"CVE-2023-22952: Multiple SugarCRM Products Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-22952"],"exploited":true,"has_exploit":true,"published_at":"2023-02-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-22952","csirts_url":"https://www.csirts.com/advisory/cve-2023-22952-2678"},{"num":3312,"source_id":"cisa-kev","external_id":"CVE-2022-21587","title":"CVE-2022-21587: Oracle E-Business Suite Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-21587"],"exploited":true,"has_exploit":true,"published_at":"2023-02-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-21587","csirts_url":"https://www.csirts.com/advisory/cve-2022-21587-3312"},{"num":2679,"source_id":"cisa-kev","external_id":"CVE-2017-11357","title":"CVE-2017-11357: Telerik UI for ASP.NET AJAX Insecure Direct Object Reference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-11357"],"exploited":true,"has_exploit":true,"published_at":"2023-01-26T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-11357","csirts_url":"https://www.csirts.com/advisory/cve-2017-11357-2679"},{"num":87066,"source_id":"jenkins","external_id":"jenkins-advisory-2023-01-24","title":"Jenkins Security Advisory 2023-01-24","severity":"unknown","cvss":null,"cves":["CVE-2023-24422","CVE-2023-24423","CVE-2023-24424","CVE-2023-24425","CVE-2023-24426","CVE-2023-24427","CVE-2023-24428","CVE-2023-24429","CVE-2023-24430","CVE-2023-24431","CVE-2023-24432","CVE-2023-24433","CVE-2023-24436","CVE-2023-24434","CVE-2023-24435","CVE-2023-24437","CVE-2023-24438","CVE-2023-24439","CVE-2023-24440","CVE-2023-24441","CVE-2023-24442","CVE-2023-24456","CVE-2023-24457","CVE-2023-24443","CVE-2023-24444","CVE-2023-24445","CVE-2023-24446","CVE-2023-24447","CVE-2023-24448","CVE-2023-24449","CVE-2023-24450","CVE-2023-24451","CVE-2023-24458","CVE-2023-24459","CVE-2023-24452","CVE-2023-24453","CVE-2023-24454","CVE-2023-24455"],"exploited":false,"has_exploit":false,"published_at":"2023-01-24T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2023-01-24/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2023-01-24-87066"},{"num":2682,"source_id":"cisa-kev","external_id":"CVE-2022-47966","title":"CVE-2022-47966: Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-47966"],"exploited":true,"has_exploit":true,"published_at":"2023-01-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-47966","csirts_url":"https://www.csirts.com/advisory/cve-2022-47966-2682"},{"num":2683,"source_id":"cisa-kev","external_id":"CVE-2022-44877","title":"CVE-2022-44877: CWP Control Web Panel OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-44877"],"exploited":true,"has_exploit":true,"published_at":"2023-01-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-44877","csirts_url":"https://www.csirts.com/advisory/cve-2022-44877-2683"},{"num":2685,"source_id":"cisa-kev","external_id":"CVE-2023-21674","title":"CVE-2023-21674: Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2023-21674"],"exploited":true,"has_exploit":true,"published_at":"2023-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21674","csirts_url":"https://www.csirts.com/advisory/cve-2023-21674-2685"},{"num":2684,"source_id":"cisa-kev","external_id":"CVE-2022-41080","title":"CVE-2022-41080: Microsoft Exchange Server Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41080"],"exploited":true,"has_exploit":true,"published_at":"2023-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41080","csirts_url":"https://www.csirts.com/advisory/cve-2022-41080-2684"},{"num":2686,"source_id":"cisa-kev","external_id":"CVE-2018-5430","title":"CVE-2018-5430: TIBCO JasperReports Server Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-5430"],"exploited":true,"has_exploit":true,"published_at":"2022-12-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-5430","csirts_url":"https://www.csirts.com/advisory/cve-2018-5430-2686"},{"num":2687,"source_id":"cisa-kev","external_id":"CVE-2018-18809","title":"CVE-2018-18809: TIBCO JasperReports Library Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-18809"],"exploited":true,"has_exploit":true,"published_at":"2022-12-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-18809","csirts_url":"https://www.csirts.com/advisory/cve-2018-18809-2687"},{"num":3313,"source_id":"cisa-kev","external_id":"CVE-2022-42856","title":"CVE-2022-42856: Apple iOS Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-42856"],"exploited":true,"has_exploit":false,"published_at":"2022-12-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-42856","csirts_url":"https://www.csirts.com/advisory/cve-2022-42856-3313"},{"num":2688,"source_id":"cisa-kev","external_id":"CVE-2022-42475","title":"CVE-2022-42475: Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-42475"],"exploited":true,"has_exploit":true,"published_at":"2022-12-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-42475","csirts_url":"https://www.csirts.com/advisory/cve-2022-42475-2688"},{"num":2689,"source_id":"cisa-kev","external_id":"CVE-2022-44698","title":"CVE-2022-44698: Microsoft Defender SmartScreen Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-44698"],"exploited":true,"has_exploit":false,"published_at":"2022-12-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-44698","csirts_url":"https://www.csirts.com/advisory/cve-2022-44698-2689"},{"num":2691,"source_id":"cisa-kev","external_id":"CVE-2022-26500","title":"CVE-2022-26500: Veeam Backup & Replication Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26500"],"exploited":true,"has_exploit":false,"published_at":"2022-12-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26500","csirts_url":"https://www.csirts.com/advisory/cve-2022-26500-2691"},{"num":2692,"source_id":"cisa-kev","external_id":"CVE-2022-26501","title":"CVE-2022-26501: Veeam Backup & Replication Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26501"],"exploited":true,"has_exploit":false,"published_at":"2022-12-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26501","csirts_url":"https://www.csirts.com/advisory/cve-2022-26501-2692"},{"num":2690,"source_id":"cisa-kev","external_id":"CVE-2022-27518","title":"CVE-2022-27518: Citrix Application Delivery Controller (ADC) and Gateway Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-27518"],"exploited":true,"has_exploit":true,"published_at":"2022-12-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-27518","csirts_url":"https://www.csirts.com/advisory/cve-2022-27518-2690"},{"num":87067,"source_id":"jenkins","external_id":"jenkins-advisory-2022-12-07","title":"Jenkins Security Advisory 2022-12-07","severity":"unknown","cvss":null,"cves":["CVE-2022-46682","CVE-2022-46683","CVE-2022-46684","CVE-2022-46685","CVE-2022-46686","CVE-2022-46687","CVE-2022-46688"],"exploited":false,"has_exploit":false,"published_at":"2022-12-07T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-12-07/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-12-07-87067"},{"num":2693,"source_id":"cisa-kev","external_id":"CVE-2022-4262","title":"CVE-2022-4262: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-4262"],"exploited":true,"has_exploit":true,"published_at":"2022-12-05T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-4262","csirts_url":"https://www.csirts.com/advisory/cve-2022-4262-2693"},{"num":2694,"source_id":"cisa-kev","external_id":"CVE-2021-35587","title":"CVE-2021-35587: Oracle Fusion Middleware Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-35587"],"exploited":true,"has_exploit":true,"published_at":"2022-11-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-35587","csirts_url":"https://www.csirts.com/advisory/cve-2021-35587-2694"},{"num":2695,"source_id":"cisa-kev","external_id":"CVE-2022-4135","title":"CVE-2022-4135: Google Chromium GPU Heap Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-4135"],"exploited":true,"has_exploit":false,"published_at":"2022-11-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-4135","csirts_url":"https://www.csirts.com/advisory/cve-2022-4135-2695"},{"num":87068,"source_id":"jenkins","external_id":"jenkins-advisory-2022-11-15","title":"Jenkins Security Advisory 2022-11-15","severity":"unknown","cvss":null,"cves":["CVE-2022-45379","CVE-2022-45380","CVE-2022-33980","CVE-2022-45381","CVE-2022-45382","CVE-2022-45383","CVE-2022-45384","CVE-2022-45385","CVE-2022-45392","CVE-2022-45391","CVE-2022-38666","CVE-2022-45386","CVE-2022-45387","CVE-2022-45388","CVE-2022-45389","CVE-2022-45390","CVE-2022-45393","CVE-2022-45394","CVE-2022-45395","CVE-2022-45396","CVE-2022-45397","CVE-2022-45398","CVE-2022-45399","CVE-2022-45400","CVE-2022-45401"],"exploited":false,"has_exploit":false,"published_at":"2022-11-15T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-11-15/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-11-15-87068"},{"num":2697,"source_id":"cisa-kev","external_id":"CVE-2022-41049","title":"CVE-2022-41049: Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41049"],"exploited":true,"has_exploit":false,"published_at":"2022-11-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41049","csirts_url":"https://www.csirts.com/advisory/cve-2022-41049-2697"},{"num":2701,"source_id":"cisa-kev","external_id":"CVE-2022-41128","title":"CVE-2022-41128: Microsoft Windows Scripting Languages Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41128"],"exploited":true,"has_exploit":false,"published_at":"2022-11-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41128","csirts_url":"https://www.csirts.com/advisory/cve-2022-41128-2701"},{"num":2699,"source_id":"cisa-kev","external_id":"CVE-2022-41073","title":"CVE-2022-41073: Microsoft Windows Print Spooler Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41073"],"exploited":true,"has_exploit":false,"published_at":"2022-11-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41073","csirts_url":"https://www.csirts.com/advisory/cve-2022-41073-2699"},{"num":2704,"source_id":"cisa-kev","external_id":"CVE-2021-25370","title":"CVE-2021-25370: Samsung Mobile Devices Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25370"],"exploited":true,"has_exploit":false,"published_at":"2022-11-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25370","csirts_url":"https://www.csirts.com/advisory/cve-2021-25370-2704"},{"num":2700,"source_id":"cisa-kev","external_id":"CVE-2022-41125","title":"CVE-2022-41125: Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41125"],"exploited":true,"has_exploit":false,"published_at":"2022-11-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41125","csirts_url":"https://www.csirts.com/advisory/cve-2022-41125-2700"},{"num":2698,"source_id":"cisa-kev","external_id":"CVE-2022-41091","title":"CVE-2022-41091: Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41091"],"exploited":true,"has_exploit":false,"published_at":"2022-11-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41091","csirts_url":"https://www.csirts.com/advisory/cve-2022-41091-2698"},{"num":2703,"source_id":"cisa-kev","external_id":"CVE-2021-25369","title":"CVE-2021-25369: Samsung Mobile Devices Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25369"],"exploited":true,"has_exploit":false,"published_at":"2022-11-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25369","csirts_url":"https://www.csirts.com/advisory/cve-2021-25369-2703"},{"num":2702,"source_id":"cisa-kev","external_id":"CVE-2021-25337","title":"CVE-2021-25337: Samsung Mobile Devices Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-25337"],"exploited":true,"has_exploit":true,"published_at":"2022-11-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25337","csirts_url":"https://www.csirts.com/advisory/cve-2021-25337-2702"},{"num":2705,"source_id":"cisa-kev","external_id":"CVE-2022-3723","title":"CVE-2022-3723: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-3723"],"exploited":true,"has_exploit":false,"published_at":"2022-10-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-3723","csirts_url":"https://www.csirts.com/advisory/cve-2022-3723-2705"},{"num":2706,"source_id":"cisa-kev","external_id":"CVE-2022-42827","title":"CVE-2022-42827: Apple iOS and iPadOS Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-42827"],"exploited":true,"has_exploit":false,"published_at":"2022-10-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-42827","csirts_url":"https://www.csirts.com/advisory/cve-2022-42827-2706"},{"num":2713,"source_id":"cisa-kev","external_id":"CVE-2018-19320","title":"CVE-2018-19320: GIGABYTE Multiple Products Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-19320"],"exploited":true,"has_exploit":true,"published_at":"2022-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19320","csirts_url":"https://www.csirts.com/advisory/cve-2018-19320-2713"},{"num":2708,"source_id":"cisa-kev","external_id":"CVE-2020-3153","title":"CVE-2020-3153: Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3153"],"exploited":true,"has_exploit":true,"published_at":"2022-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3153","csirts_url":"https://www.csirts.com/advisory/cve-2020-3153-2708"},{"num":2711,"source_id":"cisa-kev","external_id":"CVE-2018-19322","title":"CVE-2018-19322: GIGABYTE Multiple Products Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-19322"],"exploited":true,"has_exploit":false,"published_at":"2022-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19322","csirts_url":"https://www.csirts.com/advisory/cve-2018-19322-2711"},{"num":2707,"source_id":"cisa-kev","external_id":"CVE-2020-3433","title":"CVE-2020-3433: Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3433"],"exploited":true,"has_exploit":true,"published_at":"2022-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3433","csirts_url":"https://www.csirts.com/advisory/cve-2020-3433-2707"},{"num":2712,"source_id":"cisa-kev","external_id":"CVE-2018-19321","title":"CVE-2018-19321: GIGABYTE Multiple Products Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-19321"],"exploited":true,"has_exploit":true,"published_at":"2022-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19321","csirts_url":"https://www.csirts.com/advisory/cve-2018-19321-2712"},{"num":2709,"source_id":"cisa-kev","external_id":"CVE-2018-19323","title":"CVE-2018-19323: GIGABYTE Multiple Products Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-19323"],"exploited":true,"has_exploit":true,"published_at":"2022-10-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19323","csirts_url":"https://www.csirts.com/advisory/cve-2018-19323-2709"},{"num":2714,"source_id":"cisa-kev","external_id":"CVE-2022-41352","title":"CVE-2022-41352: Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41352"],"exploited":true,"has_exploit":true,"published_at":"2022-10-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41352","csirts_url":"https://www.csirts.com/advisory/cve-2022-41352-2714"},{"num":2715,"source_id":"cisa-kev","external_id":"CVE-2021-3493","title":"CVE-2021-3493: Linux Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-3493"],"exploited":true,"has_exploit":true,"published_at":"2022-10-20T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-3493","csirts_url":"https://www.csirts.com/advisory/cve-2021-3493-2715"},{"num":87069,"source_id":"jenkins","external_id":"jenkins-advisory-2022-10-19","title":"Jenkins Security Advisory 2022-10-19","severity":"unknown","cvss":null,"cves":["CVE-2022-43401","CVE-2022-43404","CVE-2022-43402","CVE-2022-43403","CVE-2022-43405","CVE-2022-43406","CVE-2022-43407","CVE-2022-43408","CVE-2022-43409","CVE-2022-43410","CVE-2022-43411","CVE-2022-43412","CVE-2022-43413","CVE-2022-43414","CVE-2022-43415","CVE-2022-43416","CVE-2022-43417","CVE-2022-43418","CVE-2022-43419","CVE-2022-43420","CVE-2022-43421","CVE-2022-43422","CVE-2022-43423","CVE-2022-43424","CVE-2022-43425","CVE-2017-2601","CVE-2022-43426","CVE-2022-43427","CVE-2022-43428","CVE-2022-43429","CVE-2022-43430","CVE-2022-43431","CVE-2022-43432","CVE-2022-43433","CVE-2022-43434","CVE-2022-43435"],"exploited":false,"has_exploit":false,"published_at":"2022-10-19T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-10-19/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-10-19-87069"},{"num":1359,"source_id":"cisa-kev","external_id":"CVE-2022-41033","title":"CVE-2022-41033: Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41033"],"exploited":true,"has_exploit":false,"published_at":"2022-10-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41033","csirts_url":"https://www.csirts.com/advisory/cve-2022-41033-1359"},{"num":2716,"source_id":"cisa-kev","external_id":"CVE-2022-40684","title":"CVE-2022-40684: Fortinet Multiple Products Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-40684"],"exploited":true,"has_exploit":true,"published_at":"2022-10-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-40684","csirts_url":"https://www.csirts.com/advisory/cve-2022-40684-2716"},{"num":2717,"source_id":"cisa-kev","external_id":"CVE-2022-41082","title":"CVE-2022-41082: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41082"],"exploited":true,"has_exploit":true,"published_at":"2022-09-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41082","csirts_url":"https://www.csirts.com/advisory/cve-2022-41082-2717"},{"num":2719,"source_id":"cisa-kev","external_id":"CVE-2022-36804","title":"CVE-2022-36804: Atlassian Bitbucket Server and Data Center Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-36804"],"exploited":true,"has_exploit":true,"published_at":"2022-09-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-36804","csirts_url":"https://www.csirts.com/advisory/cve-2022-36804-2719"},{"num":2718,"source_id":"cisa-kev","external_id":"CVE-2022-41040","title":"CVE-2022-41040: Microsoft Exchange Server Server-Side Request Forgery Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-41040"],"exploited":true,"has_exploit":true,"published_at":"2022-09-30T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-41040","csirts_url":"https://www.csirts.com/advisory/cve-2022-41040-2718"},{"num":2720,"source_id":"cisa-kev","external_id":"CVE-2022-3236","title":"CVE-2022-3236: Sophos Firewall Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-3236"],"exploited":true,"has_exploit":true,"published_at":"2022-09-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-3236","csirts_url":"https://www.csirts.com/advisory/cve-2022-3236-2720"},{"num":990,"source_id":"cisa-kev","external_id":"CVE-2022-35405","title":"CVE-2022-35405: Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-35405"],"exploited":true,"has_exploit":true,"published_at":"2022-09-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-35405","csirts_url":"https://www.csirts.com/advisory/cve-2022-35405-990"},{"num":87070,"source_id":"jenkins","external_id":"jenkins-advisory-2022-09-21","title":"Jenkins Security Advisory 2022-09-21","severity":"unknown","cvss":null,"cves":["CVE-2022-41224","CVE-2022-41225","CVE-2022-41226","CVE-2022-41227","CVE-2022-41228","CVE-2022-41229","CVE-2022-41230","CVE-2022-41231","CVE-2022-41232","CVE-2022-41233","CVE-2022-41234","CVE-2022-41235","CVE-2022-41236","CVE-2022-41237","CVE-2022-41238","CVE-2022-41239","CVE-2022-41240","CVE-2022-41241","CVE-2022-41242","CVE-2022-41243","CVE-2022-41244","CVE-2022-41245","CVE-2022-41246","CVE-2022-41247","CVE-2022-41248","CVE-2022-41249","CVE-2022-41250","CVE-2022-41251","CVE-2022-41252","CVE-2022-41253","CVE-2022-41254","CVE-2022-41255"],"exploited":false,"has_exploit":false,"published_at":"2022-09-21T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-09-21/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-09-21-87070"},{"num":2741,"source_id":"cisa-kev","external_id":"CVE-2013-6282","title":"CVE-2013-6282: Linux Kernel Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-6282"],"exploited":true,"has_exploit":true,"published_at":"2022-09-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-6282","csirts_url":"https://www.csirts.com/advisory/cve-2013-6282-2741"},{"num":3338,"source_id":"cisa-kev","external_id":"CVE-2013-2596","title":"CVE-2013-2596: Linux Kernel Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-2596"],"exploited":true,"has_exploit":true,"published_at":"2022-09-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-2596","csirts_url":"https://www.csirts.com/advisory/cve-2013-2596-3338"},{"num":1671,"source_id":"cisa-kev","external_id":"CVE-2022-40139","title":"CVE-2022-40139: Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-40139"],"exploited":true,"has_exploit":false,"published_at":"2022-09-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-40139","csirts_url":"https://www.csirts.com/advisory/cve-2022-40139-1671"},{"num":1127,"source_id":"cisa-kev","external_id":"CVE-2010-2568","title":"CVE-2010-2568: Microsoft Windows Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-2568"],"exploited":true,"has_exploit":true,"published_at":"2022-09-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-2568","csirts_url":"https://www.csirts.com/advisory/cve-2010-2568-1127"},{"num":3337,"source_id":"cisa-kev","external_id":"CVE-2013-2597","title":"CVE-2013-2597: Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-2597"],"exploited":true,"has_exploit":true,"published_at":"2022-09-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-2597","csirts_url":"https://www.csirts.com/advisory/cve-2013-2597-3337"},{"num":991,"source_id":"cisa-kev","external_id":"CVE-2013-2094","title":"CVE-2013-2094: Linux Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-2094"],"exploited":true,"has_exploit":true,"published_at":"2022-09-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-2094","csirts_url":"https://www.csirts.com/advisory/cve-2013-2094-991"},{"num":1128,"source_id":"cisa-kev","external_id":"CVE-2022-37969","title":"CVE-2022-37969: Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-37969"],"exploited":true,"has_exploit":true,"published_at":"2022-09-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-37969","csirts_url":"https://www.csirts.com/advisory/cve-2022-37969-1128"},{"num":3339,"source_id":"cisa-kev","external_id":"CVE-2022-32917","title":"CVE-2022-32917: Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-32917"],"exploited":true,"has_exploit":false,"published_at":"2022-09-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-32917","csirts_url":"https://www.csirts.com/advisory/cve-2022-32917-3339"},{"num":87071,"source_id":"jenkins","external_id":"jenkins-advisory-2022-09-09","title":"Jenkins Security Advisory 2022-09-09","severity":"unknown","cvss":null,"cves":["CVE-2022-2048"],"exploited":false,"has_exploit":false,"published_at":"2022-09-09T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-09-09/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-09-09-87071"},{"num":2257,"source_id":"cisa-kev","external_id":"CVE-2022-26258","title":"CVE-2022-26258: D-Link DIR-820L Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26258"],"exploited":true,"has_exploit":false,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26258","csirts_url":"https://www.csirts.com/advisory/cve-2022-26258-2257"},{"num":1129,"source_id":"cisa-kev","external_id":"CVE-2022-3075","title":"CVE-2022-3075: Google Chromium Mojo Insufficient Data Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-3075"],"exploited":true,"has_exploit":false,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-3075","csirts_url":"https://www.csirts.com/advisory/cve-2022-3075-1129"},{"num":2731,"source_id":"cisa-kev","external_id":"CVE-2011-4723","title":"CVE-2011-4723: D-Link DIR-300 Router Cleartext Storage of a Password Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-4723"],"exploited":true,"has_exploit":false,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-4723","csirts_url":"https://www.csirts.com/advisory/cve-2011-4723-2731"},{"num":2729,"source_id":"cisa-kev","external_id":"CVE-2018-13374","title":"CVE-2018-13374: Fortinet FortiOS and FortiADC Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-13374"],"exploited":true,"has_exploit":true,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-13374","csirts_url":"https://www.csirts.com/advisory/cve-2018-13374-2729"},{"num":3354,"source_id":"cisa-kev","external_id":"CVE-2022-27593","title":"CVE-2022-27593: QNAP Photo Station Externally Controlled Reference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-27593"],"exploited":true,"has_exploit":true,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-27593","csirts_url":"https://www.csirts.com/advisory/cve-2022-27593-3354"},{"num":3355,"source_id":"cisa-kev","external_id":"CVE-2020-9934","title":"CVE-2020-9934: Apple iOS, iPadOS, and macOS Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-9934"],"exploited":true,"has_exploit":true,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-9934","csirts_url":"https://www.csirts.com/advisory/cve-2020-9934-3355"},{"num":2730,"source_id":"cisa-kev","external_id":"CVE-2017-5521","title":"CVE-2017-5521: NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-5521"],"exploited":true,"has_exploit":true,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-5521","csirts_url":"https://www.csirts.com/advisory/cve-2017-5521-2730"},{"num":2732,"source_id":"cisa-kev","external_id":"CVE-2011-1823","title":"CVE-2011-1823: Android OS Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-1823"],"exploited":true,"has_exploit":false,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-1823","csirts_url":"https://www.csirts.com/advisory/cve-2011-1823-2732"},{"num":1130,"source_id":"cisa-kev","external_id":"CVE-2018-7445","title":"CVE-2018-7445: MikroTik RouterOS Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-7445"],"exploited":true,"has_exploit":true,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-7445","csirts_url":"https://www.csirts.com/advisory/cve-2018-7445-1130"},{"num":1131,"source_id":"cisa-kev","external_id":"CVE-2018-6530","title":"CVE-2018-6530: D-Link Multiple Routers OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-6530"],"exploited":true,"has_exploit":true,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-6530","csirts_url":"https://www.csirts.com/advisory/cve-2018-6530-1131"},{"num":2728,"source_id":"cisa-kev","external_id":"CVE-2018-2628","title":"CVE-2018-2628: Oracle WebLogic Server Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-2628"],"exploited":true,"has_exploit":true,"published_at":"2022-09-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-2628","csirts_url":"https://www.csirts.com/advisory/cve-2018-2628-2728"},{"num":2737,"source_id":"cisa-kev","external_id":"CVE-2020-36193","title":"CVE-2020-36193: PEAR Archive_Tar Improper Link Resolution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-36193"],"exploited":true,"has_exploit":false,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-36193","csirts_url":"https://www.csirts.com/advisory/cve-2020-36193-2737"},{"num":198,"source_id":"cisa-kev","external_id":"CVE-2022-26352","title":"CVE-2022-26352: dotCMS Unrestricted Upload of File Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26352"],"exploited":true,"has_exploit":true,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26352","csirts_url":"https://www.csirts.com/advisory/cve-2022-26352-198"},{"num":3356,"source_id":"cisa-kev","external_id":"CVE-2022-24706","title":"CVE-2022-24706: Apache CouchDB Insecure Default Initialization of Resource Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-24706"],"exploited":true,"has_exploit":true,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-24706","csirts_url":"https://www.csirts.com/advisory/cve-2022-24706-3356"},{"num":2736,"source_id":"cisa-kev","external_id":"CVE-2021-31010","title":"CVE-2021-31010: Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31010"],"exploited":true,"has_exploit":false,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31010","csirts_url":"https://www.csirts.com/advisory/cve-2021-31010-2736"},{"num":2733,"source_id":"cisa-kev","external_id":"CVE-2022-22963","title":"CVE-2022-22963: VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22963"],"exploited":true,"has_exploit":true,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22963","csirts_url":"https://www.csirts.com/advisory/cve-2022-22963-2733"},{"num":2735,"source_id":"cisa-kev","external_id":"CVE-2021-39226","title":"CVE-2021-39226: Grafana Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-39226"],"exploited":true,"has_exploit":true,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-39226","csirts_url":"https://www.csirts.com/advisory/cve-2021-39226-2735"},{"num":2289,"source_id":"cisa-kev","external_id":"CVE-2021-38406","title":"CVE-2021-38406: Delta Electronics DOPSoft 2 Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38406"],"exploited":true,"has_exploit":false,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38406","csirts_url":"https://www.csirts.com/advisory/cve-2021-38406-2289"},{"num":2742,"source_id":"cisa-kev","external_id":"CVE-2020-28949","title":"CVE-2020-28949: PEAR Archive_Tar Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-28949"],"exploited":true,"has_exploit":true,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-28949","csirts_url":"https://www.csirts.com/advisory/cve-2020-28949-2742"},{"num":2734,"source_id":"cisa-kev","external_id":"CVE-2022-2294","title":"CVE-2022-2294: WebRTC Heap Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-2294"],"exploited":true,"has_exploit":false,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-2294","csirts_url":"https://www.csirts.com/advisory/cve-2022-2294-2734"},{"num":3357,"source_id":"cisa-kev","external_id":"CVE-2022-24112","title":"CVE-2022-24112: Apache APISIX Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-24112"],"exploited":true,"has_exploit":true,"published_at":"2022-08-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-24112","csirts_url":"https://www.csirts.com/advisory/cve-2022-24112-3357"},{"num":87072,"source_id":"jenkins","external_id":"jenkins-advisory-2022-08-23","title":"Jenkins Security Advisory 2022-08-23","severity":"unknown","cvss":null,"cves":["CVE-2022-38663","CVE-2022-38664","CVE-2022-38665","CVE-2021-25738"],"exploited":false,"has_exploit":false,"published_at":"2022-08-23T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-08-23/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-08-23-87072"},{"num":2743,"source_id":"cisa-kev","external_id":"CVE-2022-0028","title":"CVE-2022-0028: Palo Alto Networks PAN-OS Reflected Amplification Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-0028"],"exploited":true,"has_exploit":false,"published_at":"2022-08-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-0028","csirts_url":"https://www.csirts.com/advisory/cve-2022-0028-2743"},{"num":2749,"source_id":"cisa-kev","external_id":"CVE-2022-22536","title":"CVE-2022-22536: SAP Multiple Products HTTP Request Smuggling Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22536"],"exploited":true,"has_exploit":true,"published_at":"2022-08-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22536","csirts_url":"https://www.csirts.com/advisory/cve-2022-22536-2749"},{"num":2754,"source_id":"cisa-kev","external_id":"CVE-2017-15944","title":"CVE-2017-15944: Palo Alto Networks PAN-OS Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-15944"],"exploited":true,"has_exploit":true,"published_at":"2022-08-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-15944","csirts_url":"https://www.csirts.com/advisory/cve-2017-15944-2754"},{"num":2753,"source_id":"cisa-kev","external_id":"CVE-2022-26923","title":"CVE-2022-26923: Microsoft Active Directory Domain Services Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26923"],"exploited":true,"has_exploit":true,"published_at":"2022-08-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26923","csirts_url":"https://www.csirts.com/advisory/cve-2022-26923-2753"},{"num":1362,"source_id":"cisa-kev","external_id":"CVE-2022-21971","title":"CVE-2022-21971: Microsoft Windows Runtime Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-21971"],"exploited":true,"has_exploit":true,"published_at":"2022-08-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-21971","csirts_url":"https://www.csirts.com/advisory/cve-2022-21971-1362"},{"num":2752,"source_id":"cisa-kev","external_id":"CVE-2022-2856","title":"CVE-2022-2856: Google Chromium Intents Insufficient Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-2856"],"exploited":true,"has_exploit":false,"published_at":"2022-08-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-2856","csirts_url":"https://www.csirts.com/advisory/cve-2022-2856-2752"},{"num":2750,"source_id":"cisa-kev","external_id":"CVE-2022-32894","title":"CVE-2022-32894: Apple iOS and macOS Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-32894"],"exploited":true,"has_exploit":false,"published_at":"2022-08-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-32894","csirts_url":"https://www.csirts.com/advisory/cve-2022-32894-2750"},{"num":2751,"source_id":"cisa-kev","external_id":"CVE-2022-32893","title":"CVE-2022-32893: Apple iOS and macOS Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-32893"],"exploited":true,"has_exploit":false,"published_at":"2022-08-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-32893","csirts_url":"https://www.csirts.com/advisory/cve-2022-32893-2751"},{"num":2755,"source_id":"cisa-kev","external_id":"CVE-2022-27925","title":"CVE-2022-27925: Synacor Zimbra Collaboration Suite (ZCS) Arbitrary File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-27925"],"exploited":true,"has_exploit":true,"published_at":"2022-08-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-27925","csirts_url":"https://www.csirts.com/advisory/cve-2022-27925-2755"},{"num":3371,"source_id":"cisa-kev","external_id":"CVE-2022-37042","title":"CVE-2022-37042: Synacor Zimbra Collaboration Suite (ZCS) Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-37042"],"exploited":true,"has_exploit":true,"published_at":"2022-08-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-37042","csirts_url":"https://www.csirts.com/advisory/cve-2022-37042-3371"},{"num":2297,"source_id":"cisa-kev","external_id":"CVE-2022-34713","title":"CVE-2022-34713: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-34713"],"exploited":true,"has_exploit":false,"published_at":"2022-08-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-34713","csirts_url":"https://www.csirts.com/advisory/cve-2022-34713-2297"},{"num":2756,"source_id":"cisa-kev","external_id":"CVE-2022-30333","title":"CVE-2022-30333: RARLAB UnRAR Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-30333"],"exploited":true,"has_exploit":true,"published_at":"2022-08-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-30333","csirts_url":"https://www.csirts.com/advisory/cve-2022-30333-2756"},{"num":2757,"source_id":"cisa-kev","external_id":"CVE-2022-27924","title":"CVE-2022-27924: Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-27924"],"exploited":true,"has_exploit":true,"published_at":"2022-08-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-27924","csirts_url":"https://www.csirts.com/advisory/cve-2022-27924-2757"},{"num":2758,"source_id":"cisa-kev","external_id":"CVE-2022-26138","title":"CVE-2022-26138: Atlassian Questions For Confluence App Hard-coded Credentials Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26138"],"exploited":true,"has_exploit":true,"published_at":"2022-07-29T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26138","csirts_url":"https://www.csirts.com/advisory/cve-2022-26138-2758"},{"num":87073,"source_id":"jenkins","external_id":"jenkins-advisory-2022-07-27","title":"Jenkins Security Advisory 2022-07-27","severity":"unknown","cvss":null,"cves":["CVE-2022-36881","CVE-2022-36882","CVE-2022-36883","CVE-2022-36884","CVE-2022-36885","CVE-2022-36886","CVE-2022-36887","CVE-2022-36888","CVE-2022-36889","CVE-2022-36890","CVE-2022-36891","CVE-2022-36892","CVE-2022-36893","CVE-2022-36894","CVE-2022-36895","CVE-2022-36896","CVE-2022-36897","CVE-2022-36898","CVE-2022-36899","CVE-2022-36900","CVE-2022-36901","CVE-2022-36902","CVE-2022-36903","CVE-2022-36904","CVE-2022-36905","CVE-2022-36906","CVE-2022-36907","CVE-2022-36908","CVE-2022-36909","CVE-2022-36910","CVE-2022-36911","CVE-2022-36912","CVE-2022-36913","CVE-2022-36914","CVE-2022-36915","CVE-2022-36916","CVE-2022-36917","CVE-2022-36918","CVE-2022-36919","CVE-2022-36920","CVE-2022-36921","CVE-2022-36922"],"exploited":false,"has_exploit":false,"published_at":"2022-07-27T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-07-27/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-07-27-87073"},{"num":475,"source_id":"cisa-kev","external_id":"CVE-2022-22047","title":"CVE-2022-22047: Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22047"],"exploited":true,"has_exploit":false,"published_at":"2022-07-12T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22047","csirts_url":"https://www.csirts.com/advisory/cve-2022-22047-475"},{"num":2759,"source_id":"cisa-kev","external_id":"CVE-2022-26925","title":"CVE-2022-26925: Microsoft Windows LSA Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26925"],"exploited":true,"has_exploit":false,"published_at":"2022-07-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26925","csirts_url":"https://www.csirts.com/advisory/cve-2022-26925-2759"},{"num":87074,"source_id":"jenkins","external_id":"jenkins-advisory-2022-06-30","title":"Jenkins Security Advisory 2022-06-30","severity":"unknown","cvss":null,"cves":["CVE-2022-34777","CVE-2022-34778","CVE-2022-34779","CVE-2022-34780","CVE-2022-34781","CVE-2022-34782","CVE-2022-34783","CVE-2022-34784","CVE-2022-34785","CVE-2022-34786","CVE-2022-34787","CVE-2022-34788","CVE-2022-34789","CVE-2022-34790","CVE-2022-34791","CVE-2017-2601","CVE-2022-34792","CVE-2022-34793","CVE-2022-34794","CVE-2022-34795","CVE-2022-34796","CVE-2022-34797","CVE-2022-34798","CVE-2022-34799","CVE-2022-34800","CVE-2022-34801","CVE-2022-34802","CVE-2022-34803","CVE-2022-34804","CVE-2022-34805","CVE-2022-34806","CVE-2022-34807","CVE-2022-34808","CVE-2022-34809","CVE-2022-34810","CVE-2022-34811","CVE-2022-34812","CVE-2022-34813","CVE-2022-34814","CVE-2022-34815","CVE-2022-34816","CVE-2022-34817","CVE-2022-34818"],"exploited":false,"has_exploit":false,"published_at":"2022-06-30T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-06-30/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-06-30-87074"},{"num":2761,"source_id":"cisa-kev","external_id":"CVE-2021-30533","title":"CVE-2021-30533: Google Chromium PopupBlocker Security Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30533"],"exploited":true,"has_exploit":false,"published_at":"2022-06-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30533","csirts_url":"https://www.csirts.com/advisory/cve-2021-30533-2761"},{"num":2763,"source_id":"cisa-kev","external_id":"CVE-2021-4034","title":"CVE-2021-4034: Red Hat Polkit Out-of-Bounds Read and Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-4034"],"exploited":true,"has_exploit":true,"published_at":"2022-06-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-4034","csirts_url":"https://www.csirts.com/advisory/cve-2021-4034-2763"},{"num":2782,"source_id":"cisa-kev","external_id":"CVE-2020-9907","title":"CVE-2020-9907: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-9907"],"exploited":true,"has_exploit":false,"published_at":"2022-06-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-9907","csirts_url":"https://www.csirts.com/advisory/cve-2020-9907-2782"},{"num":2781,"source_id":"cisa-kev","external_id":"CVE-2020-3837","title":"CVE-2020-3837: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3837"],"exploited":true,"has_exploit":true,"published_at":"2022-06-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3837","csirts_url":"https://www.csirts.com/advisory/cve-2020-3837-2781"},{"num":2760,"source_id":"cisa-kev","external_id":"CVE-2022-29499","title":"CVE-2022-29499: Mitel MiVoice Connect Data Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-29499"],"exploited":true,"has_exploit":false,"published_at":"2022-06-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-29499","csirts_url":"https://www.csirts.com/advisory/cve-2022-29499-2760"},{"num":1379,"source_id":"cisa-kev","external_id":"CVE-2018-4344","title":"CVE-2018-4344: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-4344"],"exploited":true,"has_exploit":false,"published_at":"2022-06-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-4344","csirts_url":"https://www.csirts.com/advisory/cve-2018-4344-1379"},{"num":2780,"source_id":"cisa-kev","external_id":"CVE-2021-30983","title":"CVE-2021-30983: Apple iOS and iPadOS Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30983"],"exploited":true,"has_exploit":false,"published_at":"2022-06-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30983","csirts_url":"https://www.csirts.com/advisory/cve-2021-30983-2780"},{"num":2783,"source_id":"cisa-kev","external_id":"CVE-2019-8605","title":"CVE-2019-8605: Apple Multiple Products Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-8605"],"exploited":true,"has_exploit":true,"published_at":"2022-06-27T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-8605","csirts_url":"https://www.csirts.com/advisory/cve-2019-8605-2783"},{"num":87075,"source_id":"jenkins","external_id":"jenkins-advisory-2022-06-22","title":"Jenkins Security Advisory 2022-06-22","severity":"unknown","cvss":null,"cves":["CVE-2022-34170","CVE-2022-34171","CVE-2022-34172","CVE-2022-34173","CVE-2022-34174","CVE-2022-34175","CVE-2022-34176","CVE-2022-34177","CVE-2022-34178","CVE-2022-34179","CVE-2022-34180","CVE-2022-34181","CVE-2022-34182","CVE-2022-34183","CVE-2022-34184","CVE-2022-34185","CVE-2022-34186","CVE-2022-34187","CVE-2022-34188","CVE-2022-34189","CVE-2022-34190","CVE-2022-34191","CVE-2022-34192","CVE-2022-34193","CVE-2022-34194","CVE-2022-34195","CVE-2022-34196","CVE-2022-34197","CVE-2022-34198","CVE-2017-2601","CVE-2022-34199","CVE-2022-34200","CVE-2022-34201","CVE-2022-34202","CVE-2022-34203","CVE-2022-34204","CVE-2022-34205","CVE-2022-34206","CVE-2022-34207","CVE-2022-34208","CVE-2022-34209","CVE-2022-34210","CVE-2022-34211","CVE-2022-34212","CVE-2022-34213"],"exploited":false,"has_exploit":false,"published_at":"2022-06-22T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-06-22/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-06-22-87075"},{"num":2308,"source_id":"cisa-kev","external_id":"CVE-2022-30190","title":"CVE-2022-30190: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-30190"],"exploited":true,"has_exploit":true,"published_at":"2022-06-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-30190","csirts_url":"https://www.csirts.com/advisory/cve-2022-30190-2308"},{"num":2309,"source_id":"cisa-kev","external_id":"CVE-2021-38163","title":"CVE-2021-38163: SAP NetWeaver Unrestricted File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38163"],"exploited":true,"has_exploit":true,"published_at":"2022-06-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38163","csirts_url":"https://www.csirts.com/advisory/cve-2021-38163-2309"},{"num":2784,"source_id":"cisa-kev","external_id":"CVE-2016-2386","title":"CVE-2016-2386: SAP NetWeaver SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-2386"],"exploited":true,"has_exploit":true,"published_at":"2022-06-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-2386","csirts_url":"https://www.csirts.com/advisory/cve-2016-2386-2784"},{"num":2785,"source_id":"cisa-kev","external_id":"CVE-2016-2388","title":"CVE-2016-2388: SAP NetWeaver Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-2388"],"exploited":true,"has_exploit":true,"published_at":"2022-06-09T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-2388","csirts_url":"https://www.csirts.com/advisory/cve-2016-2388-2785"},{"num":3386,"source_id":"cisa-kev","external_id":"CVE-2019-7192","title":"CVE-2019-7192: QNAP Photo Station Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7192"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7192","csirts_url":"https://www.csirts.com/advisory/cve-2019-7192-3386"},{"num":3387,"source_id":"cisa-kev","external_id":"CVE-2019-15271","title":"CVE-2019-15271: Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-15271"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-15271","csirts_url":"https://www.csirts.com/advisory/cve-2019-15271-3387"},{"num":2791,"source_id":"cisa-kev","external_id":"CVE-2018-17463","title":"CVE-2018-17463: Google Chromium V8 Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-17463"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-17463","csirts_url":"https://www.csirts.com/advisory/cve-2018-17463-2791"},{"num":2468,"source_id":"cisa-kev","external_id":"CVE-2008-0655","title":"CVE-2008-0655: Adobe Acrobat and Reader Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2008-0655"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2008-0655","csirts_url":"https://www.csirts.com/advisory/cve-2008-0655-2468"},{"num":2795,"source_id":"cisa-kev","external_id":"CVE-2016-5198","title":"CVE-2016-5198: Google Chromium V8 Out-of-Bounds Memory Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-5198"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-5198","csirts_url":"https://www.csirts.com/advisory/cve-2016-5198-2795"},{"num":2327,"source_id":"cisa-kev","external_id":"CVE-2013-1331","title":"CVE-2013-1331: Microsoft Office Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-1331"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-1331","csirts_url":"https://www.csirts.com/advisory/cve-2013-1331-2327"},{"num":2793,"source_id":"cisa-kev","external_id":"CVE-2017-5070","title":"CVE-2017-5070: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-5070"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-5070","csirts_url":"https://www.csirts.com/advisory/cve-2017-5070-2793"},{"num":478,"source_id":"cisa-kev","external_id":"CVE-2012-4969","title":"CVE-2012-4969: Microsoft Internet Explorer Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-4969"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-4969","csirts_url":"https://www.csirts.com/advisory/cve-2012-4969-478"},{"num":2802,"source_id":"cisa-kev","external_id":"CVE-2010-2572","title":"CVE-2010-2572: Microsoft PowerPoint Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-2572"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-2572","csirts_url":"https://www.csirts.com/advisory/cve-2010-2572-2802"},{"num":3399,"source_id":"cisa-kev","external_id":"CVE-2012-0754","title":"CVE-2012-0754: Adobe Flash Player Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-0754"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-0754","csirts_url":"https://www.csirts.com/advisory/cve-2012-0754-3399"},{"num":2320,"source_id":"cisa-kev","external_id":"CVE-2019-5825","title":"CVE-2019-5825: Google Chromium V8 Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-5825"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-5825","csirts_url":"https://www.csirts.com/advisory/cve-2019-5825-2320"},{"num":2794,"source_id":"cisa-kev","external_id":"CVE-2017-5030","title":"CVE-2017-5030: Google Chromium V8 Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-5030"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-5030","csirts_url":"https://www.csirts.com/advisory/cve-2017-5030-2794"},{"num":3388,"source_id":"cisa-kev","external_id":"CVE-2018-6065","title":"CVE-2018-6065: Google Chromium V8 Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-6065"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-6065","csirts_url":"https://www.csirts.com/advisory/cve-2018-6065-3388"},{"num":2808,"source_id":"cisa-kev","external_id":"CVE-2007-5659","title":"CVE-2007-5659: Adobe Acrobat and Reader Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2007-5659"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2007-5659","csirts_url":"https://www.csirts.com/advisory/cve-2007-5659-2808"},{"num":2803,"source_id":"cisa-kev","external_id":"CVE-2010-1297","title":"CVE-2010-1297: Adobe Flash Player Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-1297"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-1297","csirts_url":"https://www.csirts.com/advisory/cve-2010-1297-2803"},{"num":2807,"source_id":"cisa-kev","external_id":"CVE-2009-0557","title":"CVE-2009-0557: Microsoft Office Object Record Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-0557"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-0557","csirts_url":"https://www.csirts.com/advisory/cve-2009-0557-2807"},{"num":2805,"source_id":"cisa-kev","external_id":"CVE-2009-3953","title":"CVE-2009-3953: Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-3953"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-3953","csirts_url":"https://www.csirts.com/advisory/cve-2009-3953-2805"},{"num":2337,"source_id":"cisa-kev","external_id":"CVE-2009-0563","title":"CVE-2009-0563: Microsoft Office Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-0563"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-0563","csirts_url":"https://www.csirts.com/advisory/cve-2009-0563-2337"},{"num":2800,"source_id":"cisa-kev","external_id":"CVE-2011-2462","title":"CVE-2011-2462: Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-2462"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-2462","csirts_url":"https://www.csirts.com/advisory/cve-2011-2462-2800"},{"num":2806,"source_id":"cisa-kev","external_id":"CVE-2009-1862","title":"CVE-2009-1862: Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-1862"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-1862","csirts_url":"https://www.csirts.com/advisory/cve-2009-1862-2806"},{"num":2809,"source_id":"cisa-kev","external_id":"CVE-2006-2492","title":"CVE-2006-2492: Microsoft Word Malformed Object Pointer Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2006-2492"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2006-2492","csirts_url":"https://www.csirts.com/advisory/cve-2006-2492-2809"},{"num":2797,"source_id":"cisa-kev","external_id":"CVE-2012-1889","title":"CVE-2012-1889: Microsoft XML Core Services Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-1889"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-1889","csirts_url":"https://www.csirts.com/advisory/cve-2012-1889-2797"},{"num":2799,"source_id":"cisa-kev","external_id":"CVE-2012-0151","title":"CVE-2012-0151: Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-0151"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-0151","csirts_url":"https://www.csirts.com/advisory/cve-2012-0151-2799"},{"num":1387,"source_id":"cisa-kev","external_id":"CVE-2012-5054","title":"CVE-2012-5054: Adobe Flash Player Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-5054"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-5054","csirts_url":"https://www.csirts.com/advisory/cve-2012-5054-1387"},{"num":2786,"source_id":"cisa-kev","external_id":"CVE-2019-7195","title":"CVE-2019-7195: QNAP Photo Station Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7195"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7195","csirts_url":"https://www.csirts.com/advisory/cve-2019-7195-2786"},{"num":2574,"source_id":"cisa-kev","external_id":"CVE-2011-0609","title":"CVE-2011-0609: Adobe Flash Player Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-0609"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-0609","csirts_url":"https://www.csirts.com/advisory/cve-2011-0609-2574"},{"num":2790,"source_id":"cisa-kev","external_id":"CVE-2018-17480","title":"CVE-2018-17480: Google Chromium V8 Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-17480"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-17480","csirts_url":"https://www.csirts.com/advisory/cve-2018-17480-2790"},{"num":2789,"source_id":"cisa-kev","external_id":"CVE-2018-4990","title":"CVE-2018-4990: Adobe Acrobat and Reader Double Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-4990"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-4990","csirts_url":"https://www.csirts.com/advisory/cve-2018-4990-2789"},{"num":2792,"source_id":"cisa-kev","external_id":"CVE-2017-6862","title":"CVE-2017-6862: NETGEAR Multiple Devices Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6862"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6862","csirts_url":"https://www.csirts.com/advisory/cve-2017-6862-2792"},{"num":2804,"source_id":"cisa-kev","external_id":"CVE-2009-4324","title":"CVE-2009-4324: Adobe Acrobat and Reader Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-4324"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-4324","csirts_url":"https://www.csirts.com/advisory/cve-2009-4324-2804"},{"num":2796,"source_id":"cisa-kev","external_id":"CVE-2016-1646","title":"CVE-2016-1646: Google Chromium V8 Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-1646"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-1646","csirts_url":"https://www.csirts.com/advisory/cve-2016-1646-2796"},{"num":2798,"source_id":"cisa-kev","external_id":"CVE-2012-0767","title":"CVE-2012-0767: Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-0767"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-0767","csirts_url":"https://www.csirts.com/advisory/cve-2012-0767-2798"},{"num":2788,"source_id":"cisa-kev","external_id":"CVE-2019-7193","title":"CVE-2019-7193: QNAP QTS Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7193"],"exploited":true,"has_exploit":false,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7193","csirts_url":"https://www.csirts.com/advisory/cve-2019-7193-2788"},{"num":2801,"source_id":"cisa-kev","external_id":"CVE-2010-2883","title":"CVE-2010-2883: Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-2883"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-2883","csirts_url":"https://www.csirts.com/advisory/cve-2010-2883-2801"},{"num":2787,"source_id":"cisa-kev","external_id":"CVE-2019-7194","title":"CVE-2019-7194: QNAP Photo Station Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7194"],"exploited":true,"has_exploit":true,"published_at":"2022-06-08T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7194","csirts_url":"https://www.csirts.com/advisory/cve-2019-7194-2787"},{"num":2810,"source_id":"cisa-kev","external_id":"CVE-2022-26134","title":"CVE-2022-26134: Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26134"],"exploited":true,"has_exploit":true,"published_at":"2022-06-02T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26134","csirts_url":"https://www.csirts.com/advisory/cve-2022-26134-2810"},{"num":2837,"source_id":"cisa-kev","external_id":"CVE-2014-4077","title":"CVE-2014-4077: Microsoft IME Japanese Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-4077"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-4077","csirts_url":"https://www.csirts.com/advisory/cve-2014-4077-2837"},{"num":482,"source_id":"cisa-kev","external_id":"CVE-2015-6175","title":"CVE-2015-6175: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-6175"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-6175","csirts_url":"https://www.csirts.com/advisory/cve-2015-6175-482"},{"num":2819,"source_id":"cisa-kev","external_id":"CVE-2015-0310","title":"CVE-2015-0310: Adobe Flash Player ASLR Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-0310"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-0310","csirts_url":"https://www.csirts.com/advisory/cve-2015-0310-2819"},{"num":2811,"source_id":"cisa-kev","external_id":"CVE-2019-3010","title":"CVE-2019-3010: Oracle Solaris Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-3010"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-3010","csirts_url":"https://www.csirts.com/advisory/cve-2019-3010-2811"},{"num":2816,"source_id":"cisa-kev","external_id":"CVE-2016-1010","title":"CVE-2016-1010: Adobe Flash Player and AIR Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-1010"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-1010","csirts_url":"https://www.csirts.com/advisory/cve-2016-1010-2816"},{"num":2823,"source_id":"cisa-kev","external_id":"CVE-2015-2425","title":"CVE-2015-2425: Microsoft Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2425"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2425","csirts_url":"https://www.csirts.com/advisory/cve-2015-2425-2823"},{"num":2825,"source_id":"cisa-kev","external_id":"CVE-2015-8651","title":"CVE-2015-8651: Adobe Flash Player Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-8651"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-8651","csirts_url":"https://www.csirts.com/advisory/cve-2015-8651-2825"},{"num":484,"source_id":"cisa-kev","external_id":"CVE-2015-1671","title":"CVE-2015-1671: Microsoft Windows Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1671"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1671","csirts_url":"https://www.csirts.com/advisory/cve-2015-1671-484"},{"num":2835,"source_id":"cisa-kev","external_id":"CVE-2014-0546","title":"CVE-2014-0546: Adobe Reader and Acrobat Sandbox Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-0546"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0546","csirts_url":"https://www.csirts.com/advisory/cve-2014-0546-2835"},{"num":2838,"source_id":"cisa-kev","external_id":"CVE-2014-3153","title":"CVE-2014-3153: Linux Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-3153"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-3153","csirts_url":"https://www.csirts.com/advisory/cve-2014-3153-2838"},{"num":2840,"source_id":"cisa-kev","external_id":"CVE-2013-3993","title":"CVE-2013-3993: IBM InfoSphere BigInsights Invalid Input Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3993"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3993","csirts_url":"https://www.csirts.com/advisory/cve-2013-3993-2840"},{"num":3426,"source_id":"cisa-kev","external_id":"CVE-2013-3896","title":"CVE-2013-3896: Microsoft Silverlight Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3896"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3896","csirts_url":"https://www.csirts.com/advisory/cve-2013-3896-3426"},{"num":2842,"source_id":"cisa-kev","external_id":"CVE-2013-0074","title":"CVE-2013-0074: Microsoft Silverlight Double Dereference Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0074"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0074","csirts_url":"https://www.csirts.com/advisory/cve-2013-0074-2842"},{"num":2843,"source_id":"cisa-kev","external_id":"CVE-2012-1710","title":"CVE-2012-1710: Oracle Fusion Middleware Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-1710"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-1710","csirts_url":"https://www.csirts.com/advisory/cve-2012-1710-2843"},{"num":2853,"source_id":"cisa-kev","external_id":"CVE-2010-0840","title":"CVE-2010-0840: Oracle JRE Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-0840"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-0840","csirts_url":"https://www.csirts.com/advisory/cve-2010-0840-2853"},{"num":2854,"source_id":"cisa-kev","external_id":"CVE-2010-0738","title":"CVE-2010-0738: Red Hat JBoss Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-0738"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-0738","csirts_url":"https://www.csirts.com/advisory/cve-2010-0738-2854"},{"num":2821,"source_id":"cisa-kev","external_id":"CVE-2015-0071","title":"CVE-2015-0071: Microsoft Internet Explorer ASLR Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-0071"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-0071","csirts_url":"https://www.csirts.com/advisory/cve-2015-0071-2821"},{"num":2348,"source_id":"cisa-kev","external_id":"CVE-2015-1769","title":"CVE-2015-1769: Microsoft Windows Mount Manager Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1769"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1769","csirts_url":"https://www.csirts.com/advisory/cve-2015-1769-2348"},{"num":2836,"source_id":"cisa-kev","external_id":"CVE-2014-2817","title":"CVE-2014-2817: Microsoft Internet Explorer Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-2817"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-2817","csirts_url":"https://www.csirts.com/advisory/cve-2014-2817-2836"},{"num":2841,"source_id":"cisa-kev","external_id":"CVE-2013-0422","title":"CVE-2013-0422: Oracle JRE Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0422"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0422","csirts_url":"https://www.csirts.com/advisory/cve-2013-0422-2841"},{"num":2826,"source_id":"cisa-kev","external_id":"CVE-2014-4148","title":"CVE-2014-4148: Microsoft Windows Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-4148"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-4148","csirts_url":"https://www.csirts.com/advisory/cve-2014-4148-2826"},{"num":2839,"source_id":"cisa-kev","external_id":"CVE-2013-7331","title":"CVE-2013-7331: Microsoft Internet Explorer Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-7331"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-7331","csirts_url":"https://www.csirts.com/advisory/cve-2013-7331-2839"},{"num":2817,"source_id":"cisa-kev","external_id":"CVE-2016-0984","title":"CVE-2016-0984: Adobe Flash Player and AIR Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0984"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0984","csirts_url":"https://www.csirts.com/advisory/cve-2016-0984-2817"},{"num":2818,"source_id":"cisa-kev","external_id":"CVE-2016-0034","title":"CVE-2016-0034: Microsoft Silverlight Runtime Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0034"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0034","csirts_url":"https://www.csirts.com/advisory/cve-2016-0034-2818"},{"num":2815,"source_id":"cisa-kev","external_id":"CVE-2016-7256","title":"CVE-2016-7256: Microsoft Windows Open Type Font Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7256"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7256","csirts_url":"https://www.csirts.com/advisory/cve-2016-7256-2815"},{"num":2828,"source_id":"cisa-kev","external_id":"CVE-2014-4123","title":"CVE-2014-4123: Microsoft Internet Explorer Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-4123"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-4123","csirts_url":"https://www.csirts.com/advisory/cve-2014-4123-2828"},{"num":2824,"source_id":"cisa-kev","external_id":"CVE-2015-4495","title":"CVE-2015-4495: Mozilla Firefox Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-4495"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-4495","csirts_url":"https://www.csirts.com/advisory/cve-2015-4495-2824"},{"num":2822,"source_id":"cisa-kev","external_id":"CVE-2015-2360","title":"CVE-2015-2360: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2360"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2360","csirts_url":"https://www.csirts.com/advisory/cve-2015-2360-2822"},{"num":2827,"source_id":"cisa-kev","external_id":"CVE-2014-8439","title":"CVE-2014-8439: Adobe Flash Player Dereferenced Pointer Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-8439"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-8439","csirts_url":"https://www.csirts.com/advisory/cve-2014-8439-2827"},{"num":2812,"source_id":"cisa-kev","external_id":"CVE-2016-3393","title":"CVE-2016-3393: Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3393"],"exploited":true,"has_exploit":false,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3393","csirts_url":"https://www.csirts.com/advisory/cve-2016-3393-2812"},{"num":3428,"source_id":"cisa-kev","external_id":"CVE-2013-0431","title":"CVE-2013-0431: Oracle JRE Sandbox Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0431"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0431","csirts_url":"https://www.csirts.com/advisory/cve-2013-0431-3428"},{"num":2820,"source_id":"cisa-kev","external_id":"CVE-2015-0016","title":"CVE-2015-0016: Microsoft Windows TS WebProxy Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-0016"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-0016","csirts_url":"https://www.csirts.com/advisory/cve-2015-0016-2820"},{"num":2852,"source_id":"cisa-kev","external_id":"CVE-2010-1428","title":"CVE-2010-1428: Red Hat JBoss Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-1428"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-1428","csirts_url":"https://www.csirts.com/advisory/cve-2010-1428-2852"},{"num":3427,"source_id":"cisa-kev","external_id":"CVE-2013-2423","title":"CVE-2013-2423: Oracle JRE Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-2423"],"exploited":true,"has_exploit":true,"published_at":"2022-05-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-2423","csirts_url":"https://www.csirts.com/advisory/cve-2013-2423-3427"},{"num":600,"source_id":"cisa-kev","external_id":"CVE-2016-4655","title":"CVE-2016-4655: Apple iOS Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-4655"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-4655","csirts_url":"https://www.csirts.com/advisory/cve-2016-4655-600"},{"num":3438,"source_id":"cisa-kev","external_id":"CVE-2018-19943","title":"CVE-2018-19943: QNAP NAS File Station Cross-Site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-19943"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19943","csirts_url":"https://www.csirts.com/advisory/cve-2018-19943-3438"},{"num":2859,"source_id":"cisa-kev","external_id":"CVE-2017-8291","title":"CVE-2017-8291: Artifex Ghostscript Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-8291"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-8291","csirts_url":"https://www.csirts.com/advisory/cve-2017-8291-2859"},{"num":2857,"source_id":"cisa-kev","external_id":"CVE-2017-0149","title":"CVE-2017-0149: Microsoft Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0149"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0149","csirts_url":"https://www.csirts.com/advisory/cve-2017-0149-2857"},{"num":3429,"source_id":"cisa-kev","external_id":"CVE-2018-19953","title":"CVE-2018-19953: QNAP NAS File Station Cross-Site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-19953"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19953","csirts_url":"https://www.csirts.com/advisory/cve-2018-19953-3429"},{"num":598,"source_id":"cisa-kev","external_id":"CVE-2016-0162","title":"CVE-2016-0162: Microsoft Internet Explorer Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0162"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0162","csirts_url":"https://www.csirts.com/advisory/cve-2016-0162-598"},{"num":2865,"source_id":"cisa-kev","external_id":"CVE-2016-3298","title":"CVE-2016-3298: Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3298"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3298","csirts_url":"https://www.csirts.com/advisory/cve-2016-3298-2865"},{"num":2856,"source_id":"cisa-kev","external_id":"CVE-2017-0005","title":"CVE-2017-0005: Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0005"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0005","csirts_url":"https://www.csirts.com/advisory/cve-2017-0005-2856"},{"num":2861,"source_id":"cisa-kev","external_id":"CVE-2016-4656","title":"CVE-2016-4656: Apple iOS Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-4656"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-4656","csirts_url":"https://www.csirts.com/advisory/cve-2016-4656-2861"},{"num":2860,"source_id":"cisa-kev","external_id":"CVE-2017-18362","title":"CVE-2017-18362: Kaseya VSA SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-18362"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-18362","csirts_url":"https://www.csirts.com/advisory/cve-2017-18362-2860"},{"num":589,"source_id":"cisa-kev","external_id":"CVE-2018-8611","title":"CVE-2018-8611: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8611"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8611","csirts_url":"https://www.csirts.com/advisory/cve-2018-8611-589"},{"num":2864,"source_id":"cisa-kev","external_id":"CVE-2016-6367","title":"CVE-2016-6367: Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-6367"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-6367","csirts_url":"https://www.csirts.com/advisory/cve-2016-6367-2864"},{"num":2367,"source_id":"cisa-kev","external_id":"CVE-2017-8543","title":"CVE-2017-8543: Microsoft Windows Search Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-8543"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-8543","csirts_url":"https://www.csirts.com/advisory/cve-2017-8543-2367"},{"num":2858,"source_id":"cisa-kev","external_id":"CVE-2017-0210","title":"CVE-2017-0210: Microsoft Internet Explorer Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0210"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0210","csirts_url":"https://www.csirts.com/advisory/cve-2017-0210-2858"},{"num":2863,"source_id":"cisa-kev","external_id":"CVE-2016-6366","title":"CVE-2016-6366: Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-6366"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-6366","csirts_url":"https://www.csirts.com/advisory/cve-2016-6366-2863"},{"num":2855,"source_id":"cisa-kev","external_id":"CVE-2017-0022","title":"CVE-2017-0022: Microsoft XML Core Services Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0022"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0022","csirts_url":"https://www.csirts.com/advisory/cve-2017-0022-2855"},{"num":2862,"source_id":"cisa-kev","external_id":"CVE-2016-4657","title":"CVE-2016-4657: Apple iOS Webkit Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-4657"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-4657","csirts_url":"https://www.csirts.com/advisory/cve-2016-4657-2862"},{"num":599,"source_id":"cisa-kev","external_id":"CVE-2016-3351","title":"CVE-2016-3351: Microsoft Internet Explorer and Edge Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3351"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3351","csirts_url":"https://www.csirts.com/advisory/cve-2016-3351-599"},{"num":3430,"source_id":"cisa-kev","external_id":"CVE-2018-19949","title":"CVE-2018-19949: QNAP NAS File Station Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-19949"],"exploited":true,"has_exploit":false,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-19949","csirts_url":"https://www.csirts.com/advisory/cve-2018-19949-3430"},{"num":3439,"source_id":"cisa-kev","external_id":"CVE-2017-0147","title":"CVE-2017-0147: Microsoft Windows SMBv1 Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0147"],"exploited":true,"has_exploit":true,"published_at":"2022-05-24T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0147","csirts_url":"https://www.csirts.com/advisory/cve-2017-0147-3439"},{"num":2879,"source_id":"cisa-kev","external_id":"CVE-2019-11707","title":"CVE-2019-11707: Mozilla Firefox and Thunderbird Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11707"],"exploited":true,"has_exploit":true,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11707","csirts_url":"https://www.csirts.com/advisory/cve-2019-11707-2879"},{"num":2877,"source_id":"cisa-kev","external_id":"CVE-2019-0880","title":"CVE-2019-0880: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0880"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0880","csirts_url":"https://www.csirts.com/advisory/cve-2019-0880-2877"},{"num":2869,"source_id":"cisa-kev","external_id":"CVE-2020-0638","title":"CVE-2020-0638: Microsoft Update Notification Manager Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0638"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0638","csirts_url":"https://www.csirts.com/advisory/cve-2020-0638-2869"},{"num":2866,"source_id":"cisa-kev","external_id":"CVE-2022-20821","title":"CVE-2022-20821: Cisco IOS XR Open Port Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-20821"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-20821","csirts_url":"https://www.csirts.com/advisory/cve-2022-20821-2866"},{"num":2872,"source_id":"cisa-kev","external_id":"CVE-2019-7286","title":"CVE-2019-7286: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7286"],"exploited":true,"has_exploit":true,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7286","csirts_url":"https://www.csirts.com/advisory/cve-2019-7286-2872"},{"num":2867,"source_id":"cisa-kev","external_id":"CVE-2021-1048","title":"CVE-2021-1048: Android Kernel Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1048"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1048","csirts_url":"https://www.csirts.com/advisory/cve-2021-1048-2867"},{"num":2881,"source_id":"cisa-kev","external_id":"CVE-2019-8720","title":"CVE-2019-8720: WebKitGTK Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-8720"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-8720","csirts_url":"https://www.csirts.com/advisory/cve-2019-8720-2881"},{"num":2883,"source_id":"cisa-kev","external_id":"CVE-2019-1385","title":"CVE-2019-1385: Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1385"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1385","csirts_url":"https://www.csirts.com/advisory/cve-2019-1385-2883"},{"num":501,"source_id":"cisa-kev","external_id":"CVE-2021-30883","title":"CVE-2021-30883: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30883"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30883","csirts_url":"https://www.csirts.com/advisory/cve-2021-30883-501"},{"num":706,"source_id":"cisa-kev","external_id":"CVE-2019-1130","title":"CVE-2019-1130: Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1130"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1130","csirts_url":"https://www.csirts.com/advisory/cve-2019-1130-706"},{"num":2892,"source_id":"cisa-kev","external_id":"CVE-2018-5002","title":"CVE-2018-5002: Adobe Flash Player Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-5002"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-5002","csirts_url":"https://www.csirts.com/advisory/cve-2018-5002-2892"},{"num":2876,"source_id":"cisa-kev","external_id":"CVE-2019-0703","title":"CVE-2019-0703: Microsoft Windows SMB Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0703"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0703","csirts_url":"https://www.csirts.com/advisory/cve-2019-0703-2876"},{"num":2875,"source_id":"cisa-kev","external_id":"CVE-2019-5786","title":"CVE-2019-5786: Google Chrome Blink Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-5786"],"exploited":true,"has_exploit":true,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-5786","csirts_url":"https://www.csirts.com/advisory/cve-2019-5786-2875"},{"num":2874,"source_id":"cisa-kev","external_id":"CVE-2019-0676","title":"CVE-2019-0676: Microsoft Internet Explorer Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0676"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0676","csirts_url":"https://www.csirts.com/advisory/cve-2019-0676-2874"},{"num":2878,"source_id":"cisa-kev","external_id":"CVE-2019-13720","title":"CVE-2019-13720: Google Chrome WebAudio Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-13720"],"exploited":true,"has_exploit":true,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13720","csirts_url":"https://www.csirts.com/advisory/cve-2019-13720-2878"},{"num":2873,"source_id":"cisa-kev","external_id":"CVE-2019-7287","title":"CVE-2019-7287: Apple iOS Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7287"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7287","csirts_url":"https://www.csirts.com/advisory/cve-2019-7287-2873"},{"num":2880,"source_id":"cisa-kev","external_id":"CVE-2019-11708","title":"CVE-2019-11708: Mozilla Firefox and Thunderbird Sandbox Escape Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11708"],"exploited":true,"has_exploit":true,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11708","csirts_url":"https://www.csirts.com/advisory/cve-2019-11708-2880"},{"num":2896,"source_id":"cisa-kev","external_id":"CVE-2018-8589","title":"CVE-2018-8589: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8589"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8589","csirts_url":"https://www.csirts.com/advisory/cve-2018-8589-2896"},{"num":2868,"source_id":"cisa-kev","external_id":"CVE-2020-1027","title":"CVE-2020-1027: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1027"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1027","csirts_url":"https://www.csirts.com/advisory/cve-2020-1027-2868"},{"num":500,"source_id":"cisa-kev","external_id":"CVE-2021-0920","title":"CVE-2021-0920: Android Kernel Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-0920"],"exploited":true,"has_exploit":false,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-0920","csirts_url":"https://www.csirts.com/advisory/cve-2021-0920-500"},{"num":2882,"source_id":"cisa-kev","external_id":"CVE-2019-18426","title":"CVE-2019-18426: WhatsApp Cross-Site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-18426"],"exploited":true,"has_exploit":true,"published_at":"2022-05-23T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-18426","csirts_url":"https://www.csirts.com/advisory/cve-2019-18426-2882"},{"num":87076,"source_id":"jenkins","external_id":"jenkins-advisory-2022-05-17","title":"Jenkins Security Advisory 2022-05-17","severity":"unknown","cvss":null,"cves":["CVE-2022-30945","CVE-2022-30946","CVE-2022-30947","CVE-2022-30948","CVE-2022-30949","CVE-2022-30950","CVE-2022-30951","CVE-2022-30952","CVE-2022-30953","CVE-2022-30954","CVE-2022-30955","CVE-2022-30956","CVE-2022-30957","CVE-2022-30958","CVE-2022-30959","CVE-2022-30960","CVE-2022-30961","CVE-2022-30962","CVE-2022-30963","CVE-2022-30964","CVE-2022-30965","CVE-2022-30966","CVE-2022-30967","CVE-2022-30968","CVE-2017-2601","CVE-2022-30969","CVE-2022-30970","CVE-2022-30971","CVE-2022-30972"],"exploited":false,"has_exploit":false,"published_at":"2022-05-17T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-05-17/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-05-17-87076"},{"num":2387,"source_id":"cisa-kev","external_id":"CVE-2022-30525","title":"CVE-2022-30525: Zyxel Multiple Firewalls OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-30525"],"exploited":true,"has_exploit":true,"published_at":"2022-05-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-30525","csirts_url":"https://www.csirts.com/advisory/cve-2022-30525-2387"},{"num":2897,"source_id":"cisa-kev","external_id":"CVE-2022-22947","title":"CVE-2022-22947: VMware Spring Cloud Gateway Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22947"],"exploited":true,"has_exploit":true,"published_at":"2022-05-16T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22947","csirts_url":"https://www.csirts.com/advisory/cve-2022-22947-2897"},{"num":1722,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/acd-the-fifth-year","title":"ACD - The Fifth Year","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2022-05-10T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/acd-the-fifth-year","csirts_url":"https://www.csirts.com/advisory/acd-the-fifth-year-1722"},{"num":712,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/organisational-use-of-enterprise-connected-devices","title":"Organisational use of Enterprise Connected Devices","severity":"unknown","cvss":null,"cves":["CVE-2019-19006"],"exploited":true,"has_exploit":false,"published_at":"2022-05-10T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/organisational-use-of-enterprise-connected-devices","csirts_url":"https://www.csirts.com/advisory/organisational-use-of-enterprise-712"},{"num":2898,"source_id":"cisa-kev","external_id":"CVE-2022-1388","title":"CVE-2022-1388: F5 BIG-IP Missing Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-1388"],"exploited":true,"has_exploit":true,"published_at":"2022-05-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-1388","csirts_url":"https://www.csirts.com/advisory/cve-2022-1388-2898"},{"num":1723,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/threat-report-on-application-stores","title":"Threat report on application stores","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2022-05-04T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/threat-report-on-application-stores","csirts_url":"https://www.csirts.com/advisory/threat-report-on-application-stores-1723"},{"num":2900,"source_id":"cisa-kev","external_id":"CVE-2019-8506","title":"CVE-2019-8506: Apple Multiple Products Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-8506"],"exploited":true,"has_exploit":true,"published_at":"2022-05-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-8506","csirts_url":"https://www.csirts.com/advisory/cve-2019-8506-2900"},{"num":2901,"source_id":"cisa-kev","external_id":"CVE-2014-4113","title":"CVE-2014-4113: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-4113"],"exploited":true,"has_exploit":true,"published_at":"2022-05-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-4113","csirts_url":"https://www.csirts.com/advisory/cve-2014-4113-2901"},{"num":2902,"source_id":"cisa-kev","external_id":"CVE-2014-0322","title":"CVE-2014-0322: Microsoft Internet Explorer Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-0322"],"exploited":true,"has_exploit":true,"published_at":"2022-05-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0322","csirts_url":"https://www.csirts.com/advisory/cve-2014-0322-2902"},{"num":2899,"source_id":"cisa-kev","external_id":"CVE-2021-1789","title":"CVE-2021-1789: Apple Multiple Products Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1789"],"exploited":true,"has_exploit":false,"published_at":"2022-05-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1789","csirts_url":"https://www.csirts.com/advisory/cve-2021-1789-2899"},{"num":2903,"source_id":"cisa-kev","external_id":"CVE-2014-0160","title":"CVE-2014-0160: OpenSSL Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-0160"],"exploited":true,"has_exploit":true,"published_at":"2022-05-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0160","csirts_url":"https://www.csirts.com/advisory/cve-2014-0160-2903"},{"num":841,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/mar-sparrowdoor","title":"Malware analysis report on SparrowDoor malware","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2022-04-25T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/mar-sparrowdoor","csirts_url":"https://www.csirts.com/advisory/malware-analysis-report-on-sparrowdoor-841"},{"num":2907,"source_id":"cisa-kev","external_id":"CVE-2021-41357","title":"CVE-2021-41357: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-41357"],"exploited":true,"has_exploit":false,"published_at":"2022-04-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-41357","csirts_url":"https://www.csirts.com/advisory/cve-2021-41357-2907"},{"num":2908,"source_id":"cisa-kev","external_id":"CVE-2021-40450","title":"CVE-2021-40450: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-40450"],"exploited":true,"has_exploit":false,"published_at":"2022-04-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-40450","csirts_url":"https://www.csirts.com/advisory/cve-2021-40450-2908"},{"num":2904,"source_id":"cisa-kev","external_id":"CVE-2022-29464","title":"CVE-2022-29464: WSO2 Multiple Products Unrestrictive Upload of File Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-29464"],"exploited":true,"has_exploit":true,"published_at":"2022-04-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-29464","csirts_url":"https://www.csirts.com/advisory/cve-2022-29464-2904"},{"num":719,"source_id":"cisa-kev","external_id":"CVE-2022-21919","title":"CVE-2022-21919: Microsoft Windows User Profile Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-21919"],"exploited":true,"has_exploit":true,"published_at":"2022-04-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-21919","csirts_url":"https://www.csirts.com/advisory/cve-2022-21919-719"},{"num":2912,"source_id":"cisa-kev","external_id":"CVE-2019-1003029","title":"CVE-2019-1003029: Jenkins Script Security Plugin Sandbox Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1003029"],"exploited":true,"has_exploit":true,"published_at":"2022-04-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1003029","csirts_url":"https://www.csirts.com/advisory/cve-2019-1003029-2912"},{"num":2906,"source_id":"cisa-kev","external_id":"CVE-2022-0847","title":"CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-0847"],"exploited":true,"has_exploit":true,"published_at":"2022-04-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-0847","csirts_url":"https://www.csirts.com/advisory/cve-2022-0847-2906"},{"num":2905,"source_id":"cisa-kev","external_id":"CVE-2022-26904","title":"CVE-2022-26904: Microsoft Windows User Profile Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26904"],"exploited":true,"has_exploit":true,"published_at":"2022-04-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26904","csirts_url":"https://www.csirts.com/advisory/cve-2022-26904-2905"},{"num":2913,"source_id":"cisa-kev","external_id":"CVE-2018-6882","title":"CVE-2018-6882: Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-6882"],"exploited":true,"has_exploit":true,"published_at":"2022-04-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-6882","csirts_url":"https://www.csirts.com/advisory/cve-2018-6882-2913"},{"num":2916,"source_id":"cisa-kev","external_id":"CVE-2022-22718","title":"CVE-2022-22718: Microsoft Windows Print Spooler Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22718"],"exploited":true,"has_exploit":true,"published_at":"2022-04-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22718","csirts_url":"https://www.csirts.com/advisory/cve-2022-22718-2916"},{"num":2915,"source_id":"cisa-kev","external_id":"CVE-2019-3568","title":"CVE-2019-3568: WhatsApp VOIP Stack Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-3568"],"exploited":true,"has_exploit":false,"published_at":"2022-04-19T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-3568","csirts_url":"https://www.csirts.com/advisory/cve-2019-3568-2915"},{"num":2919,"source_id":"cisa-kev","external_id":"CVE-2018-7841","title":"CVE-2018-7841: Schneider Electric U.motion Builder SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-7841"],"exploited":true,"has_exploit":true,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-7841","csirts_url":"https://www.csirts.com/advisory/cve-2018-7841-2919"},{"num":2920,"source_id":"cisa-kev","external_id":"CVE-2007-3010","title":"CVE-2007-3010: Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2007-3010"],"exploited":true,"has_exploit":true,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2007-3010","csirts_url":"https://www.csirts.com/advisory/cve-2007-3010-2920"},{"num":2918,"source_id":"cisa-kev","external_id":"CVE-2022-1364","title":"CVE-2022-1364: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-1364"],"exploited":true,"has_exploit":true,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-1364","csirts_url":"https://www.csirts.com/advisory/cve-2022-1364-2918"},{"num":735,"source_id":"cisa-kev","external_id":"CVE-2019-16057","title":"CVE-2019-16057: D-Link DNS-320 Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-16057"],"exploited":true,"has_exploit":true,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-16057","csirts_url":"https://www.csirts.com/advisory/cve-2019-16057-735"},{"num":2917,"source_id":"cisa-kev","external_id":"CVE-2022-22960","title":"CVE-2022-22960: VMware Multiple Products Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22960"],"exploited":true,"has_exploit":true,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22960","csirts_url":"https://www.csirts.com/advisory/cve-2022-22960-2917"},{"num":3470,"source_id":"cisa-kev","external_id":"CVE-2014-0780","title":"CVE-2014-0780: InduSoft Web Studio NTWebServer Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-0780"],"exploited":true,"has_exploit":true,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0780","csirts_url":"https://www.csirts.com/advisory/cve-2014-0780-3470"},{"num":733,"source_id":"cisa-kev","external_id":"CVE-2019-3929","title":"CVE-2019-3929: Crestron Multiple Products Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-3929"],"exploited":true,"has_exploit":true,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-3929","csirts_url":"https://www.csirts.com/advisory/cve-2019-3929-733"},{"num":504,"source_id":"cisa-kev","external_id":"CVE-2016-4523","title":"CVE-2016-4523: Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-4523"],"exploited":true,"has_exploit":false,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-4523","csirts_url":"https://www.csirts.com/advisory/cve-2016-4523-504"},{"num":3471,"source_id":"cisa-kev","external_id":"CVE-2010-5330","title":"CVE-2010-5330: Ubiquiti AirOS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-5330"],"exploited":true,"has_exploit":false,"published_at":"2022-04-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-5330","csirts_url":"https://www.csirts.com/advisory/cve-2010-5330-3471"},{"num":2401,"source_id":"cisa-kev","external_id":"CVE-2022-22954","title":"CVE-2022-22954: VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22954"],"exploited":true,"has_exploit":true,"published_at":"2022-04-14T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22954","csirts_url":"https://www.csirts.com/advisory/cve-2022-22954-2401"},{"num":1289,"source_id":"cisa-kev","external_id":"CVE-2015-5123","title":"CVE-2015-5123: Adobe Flash Player Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-5123"],"exploited":true,"has_exploit":false,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-5123","csirts_url":"https://www.csirts.com/advisory/cve-2015-5123-1289"},{"num":2922,"source_id":"cisa-kev","external_id":"CVE-2018-7602","title":"CVE-2018-7602: Drupal Core Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-7602"],"exploited":true,"has_exploit":true,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-7602","csirts_url":"https://www.csirts.com/advisory/cve-2018-7602-2922"},{"num":3472,"source_id":"cisa-kev","external_id":"CVE-2015-3113","title":"CVE-2015-3113: Adobe Flash Player Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-3113"],"exploited":true,"has_exploit":true,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-3113","csirts_url":"https://www.csirts.com/advisory/cve-2015-3113-3472"},{"num":2369,"source_id":"cisa-kev","external_id":"CVE-2015-0313","title":"CVE-2015-0313: Adobe Flash Player Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-0313"],"exploited":true,"has_exploit":true,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-0313","csirts_url":"https://www.csirts.com/advisory/cve-2015-0313-2369"},{"num":2921,"source_id":"cisa-kev","external_id":"CVE-2022-24521","title":"CVE-2022-24521: Microsoft Windows CLFS Driver Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-24521"],"exploited":true,"has_exploit":true,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-24521","csirts_url":"https://www.csirts.com/advisory/cve-2022-24521-2921"},{"num":3473,"source_id":"cisa-kev","external_id":"CVE-2015-2502","title":"CVE-2015-2502: Microsoft Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2502"],"exploited":true,"has_exploit":false,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2502","csirts_url":"https://www.csirts.com/advisory/cve-2015-2502-3473"},{"num":3474,"source_id":"cisa-kev","external_id":"CVE-2014-9163","title":"CVE-2014-9163: Adobe Flash Player Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-9163"],"exploited":true,"has_exploit":false,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-9163","csirts_url":"https://www.csirts.com/advisory/cve-2014-9163-3474"},{"num":2927,"source_id":"cisa-kev","external_id":"CVE-2015-5122","title":"CVE-2015-5122: Adobe Flash Player Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-5122"],"exploited":true,"has_exploit":true,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-5122","csirts_url":"https://www.csirts.com/advisory/cve-2015-5122-2927"},{"num":2923,"source_id":"cisa-kev","external_id":"CVE-2018-20753","title":"CVE-2018-20753: Kaseya VSA Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-20753"],"exploited":true,"has_exploit":false,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-20753","csirts_url":"https://www.csirts.com/advisory/cve-2018-20753-2923"},{"num":2510,"source_id":"cisa-kev","external_id":"CVE-2015-0311","title":"CVE-2015-0311: Adobe Flash Player Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-0311"],"exploited":true,"has_exploit":true,"published_at":"2022-04-13T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-0311","csirts_url":"https://www.csirts.com/advisory/cve-2015-0311-2510"},{"num":87077,"source_id":"jenkins","external_id":"jenkins-advisory-2022-04-12","title":"Jenkins Security Advisory 2022-04-12","severity":"unknown","cvss":null,"cves":["CVE-2022-29036","CVE-2022-29037","CVE-2022-29038","CVE-2022-29039","CVE-2022-29040","CVE-2022-29041","CVE-2022-29042","CVE-2022-29043","CVE-2022-29044","CVE-2022-29045","CVE-2022-29046","CVE-2017-2601","CVE-2022-29047","CVE-2022-29048","CVE-2022-29049","CVE-2022-29050","CVE-2022-29051","CVE-2022-29052"],"exploited":false,"has_exploit":false,"published_at":"2022-04-12T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-04-12/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-04-12-87077"},{"num":757,"source_id":"cisa-kev","external_id":"CVE-2021-42287","title":"CVE-2021-42287: Microsoft Active Directory Domain Services Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-42287"],"exploited":true,"has_exploit":true,"published_at":"2022-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-42287","csirts_url":"https://www.csirts.com/advisory/cve-2021-42287-757"},{"num":3476,"source_id":"cisa-kev","external_id":"CVE-2021-22600","title":"CVE-2021-22600: Linux Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22600"],"exploited":true,"has_exploit":true,"published_at":"2022-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22600","csirts_url":"https://www.csirts.com/advisory/cve-2021-22600-3476"},{"num":2414,"source_id":"cisa-kev","external_id":"CVE-2021-27852","title":"CVE-2021-27852: Checkbox Survey Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27852"],"exploited":true,"has_exploit":false,"published_at":"2022-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27852","csirts_url":"https://www.csirts.com/advisory/cve-2021-27852-2414"},{"num":755,"source_id":"cisa-kev","external_id":"CVE-2022-23176","title":"CVE-2022-23176: WatchGuard Firebox and XTM Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-23176"],"exploited":true,"has_exploit":false,"published_at":"2022-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-23176","csirts_url":"https://www.csirts.com/advisory/cve-2022-23176-755"},{"num":343,"source_id":"cisa-kev","external_id":"CVE-2017-11317","title":"CVE-2017-11317: Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-11317"],"exploited":true,"has_exploit":true,"published_at":"2022-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-11317","csirts_url":"https://www.csirts.com/advisory/cve-2017-11317-343"},{"num":3477,"source_id":"cisa-kev","external_id":"CVE-2020-2509","title":"CVE-2020-2509: QNAP Network-Attached Storage (NAS) Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-2509"],"exploited":true,"has_exploit":true,"published_at":"2022-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-2509","csirts_url":"https://www.csirts.com/advisory/cve-2020-2509-3477"},{"num":2928,"source_id":"cisa-kev","external_id":"CVE-2021-42278","title":"CVE-2021-42278: Microsoft Active Directory Domain Services Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-42278"],"exploited":true,"has_exploit":true,"published_at":"2022-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-42278","csirts_url":"https://www.csirts.com/advisory/cve-2021-42278-2928"},{"num":3475,"source_id":"cisa-kev","external_id":"CVE-2021-39793","title":"CVE-2021-39793: Google Pixel Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-39793"],"exploited":true,"has_exploit":false,"published_at":"2022-04-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-39793","csirts_url":"https://www.csirts.com/advisory/cve-2021-39793-3475"},{"num":344,"source_id":"cisa-kev","external_id":"CVE-2021-3156","title":"CVE-2021-3156: Sudo Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-3156"],"exploited":true,"has_exploit":true,"published_at":"2022-04-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-3156","csirts_url":"https://www.csirts.com/advisory/cve-2021-3156-344"},{"num":2929,"source_id":"cisa-kev","external_id":"CVE-2017-0148","title":"CVE-2017-0148: Microsoft SMBv1 Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0148"],"exploited":true,"has_exploit":true,"published_at":"2022-04-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0148","csirts_url":"https://www.csirts.com/advisory/cve-2017-0148-2929"},{"num":345,"source_id":"cisa-kev","external_id":"CVE-2021-31166","title":"CVE-2021-31166: Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31166"],"exploited":true,"has_exploit":true,"published_at":"2022-04-06T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31166","csirts_url":"https://www.csirts.com/advisory/cve-2021-31166-345"},{"num":347,"source_id":"cisa-kev","external_id":"CVE-2021-45382","title":"CVE-2021-45382: D-Link Multiple Routers Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-45382"],"exploited":true,"has_exploit":true,"published_at":"2022-04-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-45382","csirts_url":"https://www.csirts.com/advisory/cve-2021-45382-347"},{"num":346,"source_id":"cisa-kev","external_id":"CVE-2022-22674","title":"CVE-2022-22674: Apple macOS Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22674"],"exploited":true,"has_exploit":false,"published_at":"2022-04-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22674","csirts_url":"https://www.csirts.com/advisory/cve-2022-22674-346"},{"num":2931,"source_id":"cisa-kev","external_id":"CVE-2022-22675","title":"CVE-2022-22675: Apple macOS Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22675"],"exploited":true,"has_exploit":false,"published_at":"2022-04-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22675","csirts_url":"https://www.csirts.com/advisory/cve-2022-22675-2931"},{"num":2930,"source_id":"cisa-kev","external_id":"CVE-2022-22965","title":"CVE-2022-22965: Spring Framework JDK 9+ Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22965"],"exploited":true,"has_exploit":true,"published_at":"2022-04-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22965","csirts_url":"https://www.csirts.com/advisory/cve-2022-22965-2930"},{"num":2936,"source_id":"cisa-kev","external_id":"CVE-2018-10562","title":"CVE-2018-10562: Dasan GPON Routers Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-10562"],"exploited":true,"has_exploit":true,"published_at":"2022-03-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-10562","csirts_url":"https://www.csirts.com/advisory/cve-2018-10562-2936"},{"num":2933,"source_id":"cisa-kev","external_id":"CVE-2022-1040","title":"CVE-2022-1040: Sophos Firewall Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-1040"],"exploited":true,"has_exploit":true,"published_at":"2022-03-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-1040","csirts_url":"https://www.csirts.com/advisory/cve-2022-1040-2933"},{"num":2938,"source_id":"cisa-kev","external_id":"CVE-2018-10561","title":"CVE-2018-10561: Dasan GPON Routers Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-10561"],"exploited":true,"has_exploit":true,"published_at":"2022-03-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-10561","csirts_url":"https://www.csirts.com/advisory/cve-2018-10561-2938"},{"num":2935,"source_id":"cisa-kev","external_id":"CVE-2021-28799","title":"CVE-2021-28799: QNAP NAS Improper Authorization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-28799"],"exploited":true,"has_exploit":true,"published_at":"2022-03-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-28799","csirts_url":"https://www.csirts.com/advisory/cve-2021-28799-2935"},{"num":2427,"source_id":"cisa-kev","external_id":"CVE-2021-21551","title":"CVE-2021-21551: Dell dbutil Driver Insufficient Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21551"],"exploited":true,"has_exploit":true,"published_at":"2022-03-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21551","csirts_url":"https://www.csirts.com/advisory/cve-2021-21551-2427"},{"num":2934,"source_id":"cisa-kev","external_id":"CVE-2021-34484","title":"CVE-2021-34484: Microsoft Windows User Profile Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-34484"],"exploited":true,"has_exploit":true,"published_at":"2022-03-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-34484","csirts_url":"https://www.csirts.com/advisory/cve-2021-34484-2934"},{"num":2932,"source_id":"cisa-kev","external_id":"CVE-2022-26871","title":"CVE-2022-26871: Trend Micro Apex Central Arbitrary File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26871"],"exploited":true,"has_exploit":false,"published_at":"2022-03-31T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26871","csirts_url":"https://www.csirts.com/advisory/cve-2022-26871-2932"},{"num":87078,"source_id":"jenkins","external_id":"jenkins-advisory-2022-03-29","title":"Jenkins Security Advisory 2022-03-29","severity":"unknown","cvss":null,"cves":["CVE-2022-28133","CVE-2022-28134","CVE-2022-28135","CVE-2022-28136","CVE-2022-28137","CVE-2022-28138","CVE-2022-28139","CVE-2022-28140","CVE-2022-28141","CVE-2022-28142","CVE-2022-28143","CVE-2022-28144","CVE-2022-28145","CVE-2022-28146","CVE-2022-28147","CVE-2022-28148","CVE-2022-28149","CVE-2022-28150","CVE-2022-28151","CVE-2022-28152","CVE-2022-28153","CVE-2022-28154","CVE-2022-28155","CVE-2022-28156","CVE-2022-28157","CVE-2022-28158","CVE-2022-28159","CVE-2022-28160"],"exploited":false,"has_exploit":false,"published_at":"2022-03-29T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-03-29/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-03-29-87078"},{"num":2947,"source_id":"cisa-kev","external_id":"CVE-2021-38646","title":"CVE-2021-38646: Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38646"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38646","csirts_url":"https://www.csirts.com/advisory/cve-2021-38646-2947"},{"num":795,"source_id":"cisa-kev","external_id":"CVE-2013-1690","title":"CVE-2013-1690: Mozilla Firefox and Thunderbird Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-1690"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-1690","csirts_url":"https://www.csirts.com/advisory/cve-2013-1690-795"},{"num":2952,"source_id":"cisa-kev","external_id":"CVE-2018-8406","title":"CVE-2018-8406: Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8406"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8406","csirts_url":"https://www.csirts.com/advisory/cve-2018-8406-2952"},{"num":2949,"source_id":"cisa-kev","external_id":"CVE-2021-20028","title":"CVE-2021-20028: SonicWall Secure Remote Access (SRA) SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20028"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20028","csirts_url":"https://www.csirts.com/advisory/cve-2021-20028-2949"},{"num":2954,"source_id":"cisa-kev","external_id":"CVE-2017-0059","title":"CVE-2017-0059: Microsoft Internet Explorer Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0059"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0059","csirts_url":"https://www.csirts.com/advisory/cve-2017-0059-2954"},{"num":2989,"source_id":"cisa-kev","external_id":"CVE-2012-2539","title":"CVE-2012-2539: Microsoft Word Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-2539"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-2539","csirts_url":"https://www.csirts.com/advisory/cve-2012-2539-2989"},{"num":2958,"source_id":"cisa-kev","external_id":"CVE-2016-0189","title":"CVE-2016-0189: Microsoft Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0189"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0189","csirts_url":"https://www.csirts.com/advisory/cve-2016-0189-2958"},{"num":2982,"source_id":"cisa-kev","external_id":"CVE-2015-1770","title":"CVE-2015-1770: Microsoft Office Uninitialized Memory Use Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1770"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1770","csirts_url":"https://www.csirts.com/advisory/cve-2015-1770-2982"},{"num":2986,"source_id":"cisa-kev","external_id":"CVE-2013-2551","title":"CVE-2013-2551: Microsoft Internet Explorer Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-2551"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-2551","csirts_url":"https://www.csirts.com/advisory/cve-2013-2551-2986"},{"num":2981,"source_id":"cisa-kev","external_id":"CVE-2015-2419","title":"CVE-2015-2419: Microsoft Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2419"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2419","csirts_url":"https://www.csirts.com/advisory/cve-2015-2419-2981"},{"num":2988,"source_id":"cisa-kev","external_id":"CVE-2012-5076","title":"CVE-2012-5076: Oracle Java SE Sandbox Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-5076"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-5076","csirts_url":"https://www.csirts.com/advisory/cve-2012-5076-2988"},{"num":2946,"source_id":"cisa-kev","external_id":"CVE-2022-0543","title":"CVE-2022-0543: Debian-specific Redis Server Lua Sandbox Escape Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-0543"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-0543","csirts_url":"https://www.csirts.com/advisory/cve-2022-0543-2946"},{"num":2944,"source_id":"cisa-kev","external_id":"CVE-2022-1096","title":"CVE-2022-1096: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-1096"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-1096","csirts_url":"https://www.csirts.com/advisory/cve-2022-1096-2944"},{"num":2951,"source_id":"cisa-kev","external_id":"CVE-2018-8440","title":"CVE-2018-8440: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8440"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8440","csirts_url":"https://www.csirts.com/advisory/cve-2018-8440-2951"},{"num":2990,"source_id":"cisa-kev","external_id":"CVE-2012-2034","title":"CVE-2012-2034: Adobe Flash Player Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-2034"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-2034","csirts_url":"https://www.csirts.com/advisory/cve-2012-2034-2990"},{"num":512,"source_id":"cisa-kev","external_id":"CVE-2021-34486","title":"CVE-2021-34486: Microsoft Windows Event Tracing Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-34486"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-34486","csirts_url":"https://www.csirts.com/advisory/cve-2021-34486-512"},{"num":2983,"source_id":"cisa-kev","external_id":"CVE-2013-3660","title":"CVE-2013-3660: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3660"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3660","csirts_url":"https://www.csirts.com/advisory/cve-2013-3660-2983"},{"num":2950,"source_id":"cisa-kev","external_id":"CVE-2019-7483","title":"CVE-2019-7483: SonicWall SMA100 Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7483"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7483","csirts_url":"https://www.csirts.com/advisory/cve-2019-7483-2950"},{"num":3488,"source_id":"cisa-kev","external_id":"CVE-2013-2465","title":"CVE-2013-2465: Oracle Java SE Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-2465"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-2465","csirts_url":"https://www.csirts.com/advisory/cve-2013-2465-3488"},{"num":2955,"source_id":"cisa-kev","external_id":"CVE-2017-0037","title":"CVE-2017-0037: Microsoft Edge and Internet Explorer Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0037"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0037","csirts_url":"https://www.csirts.com/advisory/cve-2017-0037-2955"},{"num":2991,"source_id":"cisa-kev","external_id":"CVE-2011-2005","title":"CVE-2011-2005: Microsoft Ancillary Function Driver (afd.sys) Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-2005"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-2005","csirts_url":"https://www.csirts.com/advisory/cve-2011-2005-2991"},{"num":2948,"source_id":"cisa-kev","external_id":"CVE-2021-26085","title":"CVE-2021-26085: Atlassian Confluence Server Pre-Authorization Arbitrary File Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26085"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26085","csirts_url":"https://www.csirts.com/advisory/cve-2021-26085-2948"},{"num":2961,"source_id":"cisa-kev","external_id":"CVE-2015-2426","title":"CVE-2015-2426: Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2426"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2426","csirts_url":"https://www.csirts.com/advisory/cve-2015-2426-2961"},{"num":2953,"source_id":"cisa-kev","external_id":"CVE-2018-8405","title":"CVE-2018-8405: Microsoft DirectX Graphics Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8405"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8405","csirts_url":"https://www.csirts.com/advisory/cve-2018-8405-2953"},{"num":2956,"source_id":"cisa-kev","external_id":"CVE-2016-7201","title":"CVE-2016-7201: Microsoft Edge Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7201"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7201","csirts_url":"https://www.csirts.com/advisory/cve-2016-7201-2956"},{"num":2957,"source_id":"cisa-kev","external_id":"CVE-2016-7200","title":"CVE-2016-7200: Microsoft Edge Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7200"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7200","csirts_url":"https://www.csirts.com/advisory/cve-2016-7200-2957"},{"num":2959,"source_id":"cisa-kev","external_id":"CVE-2016-0151","title":"CVE-2016-0151: Microsoft Windows CSRSS Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0151"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0151","csirts_url":"https://www.csirts.com/advisory/cve-2016-0151-2959"},{"num":2960,"source_id":"cisa-kev","external_id":"CVE-2016-0040","title":"CVE-2016-0040: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0040"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0040","csirts_url":"https://www.csirts.com/advisory/cve-2016-0040-2960"},{"num":2992,"source_id":"cisa-kev","external_id":"CVE-2010-4398","title":"CVE-2010-4398: Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-4398"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-4398","csirts_url":"https://www.csirts.com/advisory/cve-2010-4398-2992"},{"num":822,"source_id":"cisa-kev","external_id":"CVE-2012-0518","title":"CVE-2012-0518: Oracle Fusion Middleware Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-0518"],"exploited":true,"has_exploit":false,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-0518","csirts_url":"https://www.csirts.com/advisory/cve-2012-0518-822"},{"num":794,"source_id":"cisa-kev","external_id":"CVE-2017-0213","title":"CVE-2017-0213: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0213"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0213","csirts_url":"https://www.csirts.com/advisory/cve-2017-0213-794"},{"num":2984,"source_id":"cisa-kev","external_id":"CVE-2013-2729","title":"CVE-2013-2729: Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-2729"],"exploited":true,"has_exploit":true,"published_at":"2022-03-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-2729","csirts_url":"https://www.csirts.com/advisory/cve-2013-2729-2984"},{"num":854,"source_id":"cisa-kev","external_id":"CVE-2018-0125","title":"CVE-2018-0125: Cisco VPN Routers Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0125"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0125","csirts_url":"https://www.csirts.com/advisory/cve-2018-0125-854"},{"num":1006,"source_id":"cisa-kev","external_id":"CVE-2018-8414","title":"CVE-2018-8414: Microsoft Windows Shell Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8414"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8414","csirts_url":"https://www.csirts.com/advisory/cve-2018-8414-1006"},{"num":3010,"source_id":"cisa-kev","external_id":"CVE-2017-6334","title":"CVE-2017-6334: NETGEAR DGN2200 Devices OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6334"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6334","csirts_url":"https://www.csirts.com/advisory/cve-2017-6334-3010"},{"num":906,"source_id":"cisa-kev","external_id":"CVE-2019-6340","title":"CVE-2019-6340: Drupal Core Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-6340"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-6340","csirts_url":"https://www.csirts.com/advisory/cve-2019-6340-906"},{"num":2999,"source_id":"cisa-kev","external_id":"CVE-2020-5410","title":"CVE-2020-5410: VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-5410"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-5410","csirts_url":"https://www.csirts.com/advisory/cve-2020-5410-2999"},{"num":869,"source_id":"cisa-kev","external_id":"CVE-2015-1187","title":"CVE-2015-1187: D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1187"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1187","csirts_url":"https://www.csirts.com/advisory/cve-2015-1187-869"},{"num":3031,"source_id":"cisa-kev","external_id":"CVE-2012-1823","title":"CVE-2012-1823: PHP-CGI Query String Parameter Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-1823"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-1823","csirts_url":"https://www.csirts.com/advisory/cve-2012-1823-3031"},{"num":3037,"source_id":"cisa-kev","external_id":"CVE-2005-2773","title":"CVE-2005-2773: HP OpenView Network Node Manager Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2005-2773"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2005-2773","csirts_url":"https://www.csirts.com/advisory/cve-2005-2773-3037"},{"num":848,"source_id":"cisa-kev","external_id":"CVE-2022-26318","title":"CVE-2022-26318: WatchGuard Firebox and XTM Appliances Arbitrary Code Execution","severity":"critical","cvss":null,"cves":["CVE-2022-26318"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26318","csirts_url":"https://www.csirts.com/advisory/cve-2022-26318-848"},{"num":2997,"source_id":"cisa-kev","external_id":"CVE-2020-9377","title":"CVE-2020-9377: D-Link DIR-610 Devices Remote Command Execution","severity":"critical","cvss":null,"cves":["CVE-2020-9377"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-9377","csirts_url":"https://www.csirts.com/advisory/cve-2020-9377-2997"},{"num":868,"source_id":"cisa-kev","external_id":"CVE-2020-9054","title":"CVE-2020-9054: Zyxel Multiple NAS Devices OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-9054"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-9054","csirts_url":"https://www.csirts.com/advisory/cve-2020-9054-868"},{"num":2998,"source_id":"cisa-kev","external_id":"CVE-2020-7247","title":"CVE-2020-7247: OpenSMTPD Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-7247"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-7247","csirts_url":"https://www.csirts.com/advisory/cve-2020-7247-2998"},{"num":3006,"source_id":"cisa-kev","external_id":"CVE-2019-11043","title":"CVE-2019-11043: PHP FastCGI Process Manager (FPM) Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11043"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11043","csirts_url":"https://www.csirts.com/advisory/cve-2019-11043-3006"},{"num":517,"source_id":"cisa-kev","external_id":"CVE-2020-2021","title":"CVE-2020-2021: Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-2021"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-2021","csirts_url":"https://www.csirts.com/advisory/cve-2020-2021-517"},{"num":3001,"source_id":"cisa-kev","external_id":"CVE-2020-2506","title":"CVE-2020-2506: QNAP Helpdesk Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-2506"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-2506","csirts_url":"https://www.csirts.com/advisory/cve-2020-2506-3001"},{"num":3004,"source_id":"cisa-kev","external_id":"CVE-2019-2616","title":"CVE-2019-2616: Oracle BI Publisher Unauthorized Access Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-2616"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-2616","csirts_url":"https://www.csirts.com/advisory/cve-2019-2616-3004"},{"num":3005,"source_id":"cisa-kev","external_id":"CVE-2019-16920","title":"CVE-2019-16920: D-Link Multiple Routers Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-16920"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-16920","csirts_url":"https://www.csirts.com/advisory/cve-2019-16920-3005"},{"num":1003,"source_id":"cisa-kev","external_id":"CVE-2019-10068","title":"CVE-2019-10068: Kentico Xperience Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-10068"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-10068","csirts_url":"https://www.csirts.com/advisory/cve-2019-10068-1003"},{"num":3007,"source_id":"cisa-kev","external_id":"CVE-2019-0903","title":"CVE-2019-0903: Microsoft GDI Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0903"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0903","csirts_url":"https://www.csirts.com/advisory/cve-2019-0903-3007"},{"num":1035,"source_id":"cisa-kev","external_id":"CVE-2018-11138","title":"CVE-2018-11138: Quest KACE System Management Appliance Remote Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-11138"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-11138","csirts_url":"https://www.csirts.com/advisory/cve-2018-11138-1035"},{"num":3009,"source_id":"cisa-kev","external_id":"CVE-2018-0147","title":"CVE-2018-0147: Cisco Secure Access Control System Java Deserialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0147"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0147","csirts_url":"https://www.csirts.com/advisory/cve-2018-0147-3009"},{"num":3011,"source_id":"cisa-kev","external_id":"CVE-2017-6316","title":"CVE-2017-6316: Citrix Multiple Products Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6316"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6316","csirts_url":"https://www.csirts.com/advisory/cve-2017-6316-3011"},{"num":3021,"source_id":"cisa-kev","external_id":"CVE-2016-11021","title":"CVE-2016-11021: D-Link DCS-930L Devices OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-11021"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-11021","csirts_url":"https://www.csirts.com/advisory/cve-2016-11021-3021"},{"num":3022,"source_id":"cisa-kev","external_id":"CVE-2016-0752","title":"CVE-2016-0752: Ruby on Rails Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0752"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0752","csirts_url":"https://www.csirts.com/advisory/cve-2016-0752-3022"},{"num":3023,"source_id":"cisa-kev","external_id":"CVE-2015-4068","title":"CVE-2015-4068: Arcserve Unified Data Protection (UDP) Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-4068"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-4068","csirts_url":"https://www.csirts.com/advisory/cve-2015-4068-3023"},{"num":1096,"source_id":"cisa-kev","external_id":"CVE-2015-3035","title":"CVE-2015-3035: TP-Link Multiple Archer Devices Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-3035"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-3035","csirts_url":"https://www.csirts.com/advisory/cve-2015-3035-1096"},{"num":3024,"source_id":"cisa-kev","external_id":"CVE-2015-1427","title":"CVE-2015-1427: Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1427"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1427","csirts_url":"https://www.csirts.com/advisory/cve-2015-1427-3024"},{"num":3025,"source_id":"cisa-kev","external_id":"CVE-2015-0666","title":"CVE-2015-0666: Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-0666"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-0666","csirts_url":"https://www.csirts.com/advisory/cve-2015-0666-3025"},{"num":3027,"source_id":"cisa-kev","external_id":"CVE-2014-6332","title":"CVE-2014-6332: Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-6332"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-6332","csirts_url":"https://www.csirts.com/advisory/cve-2014-6332-3027"},{"num":3028,"source_id":"cisa-kev","external_id":"CVE-2014-6324","title":"CVE-2014-6324: Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-6324"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-6324","csirts_url":"https://www.csirts.com/advisory/cve-2014-6324-3028"},{"num":3029,"source_id":"cisa-kev","external_id":"CVE-2014-6287","title":"CVE-2014-6287: Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-6287"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-6287","csirts_url":"https://www.csirts.com/advisory/cve-2014-6287-3029"},{"num":1138,"source_id":"cisa-kev","external_id":"CVE-2013-5223","title":"CVE-2013-5223: D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-5223"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-5223","csirts_url":"https://www.csirts.com/advisory/cve-2013-5223-1138"},{"num":1141,"source_id":"cisa-kev","external_id":"CVE-2013-4810","title":"CVE-2013-4810: HP Multiple Products Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-4810"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-4810","csirts_url":"https://www.csirts.com/advisory/cve-2013-4810-1141"},{"num":3000,"source_id":"cisa-kev","external_id":"CVE-2020-25223","title":"CVE-2020-25223: Sophos SG UTM Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-25223"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-25223","csirts_url":"https://www.csirts.com/advisory/cve-2020-25223-3000"},{"num":3032,"source_id":"cisa-kev","external_id":"CVE-2010-4345","title":"CVE-2010-4345: Exim Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-4345"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-4345","csirts_url":"https://www.csirts.com/advisory/cve-2010-4345-3032"},{"num":933,"source_id":"cisa-kev","external_id":"CVE-2010-3035","title":"CVE-2010-3035: Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-3035"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-3035","csirts_url":"https://www.csirts.com/advisory/cve-2010-3035-933"},{"num":3035,"source_id":"cisa-kev","external_id":"CVE-2009-1151","title":"CVE-2009-1151: phpMyAdmin Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-1151"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-1151","csirts_url":"https://www.csirts.com/advisory/cve-2009-1151-3035"},{"num":3030,"source_id":"cisa-kev","external_id":"CVE-2013-2251","title":"CVE-2013-2251: Apache Struts Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-2251"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-2251","csirts_url":"https://www.csirts.com/advisory/cve-2013-2251-3030"},{"num":950,"source_id":"cisa-kev","external_id":"CVE-2019-12991","title":"CVE-2019-12991: Citrix SD-WAN and NetScaler Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-12991"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12991","csirts_url":"https://www.csirts.com/advisory/cve-2019-12991-950"},{"num":2680,"source_id":"cisa-kev","external_id":"CVE-2019-15107","title":"CVE-2019-15107: Webmin Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-15107"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-15107","csirts_url":"https://www.csirts.com/advisory/cve-2019-15107-2680"},{"num":2994,"source_id":"cisa-kev","external_id":"CVE-2021-42237","title":"CVE-2021-42237: Sitecore XP Remote Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-42237"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-42237","csirts_url":"https://www.csirts.com/advisory/cve-2021-42237-2994"},{"num":833,"source_id":"cisa-kev","external_id":"CVE-2022-21999","title":"CVE-2022-21999: Microsoft Windows Print Spooler Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-21999"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-21999","csirts_url":"https://www.csirts.com/advisory/cve-2022-21999-833"},{"num":1014,"source_id":"cisa-kev","external_id":"CVE-2018-8373","title":"CVE-2018-8373: Microsoft Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8373"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8373","csirts_url":"https://www.csirts.com/advisory/cve-2018-8373-1014"},{"num":3008,"source_id":"cisa-kev","external_id":"CVE-2018-6961","title":"CVE-2018-6961: VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-6961"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-6961","csirts_url":"https://www.csirts.com/advisory/cve-2018-6961-3008"},{"num":861,"source_id":"cisa-kev","external_id":"CVE-2016-7892","title":"CVE-2016-7892: Adobe Flash Player Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7892"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7892","csirts_url":"https://www.csirts.com/advisory/cve-2016-7892-861"},{"num":1026,"source_id":"cisa-kev","external_id":"CVE-2018-1273","title":"CVE-2018-1273: VMware Tanzu Spring Data Commons Property Binder Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-1273"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-1273","csirts_url":"https://www.csirts.com/advisory/cve-2018-1273-1026"},{"num":894,"source_id":"cisa-kev","external_id":"CVE-2014-3120","title":"CVE-2014-3120: Elasticsearch Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-3120"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-3120","csirts_url":"https://www.csirts.com/advisory/cve-2014-3120-894"},{"num":3034,"source_id":"cisa-kev","external_id":"CVE-2009-2055","title":"CVE-2009-2055: Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-2055"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-2055","csirts_url":"https://www.csirts.com/advisory/cve-2009-2055-3034"},{"num":3036,"source_id":"cisa-kev","external_id":"CVE-2009-0927","title":"CVE-2009-0927: Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-0927"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-0927","csirts_url":"https://www.csirts.com/advisory/cve-2009-0927-3036"},{"num":850,"source_id":"cisa-kev","external_id":"CVE-2018-14839","title":"CVE-2018-14839: LG N1A1 NAS Remote Command Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-14839"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14839","csirts_url":"https://www.csirts.com/advisory/cve-2018-14839-850"},{"num":3002,"source_id":"cisa-kev","external_id":"CVE-2020-1956","title":"CVE-2020-1956: Apache Kylin OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1956"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1956","csirts_url":"https://www.csirts.com/advisory/cve-2020-1956-3002"},{"num":2993,"source_id":"cisa-kev","external_id":"CVE-2022-26143","title":"CVE-2022-26143: MiCollab, MiVoice Business Express Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26143"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26143","csirts_url":"https://www.csirts.com/advisory/cve-2022-26143-2993"},{"num":3019,"source_id":"cisa-kev","external_id":"CVE-2016-4171","title":"CVE-2016-4171: Adobe Flash Player Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-4171"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-4171","csirts_url":"https://www.csirts.com/advisory/cve-2016-4171-3019"},{"num":895,"source_id":"cisa-kev","external_id":"CVE-2014-0130","title":"CVE-2014-0130: Ruby on Rails Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-0130"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0130","csirts_url":"https://www.csirts.com/advisory/cve-2014-0130-895"},{"num":837,"source_id":"cisa-kev","external_id":"CVE-2019-12989","title":"CVE-2019-12989: Citrix SD-WAN and NetScaler SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-12989"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-12989","csirts_url":"https://www.csirts.com/advisory/cve-2019-12989-837"},{"num":3494,"source_id":"cisa-kev","external_id":"CVE-2016-10174","title":"CVE-2016-10174: NETGEAR WNR2000v5 Router Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-10174"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-10174","csirts_url":"https://www.csirts.com/advisory/cve-2016-10174-3494"},{"num":3020,"source_id":"cisa-kev","external_id":"CVE-2016-1555","title":"CVE-2016-1555: NETGEAR Multiple WAP Devices Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-1555"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-1555","csirts_url":"https://www.csirts.com/advisory/cve-2016-1555-3020"},{"num":3003,"source_id":"cisa-kev","external_id":"CVE-2020-1631","title":"CVE-2020-1631: Juniper Junos OS Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1631"],"exploited":true,"has_exploit":false,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1631","csirts_url":"https://www.csirts.com/advisory/cve-2020-1631-3003"},{"num":2995,"source_id":"cisa-kev","external_id":"CVE-2021-22941","title":"CVE-2021-22941: Citrix ShareFile Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22941"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22941","csirts_url":"https://www.csirts.com/advisory/cve-2021-22941-2995"},{"num":3033,"source_id":"cisa-kev","external_id":"CVE-2010-2861","title":"CVE-2010-2861: Adobe ColdFusion Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-2861"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-2861","csirts_url":"https://www.csirts.com/advisory/cve-2010-2861-3033"},{"num":918,"source_id":"cisa-kev","external_id":"CVE-2010-4344","title":"CVE-2010-4344: Exim Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-4344"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-4344","csirts_url":"https://www.csirts.com/advisory/cve-2010-4344-918"},{"num":522,"source_id":"cisa-kev","external_id":"CVE-2017-0146","title":"CVE-2017-0146: Microsoft Windows SMB Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0146"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0146","csirts_url":"https://www.csirts.com/advisory/cve-2017-0146-522"},{"num":3016,"source_id":"cisa-kev","external_id":"CVE-2017-3881","title":"CVE-2017-3881: Cisco IOS and IOS XE Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-3881"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-3881","csirts_url":"https://www.csirts.com/advisory/cve-2017-3881-3016"},{"num":3017,"source_id":"cisa-kev","external_id":"CVE-2017-12617","title":"CVE-2017-12617: Apache Tomcat Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12617"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12617","csirts_url":"https://www.csirts.com/advisory/cve-2017-12617-3017"},{"num":3018,"source_id":"cisa-kev","external_id":"CVE-2017-12615","title":"CVE-2017-12615: Apache Tomcat on Windows Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12615"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12615","csirts_url":"https://www.csirts.com/advisory/cve-2017-12615-3018"},{"num":849,"source_id":"cisa-kev","external_id":"CVE-2019-1003030","title":"CVE-2019-1003030: Jenkins Matrix Project Plugin Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1003030"],"exploited":true,"has_exploit":true,"published_at":"2022-03-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1003030","csirts_url":"https://www.csirts.com/advisory/cve-2019-1003030-849"},{"num":1724,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/vendor-security-assessment","title":"Vendor Security Assessment","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2022-03-22T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/vendor-security-assessment","csirts_url":"https://www.csirts.com/advisory/vendor-security-assessment-1724"},{"num":87079,"source_id":"jenkins","external_id":"jenkins-advisory-2022-03-15","title":"Jenkins Security Advisory 2022-03-15","severity":"unknown","cvss":null,"cves":["CVE-2022-27195","CVE-2022-27196","CVE-2022-27197","CVE-2022-27198","CVE-2022-27199","CVE-2022-27200","CVE-2022-27201","CVE-2022-27202","CVE-2022-27203","CVE-2022-27204","CVE-2022-27205","CVE-2022-27206","CVE-2022-27207","CVE-2022-27208","CVE-2022-27209","CVE-2022-27210","CVE-2022-27211","CVE-2022-27212","CVE-2022-27213","CVE-2022-27214","CVE-2022-27215","CVE-2022-27216","CVE-2022-27217","CVE-2022-27218"],"exploited":false,"has_exploit":false,"published_at":"2022-03-15T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-03-15/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-03-15-87079"},{"num":972,"source_id":"cisa-kev","external_id":"CVE-2019-1129","title":"CVE-2019-1129: Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1129"],"exploited":true,"has_exploit":false,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1129","csirts_url":"https://www.csirts.com/advisory/cve-2019-1129-972"},{"num":3045,"source_id":"cisa-kev","external_id":"CVE-2015-2546","title":"CVE-2015-2546: Microsoft Win32k Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2546"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2546","csirts_url":"https://www.csirts.com/advisory/cve-2015-2546-3045"},{"num":542,"source_id":"cisa-kev","external_id":"CVE-2016-3309","title":"CVE-2016-3309: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3309"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3309","csirts_url":"https://www.csirts.com/advisory/cve-2016-3309-542"},{"num":541,"source_id":"cisa-kev","external_id":"CVE-2017-0101","title":"CVE-2017-0101: Microsoft Windows Transaction Manager Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0101"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0101","csirts_url":"https://www.csirts.com/advisory/cve-2017-0101-541"},{"num":3041,"source_id":"cisa-kev","external_id":"CVE-2019-1253","title":"CVE-2019-1253: Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1253"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1253","csirts_url":"https://www.csirts.com/advisory/cve-2019-1253-3041"},{"num":940,"source_id":"cisa-kev","external_id":"CVE-2019-1405","title":"CVE-2019-1405: Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1405"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1405","csirts_url":"https://www.csirts.com/advisory/cve-2019-1405-940"},{"num":3040,"source_id":"cisa-kev","external_id":"CVE-2019-1315","title":"CVE-2019-1315: Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1315"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1315","csirts_url":"https://www.csirts.com/advisory/cve-2019-1315-3040"},{"num":540,"source_id":"cisa-kev","external_id":"CVE-2018-8120","title":"CVE-2018-8120: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8120"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8120","csirts_url":"https://www.csirts.com/advisory/cve-2018-8120-540"},{"num":3044,"source_id":"cisa-kev","external_id":"CVE-2019-1064","title":"CVE-2019-1064: Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1064"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1064","csirts_url":"https://www.csirts.com/advisory/cve-2019-1064-3044"},{"num":1282,"source_id":"cisa-kev","external_id":"CVE-2019-0543","title":"CVE-2019-0543: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0543"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0543","csirts_url":"https://www.csirts.com/advisory/cve-2019-0543-1282"},{"num":3042,"source_id":"cisa-kev","external_id":"CVE-2019-1132","title":"CVE-2019-1132: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1132"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1132","csirts_url":"https://www.csirts.com/advisory/cve-2019-1132-3042"},{"num":3043,"source_id":"cisa-kev","external_id":"CVE-2019-1069","title":"CVE-2019-1069: Microsoft Task Scheduler Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1069"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1069","csirts_url":"https://www.csirts.com/advisory/cve-2019-1069-3043"},{"num":3038,"source_id":"cisa-kev","external_id":"CVE-2020-5135","title":"CVE-2020-5135: SonicWall SonicOS Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-5135"],"exploited":true,"has_exploit":false,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-5135","csirts_url":"https://www.csirts.com/advisory/cve-2020-5135-3038"},{"num":539,"source_id":"cisa-kev","external_id":"CVE-2019-0841","title":"CVE-2019-0841: Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0841"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0841","csirts_url":"https://www.csirts.com/advisory/cve-2019-0841-539"},{"num":3039,"source_id":"cisa-kev","external_id":"CVE-2019-1322","title":"CVE-2019-1322: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1322"],"exploited":true,"has_exploit":true,"published_at":"2022-03-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1322","csirts_url":"https://www.csirts.com/advisory/cve-2019-1322-3039"},{"num":1015,"source_id":"cisa-kev","external_id":"CVE-2020-8218","title":"CVE-2020-8218: Pulse Connect Secure Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8218"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8218","csirts_url":"https://www.csirts.com/advisory/cve-2020-8218-1015"},{"num":3046,"source_id":"cisa-kev","external_id":"CVE-2022-26486","title":"CVE-2022-26486: Mozilla Firefox Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26486"],"exploited":true,"has_exploit":false,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26486","csirts_url":"https://www.csirts.com/advisory/cve-2022-26486-3046"},{"num":3054,"source_id":"cisa-kev","external_id":"CVE-2016-6277","title":"CVE-2016-6277: NETGEAR Multiple Routers Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-6277"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-6277","csirts_url":"https://www.csirts.com/advisory/cve-2016-6277-3054"},{"num":3051,"source_id":"cisa-kev","external_id":"CVE-2019-11581","title":"CVE-2019-11581: Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11581"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11581","csirts_url":"https://www.csirts.com/advisory/cve-2019-11581-3051"},{"num":3057,"source_id":"cisa-kev","external_id":"CVE-2013-0625","title":"CVE-2013-0625: Adobe ColdFusion Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0625"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0625","csirts_url":"https://www.csirts.com/advisory/cve-2013-0625-3057"},{"num":1008,"source_id":"cisa-kev","external_id":"CVE-2022-26485","title":"CVE-2022-26485: Mozilla Firefox Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-26485"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-26485","csirts_url":"https://www.csirts.com/advisory/cve-2022-26485-1008"},{"num":3056,"source_id":"cisa-kev","external_id":"CVE-2013-0629","title":"CVE-2013-0629: Adobe ColdFusion Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0629"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0629","csirts_url":"https://www.csirts.com/advisory/cve-2013-0629-3056"},{"num":3052,"source_id":"cisa-kev","external_id":"CVE-2017-6077","title":"CVE-2017-6077: NETGEAR DGN2200 Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6077"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6077","csirts_url":"https://www.csirts.com/advisory/cve-2017-6077-3052"},{"num":3058,"source_id":"cisa-kev","external_id":"CVE-2009-3960","title":"CVE-2009-3960: Adobe BlazeDS Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-3960"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-3960","csirts_url":"https://www.csirts.com/advisory/cve-2009-3960-3058"},{"num":3055,"source_id":"cisa-kev","external_id":"CVE-2013-0631","title":"CVE-2013-0631: Adobe ColdFusion Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0631"],"exploited":true,"has_exploit":false,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0631","csirts_url":"https://www.csirts.com/advisory/cve-2013-0631-3055"},{"num":3050,"source_id":"cisa-kev","external_id":"CVE-2021-21973","title":"CVE-2021-21973: VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21973"],"exploited":true,"has_exploit":true,"published_at":"2022-03-07T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21973","csirts_url":"https://www.csirts.com/advisory/cve-2021-21973-3050"},{"num":3141,"source_id":"cisa-kev","external_id":"CVE-2015-2387","title":"CVE-2015-2387: Microsoft ATM Font Driver Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2387"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2387","csirts_url":"https://www.csirts.com/advisory/cve-2015-2387-3141"},{"num":2411,"source_id":"cisa-kev","external_id":"CVE-2015-3043","title":"CVE-2015-3043: Adobe Flash Player Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-3043"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-3043","csirts_url":"https://www.csirts.com/advisory/cve-2015-3043-2411"},{"num":552,"source_id":"cisa-kev","external_id":"CVE-2004-0210","title":"CVE-2004-0210: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2004-0210"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2004-0210","csirts_url":"https://www.csirts.com/advisory/cve-2004-0210-552"},{"num":3531,"source_id":"cisa-kev","external_id":"CVE-2011-3544","title":"CVE-2011-3544: Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-3544"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-3544","csirts_url":"https://www.csirts.com/advisory/cve-2011-3544-3531"},{"num":3165,"source_id":"cisa-kev","external_id":"CVE-2002-0367","title":"CVE-2002-0367: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2002-0367"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2002-0367","csirts_url":"https://www.csirts.com/advisory/cve-2002-0367-3165"},{"num":389,"source_id":"cisa-kev","external_id":"CVE-2015-2590","title":"CVE-2015-2590: Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2590"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2590","csirts_url":"https://www.csirts.com/advisory/cve-2015-2590-389"},{"num":3116,"source_id":"cisa-kev","external_id":"CVE-2017-12238","title":"CVE-2017-12238: Cisco Catalyst 6800 Series Switches VPLS Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12238"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12238","csirts_url":"https://www.csirts.com/advisory/cve-2017-12238-3116"},{"num":1540,"source_id":"cisa-kev","external_id":"CVE-2015-7645","title":"CVE-2015-7645: Adobe Flash Player Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-7645"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-7645","csirts_url":"https://www.csirts.com/advisory/cve-2015-7645-1540"},{"num":2396,"source_id":"cisa-kev","external_id":"CVE-2016-0099","title":"CVE-2016-0099: Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0099"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0099","csirts_url":"https://www.csirts.com/advisory/cve-2016-0099-2396"},{"num":3140,"source_id":"cisa-kev","external_id":"CVE-2015-2424","title":"CVE-2015-2424: Microsoft PowerPoint Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2424"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2424","csirts_url":"https://www.csirts.com/advisory/cve-2015-2424-3140"},{"num":3152,"source_id":"cisa-kev","external_id":"CVE-2010-0232","title":"CVE-2010-0232: Microsoft Windows Kernel Exception Handler Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-0232"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-0232","csirts_url":"https://www.csirts.com/advisory/cve-2010-0232-3152"},{"num":3092,"source_id":"cisa-kev","external_id":"CVE-2018-0155","title":"CVE-2018-0155: Cisco Catalyst Bidirectional Forwarding Detection Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0155"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0155","csirts_url":"https://www.csirts.com/advisory/cve-2018-0155-3092"},{"num":3530,"source_id":"cisa-kev","external_id":"CVE-2012-1723","title":"CVE-2012-1723: Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-1723"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-1723","csirts_url":"https://www.csirts.com/advisory/cve-2012-1723-3530"},{"num":3087,"source_id":"cisa-kev","external_id":"CVE-2018-0173","title":"CVE-2018-0173: Cisco IOS and IOS XE Software Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0173"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0173","csirts_url":"https://www.csirts.com/advisory/cve-2018-0173-3087"},{"num":3059,"source_id":"cisa-kev","external_id":"CVE-2022-20708","title":"CVE-2022-20708: Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-20708"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-20708","csirts_url":"https://www.csirts.com/advisory/cve-2022-20708-3059"},{"num":3080,"source_id":"cisa-kev","external_id":"CVE-2019-1652","title":"CVE-2019-1652: Cisco Small Business Routers Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1652"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1652","csirts_url":"https://www.csirts.com/advisory/cve-2019-1652-3080"},{"num":3148,"source_id":"cisa-kev","external_id":"CVE-2012-4681","title":"CVE-2012-4681: Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-4681"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-4681","csirts_url":"https://www.csirts.com/advisory/cve-2012-4681-3148"},{"num":3525,"source_id":"cisa-kev","external_id":"CVE-2017-0261","title":"CVE-2017-0261: Microsoft Office Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0261"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0261","csirts_url":"https://www.csirts.com/advisory/cve-2017-0261-3525"},{"num":3150,"source_id":"cisa-kev","external_id":"CVE-2011-0611","title":"CVE-2011-0611: Adobe Flash Player Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-0611"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-0611","csirts_url":"https://www.csirts.com/advisory/cve-2011-0611-3150"},{"num":3084,"source_id":"cisa-kev","external_id":"CVE-2018-0179","title":"CVE-2018-0179: Cisco IOS Software Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0179"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0179","csirts_url":"https://www.csirts.com/advisory/cve-2018-0179-3084"},{"num":3073,"source_id":"cisa-kev","external_id":"CVE-2021-41379","title":"CVE-2021-41379: Microsoft Windows Installer Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-41379"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-41379","csirts_url":"https://www.csirts.com/advisory/cve-2021-41379-3073"},{"num":549,"source_id":"cisa-kev","external_id":"CVE-2017-6743","title":"CVE-2017-6743: Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6743"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6743","csirts_url":"https://www.csirts.com/advisory/cve-2017-6743-549"},{"num":1397,"source_id":"cisa-kev","external_id":"CVE-2013-5065","title":"CVE-2013-5065: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-5065"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-5065","csirts_url":"https://www.csirts.com/advisory/cve-2013-5065-1397"},{"num":1476,"source_id":"cisa-kev","external_id":"CVE-2013-1347","title":"CVE-2013-1347: Microsoft Internet Explorer Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-1347"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-1347","csirts_url":"https://www.csirts.com/advisory/cve-2013-1347-1476"},{"num":186,"source_id":"cisa-kev","external_id":"CVE-2013-0641","title":"CVE-2013-0641: Adobe Reader Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0641"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0641","csirts_url":"https://www.csirts.com/advisory/cve-2013-0641-186"},{"num":3147,"source_id":"cisa-kev","external_id":"CVE-2013-0632","title":"CVE-2013-0632: Adobe ColdFusion Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0632"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0632","csirts_url":"https://www.csirts.com/advisory/cve-2013-0632-3147"},{"num":1518,"source_id":"cisa-kev","external_id":"CVE-2012-1535","title":"CVE-2012-1535: Adobe Flash Player Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-1535"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-1535","csirts_url":"https://www.csirts.com/advisory/cve-2012-1535-1518"},{"num":3151,"source_id":"cisa-kev","external_id":"CVE-2010-3333","title":"CVE-2010-3333: Microsoft Office Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-3333"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-3333","csirts_url":"https://www.csirts.com/advisory/cve-2010-3333-3151"},{"num":1426,"source_id":"cisa-kev","external_id":"CVE-2012-1856","title":"CVE-2012-1856: Microsoft Office MSCOMCTL.OCX Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-1856"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-1856","csirts_url":"https://www.csirts.com/advisory/cve-2012-1856-1426"},{"num":3109,"source_id":"cisa-kev","external_id":"CVE-2017-6738","title":"CVE-2017-6738: Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6738"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6738","csirts_url":"https://www.csirts.com/advisory/cve-2017-6738-3109"},{"num":3145,"source_id":"cisa-kev","external_id":"CVE-2013-1675","title":"CVE-2013-1675: Mozilla Firefox Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-1675"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-1675","csirts_url":"https://www.csirts.com/advisory/cve-2013-1675-3145"},{"num":1541,"source_id":"cisa-kev","external_id":"CVE-2015-2545","title":"CVE-2015-2545: Microsoft Office Malformed EPS File Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2545"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2545","csirts_url":"https://www.csirts.com/advisory/cve-2015-2545-1541"},{"num":3146,"source_id":"cisa-kev","external_id":"CVE-2013-0640","title":"CVE-2013-0640: Adobe Reader and Acrobat Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-0640"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-0640","csirts_url":"https://www.csirts.com/advisory/cve-2013-0640-3146"},{"num":3153,"source_id":"cisa-kev","external_id":"CVE-2009-3129","title":"CVE-2009-3129: Microsoft Excel Featheader Record Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-3129"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-3129","csirts_url":"https://www.csirts.com/advisory/cve-2009-3129-3153"},{"num":3096,"source_id":"cisa-kev","external_id":"CVE-2017-6740","title":"CVE-2017-6740: Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6740"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6740","csirts_url":"https://www.csirts.com/advisory/cve-2017-6740-3096"},{"num":3095,"source_id":"cisa-kev","external_id":"CVE-2017-6744","title":"CVE-2017-6744: Cisco IOS Software SNMP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6744"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6744","csirts_url":"https://www.csirts.com/advisory/cve-2017-6744-3095"},{"num":3081,"source_id":"cisa-kev","external_id":"CVE-2018-8581","title":"CVE-2018-8581: Microsoft Exchange Server Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8581"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8581","csirts_url":"https://www.csirts.com/advisory/cve-2018-8581-3081"},{"num":3088,"source_id":"cisa-kev","external_id":"CVE-2018-0167","title":"CVE-2018-0167: Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0167"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0167","csirts_url":"https://www.csirts.com/advisory/cve-2018-0167-3088"},{"num":3091,"source_id":"cisa-kev","external_id":"CVE-2018-0158","title":"CVE-2018-0158: Cisco IOS and XE Software Internet Key Exchange Memory Leak Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0158"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0158","csirts_url":"https://www.csirts.com/advisory/cve-2018-0158-3091"},{"num":3089,"source_id":"cisa-kev","external_id":"CVE-2018-0161","title":"CVE-2018-0161: Cisco IOS Software Resource Management Errors Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0161"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0161","csirts_url":"https://www.csirts.com/advisory/cve-2018-0161-3089"},{"num":3505,"source_id":"cisa-kev","external_id":"CVE-2019-1297","title":"CVE-2019-1297: Microsoft Excel Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1297"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1297","csirts_url":"https://www.csirts.com/advisory/cve-2019-1297-3505"},{"num":1188,"source_id":"cisa-kev","external_id":"CVE-2018-0172","title":"CVE-2018-0172: Cisco IOS and IOS XE Software Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0172"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0172","csirts_url":"https://www.csirts.com/advisory/cve-2018-0172-1188"},{"num":1198,"source_id":"cisa-kev","external_id":"CVE-2016-7855","title":"CVE-2016-7855: Adobe Flash Player Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7855"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7855","csirts_url":"https://www.csirts.com/advisory/cve-2016-7855-1198"},{"num":3144,"source_id":"cisa-kev","external_id":"CVE-2014-0496","title":"CVE-2014-0496: Adobe Reader and Acrobat Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-0496"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-0496","csirts_url":"https://www.csirts.com/advisory/cve-2014-0496-3144"},{"num":3164,"source_id":"cisa-kev","external_id":"CVE-2008-3431","title":"CVE-2008-3431: Oracle VirtualBox Insufficient Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2008-3431"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2008-3431","csirts_url":"https://www.csirts.com/advisory/cve-2008-3431-3164"},{"num":3118,"source_id":"cisa-kev","external_id":"CVE-2017-12235","title":"CVE-2017-12235: Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12235"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12235","csirts_url":"https://www.csirts.com/advisory/cve-2017-12235-3118"},{"num":3077,"source_id":"cisa-kev","external_id":"CVE-2020-11899","title":"CVE-2020-11899: Treck TCP/IP stack Out-of-Bounds Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-11899"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-11899","csirts_url":"https://www.csirts.com/advisory/cve-2020-11899-3077"},{"num":3093,"source_id":"cisa-kev","external_id":"CVE-2018-0154","title":"CVE-2018-0154: Cisco IOS Software Integrated Services Module for VPN Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0154"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0154","csirts_url":"https://www.csirts.com/advisory/cve-2018-0154-3093"},{"num":3540,"source_id":"cisa-kev","external_id":"CVE-2008-2992","title":"CVE-2008-2992: Adobe Reader and Acrobat Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2008-2992"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2008-2992","csirts_url":"https://www.csirts.com/advisory/cve-2008-2992-3540"},{"num":3094,"source_id":"cisa-kev","external_id":"CVE-2017-8540","title":"CVE-2017-8540: Microsoft Malware Protection Engine Improper Restriction of Operations Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-8540"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-8540","csirts_url":"https://www.csirts.com/advisory/cve-2017-8540-3094"},{"num":3097,"source_id":"cisa-kev","external_id":"CVE-2017-6739","title":"CVE-2017-6739: Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6739"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6739","csirts_url":"https://www.csirts.com/advisory/cve-2017-6739-3097"},{"num":3110,"source_id":"cisa-kev","external_id":"CVE-2017-6737","title":"CVE-2017-6737: Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6737"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6737","csirts_url":"https://www.csirts.com/advisory/cve-2017-6737-3110"},{"num":3111,"source_id":"cisa-kev","external_id":"CVE-2017-6736","title":"CVE-2017-6736: Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6736"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6736","csirts_url":"https://www.csirts.com/advisory/cve-2017-6736-3111"},{"num":456,"source_id":"cisa-kev","external_id":"CVE-2016-1019","title":"CVE-2016-1019: Adobe Flash Player Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-1019"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-1019","csirts_url":"https://www.csirts.com/advisory/cve-2016-1019-456"},{"num":3132,"source_id":"cisa-kev","external_id":"CVE-2017-12231","title":"CVE-2017-12231: Cisco IOS Software Network Address Translation Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12231"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12231","csirts_url":"https://www.csirts.com/advisory/cve-2017-12231-3132"},{"num":3120,"source_id":"cisa-kev","external_id":"CVE-2017-12232","title":"CVE-2017-12232: Cisco IOS Software for Cisco Integrated Services Routers Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12232"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12232","csirts_url":"https://www.csirts.com/advisory/cve-2017-12232-3120"},{"num":3149,"source_id":"cisa-kev","external_id":"CVE-2011-1889","title":"CVE-2011-1889: Microsoft Forefront TMG Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2011-1889"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2011-1889","csirts_url":"https://www.csirts.com/advisory/cve-2011-1889-3149"},{"num":1233,"source_id":"cisa-kev","external_id":"CVE-2018-0151","title":"CVE-2018-0151: Cisco IOS Software and Cisco IOS XE Software Quality of Service Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0151"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0151","csirts_url":"https://www.csirts.com/advisory/cve-2018-0151-1233"},{"num":388,"source_id":"cisa-kev","external_id":"CVE-2015-5119","title":"CVE-2015-5119: Adobe Flash Player Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-5119"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-5119","csirts_url":"https://www.csirts.com/advisory/cve-2015-5119-388"},{"num":206,"source_id":"cisa-kev","external_id":"CVE-2012-0507","title":"CVE-2012-0507: Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-0507"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-0507","csirts_url":"https://www.csirts.com/advisory/cve-2012-0507-206"},{"num":3142,"source_id":"cisa-kev","external_id":"CVE-2015-1642","title":"CVE-2015-1642: Microsoft Office Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1642"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1642","csirts_url":"https://www.csirts.com/advisory/cve-2015-1642-3142"},{"num":3119,"source_id":"cisa-kev","external_id":"CVE-2017-12233","title":"CVE-2017-12233: Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12233"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12233","csirts_url":"https://www.csirts.com/advisory/cve-2017-12233-3119"},{"num":1475,"source_id":"cisa-kev","external_id":"CVE-2015-1701","title":"CVE-2015-1701: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1701"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1701","csirts_url":"https://www.csirts.com/advisory/cve-2015-1701-1475"},{"num":3115,"source_id":"cisa-kev","external_id":"CVE-2017-12240","title":"CVE-2017-12240: Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12240"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12240","csirts_url":"https://www.csirts.com/advisory/cve-2017-12240-3115"},{"num":3518,"source_id":"cisa-kev","external_id":"CVE-2017-12234","title":"CVE-2017-12234: Cisco IOS Software Common Industrial Protocol Request Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12234"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12234","csirts_url":"https://www.csirts.com/advisory/cve-2017-12234-3518"},{"num":3113,"source_id":"cisa-kev","external_id":"CVE-2017-6627","title":"CVE-2017-6627: Cisco IOS Software and Cisco IOS XE Software UDP Packet Processing Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6627"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6627","csirts_url":"https://www.csirts.com/advisory/cve-2017-6627-3113"},{"num":2403,"source_id":"cisa-kev","external_id":"CVE-2015-4902","title":"CVE-2015-4902: Oracle Java SE Integrity Check Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-4902"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-4902","csirts_url":"https://www.csirts.com/advisory/cve-2015-4902-2403"},{"num":1538,"source_id":"cisa-kev","external_id":"CVE-2017-0001","title":"CVE-2017-0001: Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0001"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0001","csirts_url":"https://www.csirts.com/advisory/cve-2017-0001-1538"},{"num":1314,"source_id":"cisa-kev","external_id":"CVE-2017-11292","title":"CVE-2017-11292: Adobe Flash Player Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-11292"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-11292","csirts_url":"https://www.csirts.com/advisory/cve-2017-11292-1314"},{"num":1419,"source_id":"cisa-kev","external_id":"CVE-2016-5195","title":"CVE-2016-5195: Linux Kernel Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-5195"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-5195","csirts_url":"https://www.csirts.com/advisory/cve-2016-5195-1419"},{"num":2394,"source_id":"cisa-kev","external_id":"CVE-2016-7193","title":"CVE-2016-7193: Microsoft Office Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7193"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7193","csirts_url":"https://www.csirts.com/advisory/cve-2016-7193-2394"},{"num":1398,"source_id":"cisa-kev","external_id":"CVE-2013-3897","title":"CVE-2013-3897: Microsoft Internet Explorer Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3897"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3897","csirts_url":"https://www.csirts.com/advisory/cve-2013-3897-1398"},{"num":2469,"source_id":"cisa-kev","external_id":"CVE-2013-3346","title":"CVE-2013-3346: Adobe Reader and Acrobat Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3346"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3346","csirts_url":"https://www.csirts.com/advisory/cve-2013-3346-2469"},{"num":385,"source_id":"cisa-kev","external_id":"CVE-2016-7262","title":"CVE-2016-7262: Microsoft Office Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7262"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7262","csirts_url":"https://www.csirts.com/advisory/cve-2016-7262-385"},{"num":3072,"source_id":"cisa-kev","external_id":"CVE-2022-20700","title":"CVE-2022-20700: Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-20700"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-20700","csirts_url":"https://www.csirts.com/advisory/cve-2022-20700-3072"},{"num":1083,"source_id":"cisa-kev","external_id":"CVE-2022-20699","title":"CVE-2022-20699: Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-20699"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-20699","csirts_url":"https://www.csirts.com/advisory/cve-2022-20699-1083"},{"num":3076,"source_id":"cisa-kev","external_id":"CVE-2020-1938","title":"CVE-2020-1938: Apache Tomcat Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1938"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1938","csirts_url":"https://www.csirts.com/advisory/cve-2020-1938-3076"},{"num":3079,"source_id":"cisa-kev","external_id":"CVE-2019-16928","title":"CVE-2019-16928: Exim Out-of-bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-16928"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-16928","csirts_url":"https://www.csirts.com/advisory/cve-2019-16928-3079"},{"num":3082,"source_id":"cisa-kev","external_id":"CVE-2018-8298","title":"CVE-2018-8298: ChakraCore Scripting Engine Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8298"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8298","csirts_url":"https://www.csirts.com/advisory/cve-2018-8298-3082"},{"num":3085,"source_id":"cisa-kev","external_id":"CVE-2018-0175","title":"CVE-2018-0175: Cisco IOS, XR, and XE Software Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0175"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0175","csirts_url":"https://www.csirts.com/advisory/cve-2018-0175-3085"},{"num":1222,"source_id":"cisa-kev","external_id":"CVE-2018-0156","title":"CVE-2018-0156: Cisco IOS Software and Cisco IOS XE Software Smart Install Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0156"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0156","csirts_url":"https://www.csirts.com/advisory/cve-2018-0156-1222"},{"num":3133,"source_id":"cisa-kev","external_id":"CVE-2017-11826","title":"CVE-2017-11826: Microsoft Office Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-11826"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-11826","csirts_url":"https://www.csirts.com/advisory/cve-2017-11826-3133"},{"num":3163,"source_id":"cisa-kev","external_id":"CVE-2009-1123","title":"CVE-2009-1123: Microsoft Windows Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2009-1123"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2009-1123","csirts_url":"https://www.csirts.com/advisory/cve-2009-1123-3163"},{"num":3090,"source_id":"cisa-kev","external_id":"CVE-2018-0159","title":"CVE-2018-0159: Cisco IOS and XE Software Internet Key Exchange Version 1 Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0159"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0159","csirts_url":"https://www.csirts.com/advisory/cve-2018-0159-3090"},{"num":3117,"source_id":"cisa-kev","external_id":"CVE-2017-12237","title":"CVE-2017-12237: Cisco IOS and IOS XE Software Internet Key Exchange Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12237"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12237","csirts_url":"https://www.csirts.com/advisory/cve-2017-12237-3117"},{"num":3083,"source_id":"cisa-kev","external_id":"CVE-2018-0180","title":"CVE-2018-0180: Cisco IOS Software Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0180"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0180","csirts_url":"https://www.csirts.com/advisory/cve-2018-0180-3083"},{"num":2767,"source_id":"cisa-kev","external_id":"CVE-2010-0188","title":"CVE-2010-0188: Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-0188"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-0188","csirts_url":"https://www.csirts.com/advisory/cve-2010-0188-2767"},{"num":3143,"source_id":"cisa-kev","external_id":"CVE-2014-4114","title":"CVE-2014-4114: Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-4114"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-4114","csirts_url":"https://www.csirts.com/advisory/cve-2014-4114-3143"},{"num":3086,"source_id":"cisa-kev","external_id":"CVE-2018-0174","title":"CVE-2018-0174: Cisco IOS Software and Cisco IOS XE Software Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0174"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0174","csirts_url":"https://www.csirts.com/advisory/cve-2018-0174-3086"},{"num":1539,"source_id":"cisa-kev","external_id":"CVE-2016-8562","title":"CVE-2016-8562: Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-8562"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-8562","csirts_url":"https://www.csirts.com/advisory/cve-2016-8562-1539"},{"num":3060,"source_id":"cisa-kev","external_id":"CVE-2022-20703","title":"CVE-2022-20703: Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-20703"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-20703","csirts_url":"https://www.csirts.com/advisory/cve-2022-20703-3060"},{"num":3061,"source_id":"cisa-kev","external_id":"CVE-2022-20701","title":"CVE-2022-20701: Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-20701"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-20701","csirts_url":"https://www.csirts.com/advisory/cve-2022-20701-3061"},{"num":3114,"source_id":"cisa-kev","external_id":"CVE-2017-12319","title":"CVE-2017-12319: Cisco IOS XE Software Ethernet Virtual Private Network Border Gateway Protocol Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12319"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12319","csirts_url":"https://www.csirts.com/advisory/cve-2017-12319-3114"},{"num":2963,"source_id":"cisa-kev","external_id":"CVE-2016-4117","title":"CVE-2016-4117: Adobe Flash Player Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-4117"],"exploited":true,"has_exploit":true,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-4117","csirts_url":"https://www.csirts.com/advisory/cve-2016-4117-2963"},{"num":1262,"source_id":"cisa-kev","external_id":"CVE-2017-6663","title":"CVE-2017-6663: Cisco IOS Software and Cisco IOS XE Software Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6663"],"exploited":true,"has_exploit":false,"published_at":"2022-03-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6663","csirts_url":"https://www.csirts.com/advisory/cve-2017-6663-1262"},{"num":3168,"source_id":"cisa-kev","external_id":"CVE-2017-0222","title":"CVE-2017-0222: Microsoft Internet Explorer Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0222"],"exploited":true,"has_exploit":false,"published_at":"2022-02-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0222","csirts_url":"https://www.csirts.com/advisory/cve-2017-0222-3168"},{"num":3169,"source_id":"cisa-kev","external_id":"CVE-2014-6352","title":"CVE-2014-6352: Microsoft Windows Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-6352"],"exploited":true,"has_exploit":true,"published_at":"2022-02-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-6352","csirts_url":"https://www.csirts.com/advisory/cve-2014-6352-3169"},{"num":3167,"source_id":"cisa-kev","external_id":"CVE-2017-8570","title":"CVE-2017-8570: Microsoft Office Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-8570"],"exploited":true,"has_exploit":true,"published_at":"2022-02-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-8570","csirts_url":"https://www.csirts.com/advisory/cve-2017-8570-3167"},{"num":3166,"source_id":"cisa-kev","external_id":"CVE-2022-24682","title":"CVE-2022-24682: Synacor Zimbra Collaborate Suite (ZCS) Cross-Site Scripting Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-24682"],"exploited":true,"has_exploit":true,"published_at":"2022-02-25T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-24682","csirts_url":"https://www.csirts.com/advisory/cve-2022-24682-3166"},{"num":1531,"source_id":"cisa-kev","external_id":"CVE-2022-23134","title":"CVE-2022-23134: Zabbix Frontend Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-23134"],"exploited":true,"has_exploit":true,"published_at":"2022-02-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-23134","csirts_url":"https://www.csirts.com/advisory/cve-2022-23134-1531"},{"num":3170,"source_id":"cisa-kev","external_id":"CVE-2022-23131","title":"CVE-2022-23131: Zabbix Frontend Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-23131"],"exploited":true,"has_exploit":true,"published_at":"2022-02-22T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-23131","csirts_url":"https://www.csirts.com/advisory/cve-2022-23131-3170"},{"num":87080,"source_id":"jenkins","external_id":"jenkins-advisory-2022-02-15","title":"Jenkins Security Advisory 2022-02-15","severity":"unknown","cvss":null,"cves":["CVE-2022-25173","CVE-2022-25174","CVE-2022-25175","CVE-2022-25176","CVE-2022-25177","CVE-2022-25178","CVE-2022-25179","CVE-2022-25180","CVE-2022-25181","CVE-2022-25182","CVE-2022-25183","CVE-2022-25184","CVE-2022-25185","CVE-2022-25186","CVE-2022-25187","CVE-2022-25188","CVE-2022-25189","CVE-2022-25190","CVE-2022-25191","CVE-2022-25192","CVE-2022-25193","CVE-2022-25194","CVE-2022-25195","CVE-2022-25196","CVE-2022-25197","CVE-2022-25198","CVE-2022-25199","CVE-2022-25200","CVE-2022-25201","CVE-2022-25202","CVE-2022-25203","CVE-2022-25204","CVE-2022-25205","CVE-2022-25206","CVE-2022-25207","CVE-2022-25208","CVE-2022-25209","CVE-2022-25210","CVE-2022-25211","CVE-2022-25212"],"exploited":false,"has_exploit":false,"published_at":"2022-02-15T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-02-15/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-02-15-87080"},{"num":3181,"source_id":"cisa-kev","external_id":"CVE-2014-1761","title":"CVE-2014-1761: Microsoft Word Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-1761"],"exploited":true,"has_exploit":true,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-1761","csirts_url":"https://www.csirts.com/advisory/cve-2014-1761-3181"},{"num":3171,"source_id":"cisa-kev","external_id":"CVE-2022-24086","title":"CVE-2022-24086: Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-24086"],"exploited":true,"has_exploit":true,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-24086","csirts_url":"https://www.csirts.com/advisory/cve-2022-24086-3171"},{"num":3172,"source_id":"cisa-kev","external_id":"CVE-2022-0609","title":"CVE-2022-0609: Google Chromium Animation Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-0609"],"exploited":true,"has_exploit":false,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-0609","csirts_url":"https://www.csirts.com/advisory/cve-2022-0609-3172"},{"num":2884,"source_id":"cisa-kev","external_id":"CVE-2018-15982","title":"CVE-2018-15982: Adobe Flash Player Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-15982"],"exploited":true,"has_exploit":true,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-15982","csirts_url":"https://www.csirts.com/advisory/cve-2018-15982-2884"},{"num":3182,"source_id":"cisa-kev","external_id":"CVE-2013-3906","title":"CVE-2013-3906: Microsoft Graphics Component Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2013-3906"],"exploited":true,"has_exploit":true,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3906","csirts_url":"https://www.csirts.com/advisory/cve-2013-3906-3182"},{"num":3178,"source_id":"cisa-kev","external_id":"CVE-2018-8174","title":"CVE-2018-8174: Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8174"],"exploited":true,"has_exploit":true,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8174","csirts_url":"https://www.csirts.com/advisory/cve-2018-8174-3178"},{"num":3177,"source_id":"cisa-kev","external_id":"CVE-2019-0752","title":"CVE-2019-0752: Microsoft Internet Explorer Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0752"],"exploited":true,"has_exploit":true,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0752","csirts_url":"https://www.csirts.com/advisory/cve-2019-0752-3177"},{"num":3179,"source_id":"cisa-kev","external_id":"CVE-2018-20250","title":"CVE-2018-20250: WinRAR Absolute Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-20250"],"exploited":true,"has_exploit":true,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-20250","csirts_url":"https://www.csirts.com/advisory/cve-2018-20250-3179"},{"num":3180,"source_id":"cisa-kev","external_id":"CVE-2017-9841","title":"CVE-2017-9841: PHPUnit Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-9841"],"exploited":true,"has_exploit":true,"published_at":"2022-02-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-9841","csirts_url":"https://www.csirts.com/advisory/cve-2017-9841-3180"},{"num":3183,"source_id":"cisa-kev","external_id":"CVE-2022-22620","title":"CVE-2022-22620: Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22620"],"exploited":true,"has_exploit":true,"published_at":"2022-02-11T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22620","csirts_url":"https://www.csirts.com/advisory/cve-2022-22620-3183"},{"num":3192,"source_id":"cisa-kev","external_id":"CVE-2017-10271","title":"CVE-2017-10271: Oracle Corporation WebLogic Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-10271"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-10271","csirts_url":"https://www.csirts.com/advisory/cve-2017-10271-3192"},{"num":1438,"source_id":"cisa-kev","external_id":"CVE-2021-36934","title":"CVE-2021-36934: Microsoft Windows SAM Local Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-36934"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-36934","csirts_url":"https://www.csirts.com/advisory/cve-2021-36934-1438"},{"num":2940,"source_id":"cisa-kev","external_id":"CVE-2015-1635","title":"CVE-2015-1635: Microsoft HTTP.sys Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1635"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1635","csirts_url":"https://www.csirts.com/advisory/cve-2015-1635-2940"},{"num":3184,"source_id":"cisa-kev","external_id":"CVE-2020-0796","title":"CVE-2020-0796: Microsoft SMBv3 Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0796"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0796","csirts_url":"https://www.csirts.com/advisory/cve-2020-0796-3184"},{"num":3193,"source_id":"cisa-kev","external_id":"CVE-2017-0263","title":"CVE-2017-0263: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0263"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0263","csirts_url":"https://www.csirts.com/advisory/cve-2017-0263-3193"},{"num":3198,"source_id":"cisa-kev","external_id":"CVE-2015-1130","title":"CVE-2015-1130: Apple OS X Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1130"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1130","csirts_url":"https://www.csirts.com/advisory/cve-2015-1130-3198"},{"num":857,"source_id":"cisa-kev","external_id":"CVE-2015-2051","title":"CVE-2015-2051: D-Link DIR-645 Router Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-2051"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-2051","csirts_url":"https://www.csirts.com/advisory/cve-2015-2051-857"},{"num":3194,"source_id":"cisa-kev","external_id":"CVE-2017-0262","title":"CVE-2017-0262: Microsoft Office Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0262"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0262","csirts_url":"https://www.csirts.com/advisory/cve-2017-0262-3194"},{"num":3199,"source_id":"cisa-kev","external_id":"CVE-2014-4404","title":"CVE-2014-4404: Apple OS X Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-4404"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-4404","csirts_url":"https://www.csirts.com/advisory/cve-2014-4404-3199"},{"num":3197,"source_id":"cisa-kev","external_id":"CVE-2016-3088","title":"CVE-2016-3088: Apache ActiveMQ Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3088"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3088","csirts_url":"https://www.csirts.com/advisory/cve-2016-3088-3197"},{"num":3185,"source_id":"cisa-kev","external_id":"CVE-2017-9791","title":"CVE-2017-9791: Apache Struts 1 Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-9791"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-9791","csirts_url":"https://www.csirts.com/advisory/cve-2017-9791-3185"},{"num":2909,"source_id":"cisa-kev","external_id":"CVE-2017-0145","title":"CVE-2017-0145: Microsoft SMBv1 Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0145"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0145","csirts_url":"https://www.csirts.com/advisory/cve-2017-0145-2909"},{"num":1439,"source_id":"cisa-kev","external_id":"CVE-2018-1000861","title":"CVE-2018-1000861: Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-1000861"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-1000861","csirts_url":"https://www.csirts.com/advisory/cve-2018-1000861-1439"},{"num":3196,"source_id":"cisa-kev","external_id":"CVE-2017-0144","title":"CVE-2017-0144: Microsoft SMBv1 Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0144"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0144","csirts_url":"https://www.csirts.com/advisory/cve-2017-0144-3196"},{"num":3186,"source_id":"cisa-kev","external_id":"CVE-2017-8464","title":"CVE-2017-8464: Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-8464"],"exploited":true,"has_exploit":true,"published_at":"2022-02-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-8464","csirts_url":"https://www.csirts.com/advisory/cve-2017-8464-3186"},{"num":87081,"source_id":"jenkins","external_id":"jenkins-advisory-2022-02-09","title":"Jenkins Security Advisory 2022-02-09","severity":"unknown","cvss":null,"cves":["CVE-2021-43859","CVE-2022-0538"],"exploited":false,"has_exploit":false,"published_at":"2022-02-09T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-02-09/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-02-09-87081"},{"num":3200,"source_id":"cisa-kev","external_id":"CVE-2022-21882","title":"CVE-2022-21882: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-21882"],"exploited":true,"has_exploit":true,"published_at":"2022-02-04T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-21882","csirts_url":"https://www.csirts.com/advisory/cve-2022-21882-3200"},{"num":3201,"source_id":"cisa-kev","external_id":"CVE-2021-20038","title":"CVE-2021-20038: SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20038"],"exploited":true,"has_exploit":true,"published_at":"2022-01-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20038","csirts_url":"https://www.csirts.com/advisory/cve-2021-20038-3201"},{"num":880,"source_id":"cisa-kev","external_id":"CVE-2022-22587","title":"CVE-2022-22587: Apple Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2022-22587"],"exploited":true,"has_exploit":false,"published_at":"2022-01-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2022-22587","csirts_url":"https://www.csirts.com/advisory/cve-2022-22587-880"},{"num":3205,"source_id":"cisa-kev","external_id":"CVE-2014-6271","title":"CVE-2014-6271: GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-6271"],"exploited":true,"has_exploit":true,"published_at":"2022-01-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-6271","csirts_url":"https://www.csirts.com/advisory/cve-2014-6271-3205"},{"num":3204,"source_id":"cisa-kev","external_id":"CVE-2014-1776","title":"CVE-2014-1776: Microsoft Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-1776"],"exploited":true,"has_exploit":false,"published_at":"2022-01-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-1776","csirts_url":"https://www.csirts.com/advisory/cve-2014-1776-3204"},{"num":896,"source_id":"cisa-kev","external_id":"CVE-2020-5722","title":"CVE-2020-5722: Grandstream Networks UCM6200 Series SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-5722"],"exploited":true,"has_exploit":true,"published_at":"2022-01-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-5722","csirts_url":"https://www.csirts.com/advisory/cve-2020-5722-896"},{"num":3548,"source_id":"cisa-kev","external_id":"CVE-2017-5689","title":"CVE-2017-5689: Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-5689"],"exploited":true,"has_exploit":true,"published_at":"2022-01-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-5689","csirts_url":"https://www.csirts.com/advisory/cve-2017-5689-3548"},{"num":3206,"source_id":"cisa-kev","external_id":"CVE-2014-7169","title":"CVE-2014-7169: GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-7169"],"exploited":true,"has_exploit":true,"published_at":"2022-01-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-7169","csirts_url":"https://www.csirts.com/advisory/cve-2014-7169-3206"},{"num":3203,"source_id":"cisa-kev","external_id":"CVE-2020-0787","title":"CVE-2020-0787: Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0787"],"exploited":true,"has_exploit":true,"published_at":"2022-01-28T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0787","csirts_url":"https://www.csirts.com/advisory/cve-2020-0787-3203"},{"num":3063,"source_id":"cisa-kev","external_id":"CVE-2018-8453","title":"CVE-2018-8453: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8453"],"exploited":true,"has_exploit":true,"published_at":"2022-01-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8453","csirts_url":"https://www.csirts.com/advisory/cve-2018-8453-3063"},{"num":3208,"source_id":"cisa-kev","external_id":"CVE-2021-35247","title":"CVE-2021-35247: SolarWinds Serv-U Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-35247"],"exploited":true,"has_exploit":false,"published_at":"2022-01-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-35247","csirts_url":"https://www.csirts.com/advisory/cve-2021-35247-3208"},{"num":3207,"source_id":"cisa-kev","external_id":"CVE-2012-0391","title":"CVE-2012-0391: Apache Struts 2 Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-0391"],"exploited":true,"has_exploit":true,"published_at":"2022-01-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-0391","csirts_url":"https://www.csirts.com/advisory/cve-2012-0391-3207"},{"num":923,"source_id":"cisa-kev","external_id":"CVE-2006-1547","title":"CVE-2006-1547: Apache Struts 1 ActionForm Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2006-1547"],"exploited":true,"has_exploit":false,"published_at":"2022-01-21T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2006-1547","csirts_url":"https://www.csirts.com/advisory/cve-2006-1547-923"},{"num":3217,"source_id":"cisa-kev","external_id":"CVE-2020-14864","title":"CVE-2020-14864: Oracle Business Intelligence Enterprise Edition Path Transversal","severity":"critical","cvss":null,"cves":["CVE-2020-14864"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-14864","csirts_url":"https://www.csirts.com/advisory/cve-2020-14864-3217"},{"num":3215,"source_id":"cisa-kev","external_id":"CVE-2021-21315","title":"CVE-2021-21315: System Information Library for Node.JS Command Injection","severity":"critical","cvss":null,"cves":["CVE-2021-21315"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21315","csirts_url":"https://www.csirts.com/advisory/cve-2021-21315-3215"},{"num":3218,"source_id":"cisa-kev","external_id":"CVE-2020-13927","title":"CVE-2020-13927: Apache Airflow's Experimental API Authentication Bypass","severity":"critical","cvss":null,"cves":["CVE-2020-13927"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-13927","csirts_url":"https://www.csirts.com/advisory/cve-2020-13927-3218"},{"num":3214,"source_id":"cisa-kev","external_id":"CVE-2021-21975","title":"CVE-2021-21975: VMware Server Side Request Forgery in vRealize Operations Manager API","severity":"critical","cvss":null,"cves":["CVE-2021-21975"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21975","csirts_url":"https://www.csirts.com/advisory/cve-2021-21975-3214"},{"num":3209,"source_id":"cisa-kev","external_id":"CVE-2021-32648","title":"CVE-2021-32648: October CMS Improper Authentication","severity":"critical","cvss":null,"cves":["CVE-2021-32648"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-32648","csirts_url":"https://www.csirts.com/advisory/cve-2021-32648-3209"},{"num":3099,"source_id":"cisa-kev","external_id":"CVE-2020-13671","title":"CVE-2020-13671: Drupal core Un-restricted Upload of File","severity":"critical","cvss":null,"cves":["CVE-2020-13671"],"exploited":true,"has_exploit":false,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-13671","csirts_url":"https://www.csirts.com/advisory/cve-2020-13671-3099"},{"num":973,"source_id":"cisa-kev","external_id":"CVE-2020-11978","title":"CVE-2020-11978: Apache Airflow Command Injection","severity":"critical","cvss":null,"cves":["CVE-2020-11978"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-11978","csirts_url":"https://www.csirts.com/advisory/cve-2020-11978-973"},{"num":949,"source_id":"cisa-kev","external_id":"CVE-2021-25298","title":"CVE-2021-25298: Nagios XI OS Command Injection","severity":"critical","cvss":null,"cves":["CVE-2021-25298"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25298","csirts_url":"https://www.csirts.com/advisory/cve-2021-25298-949"},{"num":3211,"source_id":"cisa-kev","external_id":"CVE-2021-25297","title":"CVE-2021-25297: Nagios XI OS Command Injection","severity":"critical","cvss":null,"cves":["CVE-2021-25297"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25297","csirts_url":"https://www.csirts.com/advisory/cve-2021-25297-3211"},{"num":3216,"source_id":"cisa-kev","external_id":"CVE-2021-22991","title":"CVE-2021-22991: F5 BIG-IP Traffic Management Microkernel Buffer Overflow","severity":"critical","cvss":null,"cves":["CVE-2021-22991"],"exploited":true,"has_exploit":false,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22991","csirts_url":"https://www.csirts.com/advisory/cve-2021-22991-3216"},{"num":3210,"source_id":"cisa-kev","external_id":"CVE-2021-25296","title":"CVE-2021-25296: Nagios XI OS Command Injection","severity":"critical","cvss":null,"cves":["CVE-2021-25296"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-25296","csirts_url":"https://www.csirts.com/advisory/cve-2021-25296-3210"},{"num":3213,"source_id":"cisa-kev","external_id":"CVE-2021-33766","title":"CVE-2021-33766: Microsoft Exchange Server Information Disclosure","severity":"critical","cvss":null,"cves":["CVE-2021-33766"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-33766","csirts_url":"https://www.csirts.com/advisory/cve-2021-33766-3213"},{"num":3212,"source_id":"cisa-kev","external_id":"CVE-2021-40870","title":"CVE-2021-40870: Aviatrix Controller Unrestricted Upload of File","severity":"critical","cvss":null,"cves":["CVE-2021-40870"],"exploited":true,"has_exploit":true,"published_at":"2022-01-18T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-40870","csirts_url":"https://www.csirts.com/advisory/cve-2021-40870-3212"},{"num":87082,"source_id":"jenkins","external_id":"jenkins-advisory-2022-01-12","title":"Jenkins Security Advisory 2022-01-12","severity":"unknown","cvss":null,"cves":["CVE-2022-20612","CVE-2022-20613","CVE-2022-20614","CVE-2022-20615","CVE-2022-20616","CVE-2022-20617","CVE-2022-20618","CVE-2022-20619","CVE-2022-20620","CVE-2022-20621","CVE-2022-23105","CVE-2022-23106","CVE-2022-23107","CVE-2022-23108","CVE-2022-23109","CVE-2022-23110","CVE-2022-23111","CVE-2022-23112","CVE-2022-23113","CVE-2022-23114","CVE-2022-23115","CVE-2022-23116","CVE-2022-23117","CVE-2022-23118"],"exploited":false,"has_exploit":false,"published_at":"2022-01-12T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2022-01-12/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2022-01-12-87082"},{"num":3219,"source_id":"cisa-kev","external_id":"CVE-2021-22017","title":"CVE-2021-22017: VMware vCenter Server Improper Access Control","severity":"critical","cvss":null,"cves":["CVE-2021-22017"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22017","csirts_url":"https://www.csirts.com/advisory/cve-2021-22017-3219"},{"num":1485,"source_id":"cisa-kev","external_id":"CVE-2019-1579","title":"CVE-2019-1579: Palo Alto Networks PAN-OS Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1579"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1579","csirts_url":"https://www.csirts.com/advisory/cve-2019-1579-1485"},{"num":3138,"source_id":"cisa-kev","external_id":"CVE-2019-7609","title":"CVE-2019-7609: Kibana Arbitrary Code Execution","severity":"critical","cvss":null,"cves":["CVE-2019-7609"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7609","csirts_url":"https://www.csirts.com/advisory/cve-2019-7609-3138"},{"num":3224,"source_id":"cisa-kev","external_id":"CVE-2019-9670","title":"CVE-2019-9670: Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference","severity":"critical","cvss":null,"cves":["CVE-2019-9670"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9670","csirts_url":"https://www.csirts.com/advisory/cve-2019-9670-3224"},{"num":3230,"source_id":"cisa-kev","external_id":"CVE-2019-10149","title":"CVE-2019-10149: Exim Mail Transfer Agent (MTA) Improper Input Validation","severity":"critical","cvss":null,"cves":["CVE-2019-10149"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-10149","csirts_url":"https://www.csirts.com/advisory/cve-2019-10149-3230"},{"num":3232,"source_id":"cisa-kev","external_id":"CVE-2017-1000486","title":"CVE-2017-1000486: Primetek Primefaces Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-1000486"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000486","csirts_url":"https://www.csirts.com/advisory/cve-2017-1000486-3232"},{"num":1483,"source_id":"cisa-kev","external_id":"CVE-2019-1458","title":"CVE-2019-1458: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1458"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1458","csirts_url":"https://www.csirts.com/advisory/cve-2019-1458-1483"},{"num":3221,"source_id":"cisa-kev","external_id":"CVE-2013-3900","title":"CVE-2013-3900: Microsoft WinVerifyTrust function Remote Code Execution","severity":"critical","cvss":null,"cves":["CVE-2013-3900"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2013-3900","csirts_url":"https://www.csirts.com/advisory/cve-2013-3900-3221"},{"num":3223,"source_id":"cisa-kev","external_id":"CVE-2019-2725","title":"CVE-2019-2725: Oracle WebLogic Server, Injection","severity":"critical","cvss":null,"cves":["CVE-2019-2725"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-2725","csirts_url":"https://www.csirts.com/advisory/cve-2019-2725-3223"},{"num":3231,"source_id":"cisa-kev","external_id":"CVE-2015-7450","title":"CVE-2015-7450: IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.","severity":"critical","cvss":null,"cves":["CVE-2015-7450"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-7450","csirts_url":"https://www.csirts.com/advisory/cve-2015-7450-3231"},{"num":3228,"source_id":"cisa-kev","external_id":"CVE-2018-13382","title":"CVE-2018-13382: Fortinet FortiOS and FortiProxy Improper Authorization","severity":"critical","cvss":null,"cves":["CVE-2018-13382"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-13382","csirts_url":"https://www.csirts.com/advisory/cve-2018-13382-3228"},{"num":3233,"source_id":"cisa-kev","external_id":"CVE-2021-27860","title":"CVE-2021-27860: FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit","severity":"critical","cvss":null,"cves":["CVE-2021-27860"],"exploited":true,"has_exploit":false,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27860","csirts_url":"https://www.csirts.com/advisory/cve-2021-27860-3233"},{"num":3220,"source_id":"cisa-kev","external_id":"CVE-2020-6572","title":"CVE-2020-6572: Google Chrome Media Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-6572"],"exploited":true,"has_exploit":false,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-6572","csirts_url":"https://www.csirts.com/advisory/cve-2020-6572-3220"},{"num":3229,"source_id":"cisa-kev","external_id":"CVE-2018-13383","title":"CVE-2018-13383: Fortinet FortiOS and FortiProxy Out-of-bounds Write","severity":"critical","cvss":null,"cves":["CVE-2018-13383"],"exploited":true,"has_exploit":false,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-13383","csirts_url":"https://www.csirts.com/advisory/cve-2018-13383-3229"},{"num":3107,"source_id":"cisa-kev","external_id":"CVE-2021-36260","title":"CVE-2021-36260: Hikvision Improper Input Validation","severity":"critical","cvss":null,"cves":["CVE-2021-36260"],"exploited":true,"has_exploit":true,"published_at":"2022-01-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-36260","csirts_url":"https://www.csirts.com/advisory/cve-2021-36260-3107"},{"num":3235,"source_id":"cisa-kev","external_id":"CVE-2021-4102","title":"CVE-2021-4102: Google Chromium V8 Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-4102"],"exploited":true,"has_exploit":false,"published_at":"2021-12-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-4102","csirts_url":"https://www.csirts.com/advisory/cve-2021-4102-3235"},{"num":3234,"source_id":"cisa-kev","external_id":"CVE-2021-43890","title":"CVE-2021-43890: Microsoft Windows AppX Installer Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-43890"],"exploited":true,"has_exploit":false,"published_at":"2021-12-15T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-43890","csirts_url":"https://www.csirts.com/advisory/cve-2021-43890-3234"},{"num":3242,"source_id":"cisa-kev","external_id":"CVE-2017-12149","title":"CVE-2017-12149: Red Hat JBoss Application Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-12149"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-12149","csirts_url":"https://www.csirts.com/advisory/cve-2017-12149-3242"},{"num":3246,"source_id":"cisa-kev","external_id":"CVE-2019-10758","title":"CVE-2019-10758: MongoDB mongo-express Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-10758"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-10758","csirts_url":"https://www.csirts.com/advisory/cve-2019-10758-3246"},{"num":3245,"source_id":"cisa-kev","external_id":"CVE-2020-8816","title":"CVE-2020-8816: Pi-Hole AdminLTE Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8816"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8816","csirts_url":"https://www.csirts.com/advisory/cve-2020-8816-3245"},{"num":3236,"source_id":"cisa-kev","external_id":"CVE-2019-13272","title":"CVE-2019-13272: Linux Kernel Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-13272"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13272","csirts_url":"https://www.csirts.com/advisory/cve-2019-13272-3236"},{"num":3239,"source_id":"cisa-kev","external_id":"CVE-2021-44168","title":"CVE-2021-44168: Fortinet FortiOS Arbitrary File Download","severity":"critical","cvss":null,"cves":["CVE-2021-44168"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-44168","csirts_url":"https://www.csirts.com/advisory/cve-2021-44168-3239"},{"num":1456,"source_id":"cisa-kev","external_id":"CVE-2019-7238","title":"CVE-2019-7238: Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7238"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7238","csirts_url":"https://www.csirts.com/advisory/cve-2019-7238-1456"},{"num":3238,"source_id":"cisa-kev","external_id":"CVE-2021-35394","title":"CVE-2021-35394: Realtek Jungle SDK Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-35394"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-35394","csirts_url":"https://www.csirts.com/advisory/cve-2021-35394-3238"},{"num":3174,"source_id":"cisa-kev","external_id":"CVE-2021-44515","title":"CVE-2021-44515: Zoho Desktop Central Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-44515"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-44515","csirts_url":"https://www.csirts.com/advisory/cve-2021-44515-3174"},{"num":1457,"source_id":"cisa-kev","external_id":"CVE-2019-0193","title":"CVE-2019-0193: Apache Solr DataImportHandler Code Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0193"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0193","csirts_url":"https://www.csirts.com/advisory/cve-2019-0193-1457"},{"num":3240,"source_id":"cisa-kev","external_id":"CVE-2017-17562","title":"CVE-2017-17562: Embedthis GoAhead Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-17562"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-17562","csirts_url":"https://www.csirts.com/advisory/cve-2017-17562-3240"},{"num":3243,"source_id":"cisa-kev","external_id":"CVE-2010-1871","title":"CVE-2010-1871: Red Hat Linux JBoss Seam 2 Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-1871"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-1871","csirts_url":"https://www.csirts.com/advisory/cve-2010-1871-3243"},{"num":3247,"source_id":"cisa-kev","external_id":"CVE-2021-44228","title":"CVE-2021-44228: Apache Log4j2 Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-44228"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-44228","csirts_url":"https://www.csirts.com/advisory/cve-2021-44228-3247"},{"num":3244,"source_id":"cisa-kev","external_id":"CVE-2020-17463","title":"CVE-2020-17463: Fuel CMS SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-17463"],"exploited":true,"has_exploit":true,"published_at":"2021-12-10T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-17463","csirts_url":"https://www.csirts.com/advisory/cve-2020-17463-3244"},{"num":3250,"source_id":"cisa-kev","external_id":"CVE-2021-37415","title":"CVE-2021-37415: Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-37415"],"exploited":true,"has_exploit":true,"published_at":"2021-12-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-37415","csirts_url":"https://www.csirts.com/advisory/cve-2021-37415-3250"},{"num":3248,"source_id":"cisa-kev","external_id":"CVE-2020-11261","title":"CVE-2020-11261: Qualcomm Multiple Chipsets Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-11261"],"exploited":true,"has_exploit":false,"published_at":"2021-12-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-11261","csirts_url":"https://www.csirts.com/advisory/cve-2020-11261-3248"},{"num":3251,"source_id":"cisa-kev","external_id":"CVE-2021-44077","title":"CVE-2021-44077: Zoho ManageEngine ServiceDesk Plus Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-44077"],"exploited":true,"has_exploit":true,"published_at":"2021-12-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-44077","csirts_url":"https://www.csirts.com/advisory/cve-2021-44077-3251"},{"num":3249,"source_id":"cisa-kev","external_id":"CVE-2018-14847","title":"CVE-2018-14847: MikroTik Router OS Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-14847"],"exploited":true,"has_exploit":true,"published_at":"2021-12-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14847","csirts_url":"https://www.csirts.com/advisory/cve-2018-14847-3249"},{"num":1465,"source_id":"cisa-kev","external_id":"CVE-2021-40438","title":"CVE-2021-40438: Apache HTTP Server-Side Request Forgery (SSRF)","severity":"critical","cvss":null,"cves":["CVE-2021-40438"],"exploited":true,"has_exploit":true,"published_at":"2021-12-01T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-40438","csirts_url":"https://www.csirts.com/advisory/cve-2021-40438-1465"},{"num":216,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/decrypting-diversity-2021-diversity-and-inclusion-in-cyber-security","title":"Decrypting diversity: Diversity and inclusion in cyber security report 2021","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2021-11-23T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/decrypting-diversity-2021-diversity-and-inclusion-in-cyber-security","csirts_url":"https://www.csirts.com/advisory/decrypting-diversity-diversity-and-216"},{"num":3253,"source_id":"cisa-kev","external_id":"CVE-2021-42321","title":"CVE-2021-42321: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-42321"],"exploited":true,"has_exploit":true,"published_at":"2021-11-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-42321","csirts_url":"https://www.csirts.com/advisory/cve-2021-42321-3253"},{"num":3252,"source_id":"cisa-kev","external_id":"CVE-2021-22204","title":"CVE-2021-22204: ExifTool Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22204"],"exploited":true,"has_exploit":true,"published_at":"2021-11-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22204","csirts_url":"https://www.csirts.com/advisory/cve-2021-22204-3252"},{"num":3254,"source_id":"cisa-kev","external_id":"CVE-2021-42292","title":"CVE-2021-42292: Microsoft Excel Security Feature Bypass","severity":"critical","cvss":null,"cves":["CVE-2021-42292"],"exploited":true,"has_exploit":true,"published_at":"2021-11-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-42292","csirts_url":"https://www.csirts.com/advisory/cve-2021-42292-3254"},{"num":564,"source_id":"cisa-kev","external_id":"CVE-2021-40449","title":"CVE-2021-40449: Microsoft Windows Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-40449"],"exploited":true,"has_exploit":true,"published_at":"2021-11-17T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-40449","csirts_url":"https://www.csirts.com/advisory/cve-2021-40449-564"},{"num":87083,"source_id":"jenkins","external_id":"jenkins-advisory-2021-11-12","title":"Jenkins Security Advisory 2021-11-12","severity":"unknown","cvss":null,"cves":["CVE-2021-21699","CVE-2021-21700","CVE-2021-21701","CVE-2021-43576","CVE-2021-43577","CVE-2021-43578"],"exploited":false,"has_exploit":false,"published_at":"2021-11-12T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-11-12/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-11-12-87083"},{"num":87084,"source_id":"jenkins","external_id":"jenkins-advisory-2021-11-04","title":"Jenkins Security Advisory 2021-11-04","severity":"unknown","cvss":null,"cves":["CVE-2021-21685","CVE-2021-21686","CVE-2021-21687","CVE-2021-21688","CVE-2021-21689","CVE-2021-21690","CVE-2021-21691","CVE-2021-21692","CVE-2021-21693","CVE-2021-21694","CVE-2021-21695","CVE-2021-21696","CVE-2021-21697","CVE-2021-21698"],"exploited":false,"has_exploit":false,"published_at":"2021-11-04T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-11-04/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-11-04-87084"},{"num":3260,"source_id":"cisa-kev","external_id":"CVE-2021-27103","title":"CVE-2021-27103: Accellion FTA Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27103"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27103","csirts_url":"https://www.csirts.com/advisory/cve-2021-27103-3260"},{"num":1544,"source_id":"cisa-kev","external_id":"CVE-2020-29557","title":"CVE-2020-29557: D-Link DIR-825 R1 Devices Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-29557"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-29557","csirts_url":"https://www.csirts.com/advisory/cve-2020-29557-1544"},{"num":3255,"source_id":"cisa-kev","external_id":"CVE-2021-27104","title":"CVE-2021-27104: Accellion FTA OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27104"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27104","csirts_url":"https://www.csirts.com/advisory/cve-2021-27104-3255"},{"num":1558,"source_id":"cisa-kev","external_id":"CVE-2017-9822","title":"CVE-2017-9822: DotNetNuke (DNN) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-9822"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-9822","csirts_url":"https://www.csirts.com/advisory/cve-2017-9822-1558"},{"num":1587,"source_id":"cisa-kev","external_id":"CVE-2021-21193","title":"CVE-2021-21193: Google Chromium Blink Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21193"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21193","csirts_url":"https://www.csirts.com/advisory/cve-2021-21193-1587"},{"num":3298,"source_id":"cisa-kev","external_id":"CVE-2019-3396","title":"CVE-2019-3396: Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-3396"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-3396","csirts_url":"https://www.csirts.com/advisory/cve-2019-3396-3298"},{"num":3258,"source_id":"cisa-kev","external_id":"CVE-2021-27102","title":"CVE-2021-27102: Accellion FTA OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27102"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27102","csirts_url":"https://www.csirts.com/advisory/cve-2021-27102-3258"},{"num":3343,"source_id":"cisa-kev","external_id":"CVE-2020-0878","title":"CVE-2020-0878: Microsoft Edge and Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0878"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0878","csirts_url":"https://www.csirts.com/advisory/cve-2020-0878-3343"},{"num":702,"source_id":"cisa-kev","external_id":"CVE-2021-38647","title":"CVE-2021-38647: Microsoft Open Management Infrastructure (OMI) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38647"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38647","csirts_url":"https://www.csirts.com/advisory/cve-2021-38647-702"},{"num":2532,"source_id":"cisa-kev","external_id":"CVE-2021-22502","title":"CVE-2021-22502: Micro Focus Operation Bridge Report (OBR) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22502"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22502","csirts_url":"https://www.csirts.com/advisory/cve-2021-22502-2532"},{"num":3329,"source_id":"cisa-kev","external_id":"CVE-2020-6418","title":"CVE-2020-6418: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-6418"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-6418","csirts_url":"https://www.csirts.com/advisory/cve-2020-6418-3329"},{"num":1430,"source_id":"cisa-kev","external_id":"CVE-2019-20085","title":"CVE-2019-20085: TVT NVMS-1000 Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-20085"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-20085","csirts_url":"https://www.csirts.com/advisory/cve-2019-20085-1430"},{"num":1625,"source_id":"cisa-kev","external_id":"CVE-2014-1812","title":"CVE-2014-1812: Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2014-1812"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2014-1812","csirts_url":"https://www.csirts.com/advisory/cve-2014-1812-1625"},{"num":1614,"source_id":"cisa-kev","external_id":"CVE-2021-22506","title":"CVE-2021-22506: Micro Focus Access Manager Information Leakage Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22506"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22506","csirts_url":"https://www.csirts.com/advisory/cve-2021-22506-1614"},{"num":3605,"source_id":"cisa-kev","external_id":"CVE-2020-3452","title":"CVE-2020-3452: Cisco ASA and FTD Read-Only Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3452"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3452","csirts_url":"https://www.csirts.com/advisory/cve-2020-3452-3605"},{"num":2504,"source_id":"cisa-kev","external_id":"CVE-2018-14558","title":"CVE-2018-14558: Tenda AC7, AC9, and AC10 Routers Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-14558"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-14558","csirts_url":"https://www.csirts.com/advisory/cve-2018-14558-2504"},{"num":1428,"source_id":"cisa-kev","external_id":"CVE-2020-8468","title":"CVE-2020-8468: Trend Micro Multiple Products Content Validation Escape Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8468"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8468","csirts_url":"https://www.csirts.com/advisory/cve-2020-8468-1428"},{"num":1613,"source_id":"cisa-kev","external_id":"CVE-2021-23874","title":"CVE-2021-23874: McAfee Total Protection (MTP) Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-23874"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-23874","csirts_url":"https://www.csirts.com/advisory/cve-2021-23874-1613"},{"num":3342,"source_id":"cisa-kev","external_id":"CVE-2020-7961","title":"CVE-2020-7961: Liferay Portal Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-7961"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-7961","csirts_url":"https://www.csirts.com/advisory/cve-2020-7961-3342"},{"num":3314,"source_id":"cisa-kev","external_id":"CVE-2020-3161","title":"CVE-2020-3161: Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3161"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3161","csirts_url":"https://www.csirts.com/advisory/cve-2020-3161-3314"},{"num":3341,"source_id":"cisa-kev","external_id":"CVE-2021-30116","title":"CVE-2021-30116: Kaseya Virtual System/Server Administrator (VSA) Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30116"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30116","csirts_url":"https://www.csirts.com/advisory/cve-2021-30116-3341"},{"num":3327,"source_id":"cisa-kev","external_id":"CVE-2021-30551","title":"CVE-2021-30551: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30551"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30551","csirts_url":"https://www.csirts.com/advisory/cve-2021-30551-3327"},{"num":3291,"source_id":"cisa-kev","external_id":"CVE-2021-30657","title":"CVE-2021-30657: Apple macOS Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30657"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30657","csirts_url":"https://www.csirts.com/advisory/cve-2021-30657-3291"},{"num":3412,"source_id":"cisa-kev","external_id":"CVE-2017-6327","title":"CVE-2017-6327: Symantec Messaging Gateway Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-6327"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-6327","csirts_url":"https://www.csirts.com/advisory/cve-2017-6327-3412"},{"num":814,"source_id":"cisa-kev","external_id":"CVE-2020-3950","title":"CVE-2020-3950: VMware Multiple Products Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3950"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3950","csirts_url":"https://www.csirts.com/advisory/cve-2020-3950-814"},{"num":3445,"source_id":"cisa-kev","external_id":"CVE-2020-25213","title":"CVE-2020-25213: WordPress File Manager Plugin Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-25213"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-25213","csirts_url":"https://www.csirts.com/advisory/cve-2020-25213-3445"},{"num":3446,"source_id":"cisa-kev","external_id":"CVE-2020-11738","title":"CVE-2020-11738: WordPress Snap Creek Duplicator Plugin File Download Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-11738"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-11738","csirts_url":"https://www.csirts.com/advisory/cve-2020-11738-3446"},{"num":3449,"source_id":"cisa-kev","external_id":"CVE-2021-40539","title":"CVE-2021-40539: Zoho ManageEngine ADSelfService Plus Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-40539"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-40539","csirts_url":"https://www.csirts.com/advisory/cve-2021-40539-3449"},{"num":3317,"source_id":"cisa-kev","external_id":"CVE-2018-0296","title":"CVE-2018-0296: Cisco Adaptive Security Appliance (ASA) Denial-of-Service Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0296"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0296","csirts_url":"https://www.csirts.com/advisory/cve-2018-0296-3317"},{"num":3607,"source_id":"cisa-kev","external_id":"CVE-2019-13608","title":"CVE-2019-13608: Citrix StoreFront Server XML External Entity (XXE) Processing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-13608"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-13608","csirts_url":"https://www.csirts.com/advisory/cve-2019-13608-3607"},{"num":1545,"source_id":"cisa-kev","external_id":"CVE-2020-25506","title":"CVE-2020-25506: D-Link DNS-320 Device Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-25506"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-25506","csirts_url":"https://www.csirts.com/advisory/cve-2020-25506-1545"},{"num":573,"source_id":"cisa-kev","external_id":"CVE-2021-30860","title":"CVE-2021-30860: Apple Multiple Products Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30860"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30860","csirts_url":"https://www.csirts.com/advisory/cve-2021-30860-573"},{"num":3336,"source_id":"cisa-kev","external_id":"CVE-2016-3715","title":"CVE-2016-3715: ImageMagick Arbitrary File Deletion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3715"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3715","csirts_url":"https://www.csirts.com/advisory/cve-2016-3715-3336"},{"num":3335,"source_id":"cisa-kev","external_id":"CVE-2020-4427","title":"CVE-2020-4427: IBM Data Risk Manager Security Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-4427"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-4427","csirts_url":"https://www.csirts.com/advisory/cve-2020-4427-3335"},{"num":591,"source_id":"cisa-kev","external_id":"CVE-2020-12812","title":"CVE-2020-12812: Fortinet FortiOS SSL VPN Improper Authentication Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-12812"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-12812","csirts_url":"https://www.csirts.com/advisory/cve-2020-12812-591"},{"num":3613,"source_id":"cisa-kev","external_id":"CVE-2020-5902","title":"CVE-2020-5902: F5 BIG-IP Traffic Management User Interface (TMUI) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-5902"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-5902","csirts_url":"https://www.csirts.com/advisory/cve-2020-5902-3613"},{"num":417,"source_id":"cisa-kev","external_id":"CVE-2020-8196","title":"CVE-2020-8196: Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8196"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8196","csirts_url":"https://www.csirts.com/advisory/cve-2020-8196-417"},{"num":418,"source_id":"cisa-kev","external_id":"CVE-2019-19781","title":"CVE-2019-19781: Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-19781"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-19781","csirts_url":"https://www.csirts.com/advisory/cve-2019-19781-418"},{"num":3323,"source_id":"cisa-kev","external_id":"CVE-2020-16010","title":"CVE-2020-16010: Google Chrome for Android UI Heap Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-16010"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-16010","csirts_url":"https://www.csirts.com/advisory/cve-2020-16010-3323"},{"num":3324,"source_id":"cisa-kev","external_id":"CVE-2020-15999","title":"CVE-2020-15999: Google Chrome FreeType Heap Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-15999"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-15999","csirts_url":"https://www.csirts.com/advisory/cve-2020-15999-3324"},{"num":1562,"source_id":"cisa-kev","external_id":"CVE-2021-21166","title":"CVE-2021-21166: Google Chromium Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21166"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21166","csirts_url":"https://www.csirts.com/advisory/cve-2021-21166-1562"},{"num":3325,"source_id":"cisa-kev","external_id":"CVE-2021-30632","title":"CVE-2021-30632: Google Chromium V8 Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30632"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30632","csirts_url":"https://www.csirts.com/advisory/cve-2021-30632-3325"},{"num":3333,"source_id":"cisa-kev","external_id":"CVE-2021-21220","title":"CVE-2021-21220: Google Chromium V8 Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21220"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21220","csirts_url":"https://www.csirts.com/advisory/cve-2021-21220-3333"},{"num":2292,"source_id":"cisa-kev","external_id":"CVE-2021-21206","title":"CVE-2021-21206: Google Chromium Blink Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21206"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21206","csirts_url":"https://www.csirts.com/advisory/cve-2021-21206-2292"},{"num":1943,"source_id":"cisa-kev","external_id":"CVE-2016-3976","title":"CVE-2016-3976: SAP NetWeaver Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3976"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3976","csirts_url":"https://www.csirts.com/advisory/cve-2016-3976-1943"},{"num":3326,"source_id":"cisa-kev","external_id":"CVE-2020-16013","title":"CVE-2020-16013: Google Chromium V8 Incorrect Implementation Vulnerabililty","severity":"critical","cvss":null,"cves":["CVE-2020-16013"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-16013","csirts_url":"https://www.csirts.com/advisory/cve-2020-16013-3326"},{"num":2539,"source_id":"cisa-kev","external_id":"CVE-2021-26858","title":"CVE-2021-26858: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26858"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26858","csirts_url":"https://www.csirts.com/advisory/cve-2021-26858-2539"},{"num":3628,"source_id":"cisa-kev","external_id":"CVE-2021-30633","title":"CVE-2021-30633: Google Chromium Indexed DB API Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30633"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30633","csirts_url":"https://www.csirts.com/advisory/cve-2021-30633-3628"},{"num":1560,"source_id":"cisa-kev","external_id":"CVE-2019-15752","title":"CVE-2019-15752: Docker Desktop Community Edition Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-15752"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-15752","csirts_url":"https://www.csirts.com/advisory/cve-2019-15752-1560"},{"num":3295,"source_id":"cisa-kev","external_id":"CVE-2021-30869","title":"CVE-2021-30869: Apple iOS, iPadOS, and macOS Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30869"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30869","csirts_url":"https://www.csirts.com/advisory/cve-2021-30869-3295"},{"num":1594,"source_id":"cisa-kev","external_id":"CVE-2020-4428","title":"CVE-2020-4428: IBM Data Risk Manager Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-4428"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-4428","csirts_url":"https://www.csirts.com/advisory/cve-2020-4428-1594"},{"num":3262,"source_id":"cisa-kev","external_id":"CVE-2018-4939","title":"CVE-2018-4939: Adobe ColdFusion Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-4939"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-4939","csirts_url":"https://www.csirts.com/advisory/cve-2018-4939-3262"},{"num":3448,"source_id":"cisa-kev","external_id":"CVE-2021-27561","title":"CVE-2021-27561: Yealink Device Management Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27561"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27561","csirts_url":"https://www.csirts.com/advisory/cve-2021-27561-3448"},{"num":3346,"source_id":"cisa-kev","external_id":"CVE-2021-33739","title":"CVE-2021-33739: Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-33739"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-33739","csirts_url":"https://www.csirts.com/advisory/cve-2021-33739-3346"},{"num":3265,"source_id":"cisa-kev","external_id":"CVE-2020-5735","title":"CVE-2020-5735: Amcrest Cameras and NVR Stack-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-5735"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-5735","csirts_url":"https://www.csirts.com/advisory/cve-2020-5735-3265"},{"num":1704,"source_id":"cisa-kev","external_id":"CVE-2020-29583","title":"CVE-2020-29583: Zyxel Multiple Products Use of Hard-Coded Credentials Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-29583"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-29583","csirts_url":"https://www.csirts.com/advisory/cve-2020-29583-1704"},{"num":1626,"source_id":"cisa-kev","external_id":"CVE-2018-20062","title":"CVE-2018-20062: ThinkPHP \"noneCms\" Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-20062"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-20062","csirts_url":"https://www.csirts.com/advisory/cve-2018-20062-1626"},{"num":1643,"source_id":"cisa-kev","external_id":"CVE-2021-33771","title":"CVE-2021-33771: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-33771"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-33771","csirts_url":"https://www.csirts.com/advisory/cve-2021-33771-1643"},{"num":3266,"source_id":"cisa-kev","external_id":"CVE-2019-2215","title":"CVE-2019-2215: Android Kernel Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-2215"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-2215","csirts_url":"https://www.csirts.com/advisory/cve-2019-2215-3266"},{"num":3340,"source_id":"cisa-kev","external_id":"CVE-2016-3718","title":"CVE-2016-3718: ImageMagick Server-Side Request Forgery (SSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3718"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3718","csirts_url":"https://www.csirts.com/advisory/cve-2016-3718-3340"},{"num":1392,"source_id":"cisa-kev","external_id":"CVE-2016-0167","title":"CVE-2016-0167: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0167"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0167","csirts_url":"https://www.csirts.com/advisory/cve-2016-0167-1392"},{"num":3269,"source_id":"cisa-kev","external_id":"CVE-2017-9805","title":"CVE-2017-9805: Apache Struts Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-9805"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-9805","csirts_url":"https://www.csirts.com/advisory/cve-2017-9805-3269"},{"num":1548,"source_id":"cisa-kev","external_id":"CVE-2018-15811","title":"CVE-2018-15811: DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-15811"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-15811","csirts_url":"https://www.csirts.com/advisory/cve-2018-15811-1548"},{"num":3444,"source_id":"cisa-kev","external_id":"CVE-2020-4006","title":"CVE-2020-4006: Multiple VMware Products Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-4006"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-4006","csirts_url":"https://www.csirts.com/advisory/cve-2020-4006-3444"},{"num":3331,"source_id":"cisa-kev","external_id":"CVE-2021-38003","title":"CVE-2021-38003: Google Chromium V8 Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38003"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38003","csirts_url":"https://www.csirts.com/advisory/cve-2021-38003-3331"},{"num":590,"source_id":"cisa-kev","external_id":"CVE-2019-5591","title":"CVE-2019-5591: Fortinet FortiOS Default Configuration Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-5591"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-5591","csirts_url":"https://www.csirts.com/advisory/cve-2019-5591-590"},{"num":465,"source_id":"cisa-kev","external_id":"CVE-2021-36742","title":"CVE-2021-36742: Trend Micro Multiple Products Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-36742"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-36742","csirts_url":"https://www.csirts.com/advisory/cve-2021-36742-465"},{"num":3322,"source_id":"cisa-kev","external_id":"CVE-2018-13379","title":"CVE-2018-13379: Fortinet FortiOS SSL VPN Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-13379"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-13379","csirts_url":"https://www.csirts.com/advisory/cve-2018-13379-3322"},{"num":568,"source_id":"cisa-kev","external_id":"CVE-2021-42013","title":"CVE-2021-42013: Apache HTTP Server Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-42013"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-42013","csirts_url":"https://www.csirts.com/advisory/cve-2021-42013-568"},{"num":596,"source_id":"cisa-kev","external_id":"CVE-2021-37976","title":"CVE-2021-37976: Google Chromium Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-37976"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-37976","csirts_url":"https://www.csirts.com/advisory/cve-2021-37976-596"},{"num":1843,"source_id":"cisa-kev","external_id":"CVE-2021-21985","title":"CVE-2021-21985: VMware vCenter Server Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21985"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21985","csirts_url":"https://www.csirts.com/advisory/cve-2021-21985-1843"},{"num":3392,"source_id":"cisa-kev","external_id":"CVE-2020-6819","title":"CVE-2020-6819: Mozilla Firefox And Thunderbird Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-6819"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-6819","csirts_url":"https://www.csirts.com/advisory/cve-2020-6819-3392"},{"num":569,"source_id":"cisa-kev","external_id":"CVE-2021-41773","title":"CVE-2021-41773: Apache HTTP Server Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-41773"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-41773","csirts_url":"https://www.csirts.com/advisory/cve-2021-41773-569"},{"num":2429,"source_id":"cisa-kev","external_id":"CVE-2019-7481","title":"CVE-2019-7481: SonicWall SMA100 SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-7481"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-7481","csirts_url":"https://www.csirts.com/advisory/cve-2019-7481-2429"},{"num":3330,"source_id":"cisa-kev","external_id":"CVE-2021-38000","title":"CVE-2021-38000: Google Chromium Intents Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38000"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38000","csirts_url":"https://www.csirts.com/advisory/cve-2021-38000-3330"},{"num":2128,"source_id":"cisa-kev","external_id":"CVE-2020-10199","title":"CVE-2020-10199: Sonatype Nexus Repository Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-10199"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-10199","csirts_url":"https://www.csirts.com/advisory/cve-2020-10199-2128"},{"num":3451,"source_id":"cisa-kev","external_id":"CVE-2019-8394","title":"CVE-2019-8394: Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-8394"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-8394","csirts_url":"https://www.csirts.com/advisory/cve-2019-8394-3451"},{"num":1928,"source_id":"cisa-kev","external_id":"CVE-2016-9563","title":"CVE-2016-9563: SAP NetWeaver XML External Entity (XXE) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-9563"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-9563","csirts_url":"https://www.csirts.com/advisory/cve-2016-9563-1928"},{"num":746,"source_id":"cisa-kev","external_id":"CVE-2020-0986","title":"CVE-2020-0986: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0986"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0986","csirts_url":"https://www.csirts.com/advisory/cve-2020-0986-746"},{"num":1899,"source_id":"cisa-kev","external_id":"CVE-2020-16846","title":"CVE-2020-16846: SaltStack Salt Shell Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-16846"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-16846","csirts_url":"https://www.csirts.com/advisory/cve-2020-16846-1899"},{"num":3673,"source_id":"cisa-kev","external_id":"CVE-2019-11539","title":"CVE-2019-11539: Ivanti Pulse Connect Secure and Policy Secure Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11539"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11539","csirts_url":"https://www.csirts.com/advisory/cve-2019-11539-3673"},{"num":1661,"source_id":"cisa-kev","external_id":"CVE-2020-2555","title":"CVE-2020-2555: Oracle Multiple Products Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-2555"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-2555","csirts_url":"https://www.csirts.com/advisory/cve-2020-2555-1661"},{"num":3398,"source_id":"cisa-kev","external_id":"CVE-2019-18935","title":"CVE-2019-18935: Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-18935"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-18935","csirts_url":"https://www.csirts.com/advisory/cve-2019-18935-3398"},{"num":571,"source_id":"cisa-kev","external_id":"CVE-2019-0211","title":"CVE-2019-0211: Apache HTTP Server Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0211"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0211","csirts_url":"https://www.csirts.com/advisory/cve-2019-0211-571"},{"num":2629,"source_id":"cisa-kev","external_id":"CVE-2016-4437","title":"CVE-2016-4437: Apache Shiro Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-4437"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-4437","csirts_url":"https://www.csirts.com/advisory/cve-2016-4437-2629"},{"num":3270,"source_id":"cisa-kev","external_id":"CVE-2019-17558","title":"CVE-2019-17558: Apache Solr VelocityResponseWriter Plug-In Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-17558"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-17558","csirts_url":"https://www.csirts.com/advisory/cve-2019-17558-3270"},{"num":2540,"source_id":"cisa-kev","external_id":"CVE-2019-18187","title":"CVE-2019-18187: Trend Micro OfficeScan Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-18187"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-18187","csirts_url":"https://www.csirts.com/advisory/cve-2019-18187-2540"},{"num":3361,"source_id":"cisa-kev","external_id":"CVE-2020-1020","title":"CVE-2020-1020: Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1020"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1020","csirts_url":"https://www.csirts.com/advisory/cve-2020-1020-3361"},{"num":3393,"source_id":"cisa-kev","external_id":"CVE-2019-17026","title":"CVE-2019-17026: Mozilla Firefox And Thunderbird Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-17026"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-17026","csirts_url":"https://www.csirts.com/advisory/cve-2019-17026-3393"},{"num":3415,"source_id":"cisa-kev","external_id":"CVE-2021-31755","title":"CVE-2021-31755: Tenda AC11 Router Stack Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31755"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31755","csirts_url":"https://www.csirts.com/advisory/cve-2021-31755-3415"},{"num":1584,"source_id":"cisa-kev","external_id":"CVE-2021-34473","title":"CVE-2021-34473: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-34473"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-34473","csirts_url":"https://www.csirts.com/advisory/cve-2021-34473-1584"},{"num":1674,"source_id":"cisa-kev","external_id":"CVE-2020-14882","title":"CVE-2020-14882: Oracle WebLogic Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-14882"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-14882","csirts_url":"https://www.csirts.com/advisory/cve-2020-14882-1674"},{"num":3275,"source_id":"cisa-kev","external_id":"CVE-2018-11776","title":"CVE-2018-11776: Apache Struts Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-11776"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-11776","csirts_url":"https://www.csirts.com/advisory/cve-2018-11776-3275"},{"num":3370,"source_id":"cisa-kev","external_id":"CVE-2018-8653","title":"CVE-2018-8653: Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-8653"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-8653","csirts_url":"https://www.csirts.com/advisory/cve-2018-8653-3370"},{"num":3328,"source_id":"cisa-kev","external_id":"CVE-2021-37975","title":"CVE-2021-37975: Google Chromium V8 Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-37975"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-37975","csirts_url":"https://www.csirts.com/advisory/cve-2021-37975-3328"},{"num":3373,"source_id":"cisa-kev","external_id":"CVE-2021-36942","title":"CVE-2021-36942: Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-36942"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-36942","csirts_url":"https://www.csirts.com/advisory/cve-2021-36942-3373"},{"num":3668,"source_id":"cisa-kev","external_id":"CVE-2021-22894","title":"CVE-2021-22894: Ivanti Pulse Connect Secure Collaboration Suite Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22894"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22894","csirts_url":"https://www.csirts.com/advisory/cve-2021-22894-3668"},{"num":3374,"source_id":"cisa-kev","external_id":"CVE-2019-1215","title":"CVE-2019-1215: Microsoft Windows Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1215"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1215","csirts_url":"https://www.csirts.com/advisory/cve-2019-1215-3374"},{"num":3414,"source_id":"cisa-kev","external_id":"CVE-2017-9248","title":"CVE-2017-9248: Progress Telerik UI for ASP.NET AJAX and Sitefinity Cryptographic Weakness Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-9248"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-9248","csirts_url":"https://www.csirts.com/advisory/cve-2017-9248-3414"},{"num":2485,"source_id":"cisa-kev","external_id":"CVE-2019-1429","title":"CVE-2019-1429: Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1429"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1429","csirts_url":"https://www.csirts.com/advisory/cve-2019-1429-2485"},{"num":3688,"source_id":"cisa-kev","external_id":"CVE-2020-3992","title":"CVE-2020-3992: VMware ESXi OpenSLP Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3992"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3992","csirts_url":"https://www.csirts.com/advisory/cve-2020-3992-3688"},{"num":3662,"source_id":"cisa-kev","external_id":"CVE-2021-26855","title":"CVE-2021-26855: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26855"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26855","csirts_url":"https://www.csirts.com/advisory/cve-2021-26855-3662"},{"num":1716,"source_id":"cisa-kev","external_id":"CVE-2021-34448","title":"CVE-2021-34448: Microsoft Windows Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-34448"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-34448","csirts_url":"https://www.csirts.com/advisory/cve-2021-34448-1716"},{"num":808,"source_id":"cisa-kev","external_id":"CVE-2021-36955","title":"CVE-2021-36955: Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-36955"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-36955","csirts_url":"https://www.csirts.com/advisory/cve-2021-36955-808"},{"num":2512,"source_id":"cisa-kev","external_id":"CVE-2019-11580","title":"CVE-2019-11580: Atlassian Crowd and Crowd Data Center Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11580"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11580","csirts_url":"https://www.csirts.com/advisory/cve-2019-11580-2512"},{"num":3267,"source_id":"cisa-kev","external_id":"CVE-2020-0041","title":"CVE-2020-0041: Android Kernel Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0041"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0041","csirts_url":"https://www.csirts.com/advisory/cve-2020-0041-3267"},{"num":3276,"source_id":"cisa-kev","external_id":"CVE-2021-30858","title":"CVE-2021-30858: Apple iOS, iPadOS, macOS Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30858"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30858","csirts_url":"https://www.csirts.com/advisory/cve-2021-30858-3276"},{"num":3649,"source_id":"cisa-kev","external_id":"CVE-2017-0143","title":"CVE-2017-0143: Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0143"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0143","csirts_url":"https://www.csirts.com/advisory/cve-2017-0143-3649"},{"num":3380,"source_id":"cisa-kev","external_id":"CVE-2021-27059","title":"CVE-2021-27059: Microsoft Office Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27059"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27059","csirts_url":"https://www.csirts.com/advisory/cve-2021-27059-3380"},{"num":3316,"source_id":"cisa-kev","external_id":"CVE-2019-1653","title":"CVE-2019-1653: Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1653"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1653","csirts_url":"https://www.csirts.com/advisory/cve-2019-1653-3316"},{"num":3277,"source_id":"cisa-kev","external_id":"CVE-2019-6223","title":"CVE-2019-6223: Apple iOS and macOS Group Facetime Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-6223"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-6223","csirts_url":"https://www.csirts.com/advisory/cve-2019-6223-3277"},{"num":1675,"source_id":"cisa-kev","external_id":"CVE-2021-22893","title":"CVE-2021-22893: Ivanti Pulse Connect Secure Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22893"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22893","csirts_url":"https://www.csirts.com/advisory/cve-2021-22893-1675"},{"num":3442,"source_id":"cisa-kev","external_id":"CVE-2020-3952","title":"CVE-2020-3952: VMware vCenter Server Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3952"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3952","csirts_url":"https://www.csirts.com/advisory/cve-2020-3952-3442"},{"num":3687,"source_id":"cisa-kev","external_id":"CVE-2019-5544","title":"CVE-2019-5544: VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-5544"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-5544","csirts_url":"https://www.csirts.com/advisory/cve-2019-5544-3687"},{"num":3683,"source_id":"cisa-kev","external_id":"CVE-2019-16759","title":"CVE-2019-16759: vBulletin PHP Module Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-16759"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-16759","csirts_url":"https://www.csirts.com/advisory/cve-2019-16759-3683"},{"num":3279,"source_id":"cisa-kev","external_id":"CVE-2021-30807","title":"CVE-2021-30807: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30807"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30807","csirts_url":"https://www.csirts.com/advisory/cve-2021-30807-3279"},{"num":1351,"source_id":"cisa-kev","external_id":"CVE-2021-22005","title":"CVE-2021-22005: VMware vCenter Server File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22005"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22005","csirts_url":"https://www.csirts.com/advisory/cve-2021-22005-1351"},{"num":3377,"source_id":"cisa-kev","external_id":"CVE-2019-0541","title":"CVE-2019-0541: Microsoft MSHTML Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0541"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0541","csirts_url":"https://www.csirts.com/advisory/cve-2019-0541-3377"},{"num":3684,"source_id":"cisa-kev","external_id":"CVE-2020-17496","title":"CVE-2020-17496: vBulletin PHP Module Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-17496"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-17496","csirts_url":"https://www.csirts.com/advisory/cve-2020-17496-3684"},{"num":3681,"source_id":"cisa-kev","external_id":"CVE-2020-5849","title":"CVE-2020-5849: Unraid Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-5849"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-5849","csirts_url":"https://www.csirts.com/advisory/cve-2020-5849-3681"},{"num":3283,"source_id":"cisa-kev","external_id":"CVE-2020-9819","title":"CVE-2020-9819: Apple iOS, iPadOS, and watchOS Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-9819"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-9819","csirts_url":"https://www.csirts.com/advisory/cve-2020-9819-3283"},{"num":3376,"source_id":"cisa-kev","external_id":"CVE-2015-1641","title":"CVE-2015-1641: Microsoft Office Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-1641"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-1641","csirts_url":"https://www.csirts.com/advisory/cve-2015-1641-3376"},{"num":3271,"source_id":"cisa-kev","external_id":"CVE-2020-17530","title":"CVE-2020-17530: Apache Struts Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-17530"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-17530","csirts_url":"https://www.csirts.com/advisory/cve-2020-17530-3271"},{"num":2291,"source_id":"cisa-kev","external_id":"CVE-2021-30554","title":"CVE-2021-30554: Google Chromium WebGL Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30554"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30554","csirts_url":"https://www.csirts.com/advisory/cve-2021-30554-2291"},{"num":3404,"source_id":"cisa-kev","external_id":"CVE-2018-2380","title":"CVE-2018-2380: SAP Customer Relationship Management (CRM) Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-2380"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-2380","csirts_url":"https://www.csirts.com/advisory/cve-2018-2380-3404"},{"num":1363,"source_id":"cisa-kev","external_id":"CVE-2021-1498","title":"CVE-2021-1498: Cisco HyperFlex HX Data Platform Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1498"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1498","csirts_url":"https://www.csirts.com/advisory/cve-2021-1498-1363"},{"num":3369,"source_id":"cisa-kev","external_id":"CVE-2017-8759","title":"CVE-2017-8759: Microsoft .NET Framework Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-8759"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-8759","csirts_url":"https://www.csirts.com/advisory/cve-2017-8759-3369"},{"num":3580,"source_id":"cisa-kev","external_id":"CVE-2017-5638","title":"CVE-2017-5638: Apache Struts Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-5638"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-5638","csirts_url":"https://www.csirts.com/advisory/cve-2017-5638-3580"},{"num":1549,"source_id":"cisa-kev","external_id":"CVE-2018-18325","title":"CVE-2018-18325: DotNetNuke (DNN) Inadequate Encryption Strength Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-18325"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-18325","csirts_url":"https://www.csirts.com/advisory/cve-2018-18325-1549"},{"num":768,"source_id":"cisa-kev","external_id":"CVE-2020-1350","title":"CVE-2020-1350: Microsoft Windows DNS Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1350"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1350","csirts_url":"https://www.csirts.com/advisory/cve-2020-1350-768"},{"num":3299,"source_id":"cisa-kev","external_id":"CVE-2021-42258","title":"CVE-2021-42258: BQE BillQuick Web Suite SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-42258"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-42258","csirts_url":"https://www.csirts.com/advisory/cve-2021-42258-3299"},{"num":3440,"source_id":"cisa-kev","external_id":"CVE-2020-24557","title":"CVE-2020-24557: Trend Micro Multiple Products Improper Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-24557"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-24557","csirts_url":"https://www.csirts.com/advisory/cve-2020-24557-3440"},{"num":2964,"source_id":"cisa-kev","external_id":"CVE-2021-35395","title":"CVE-2021-35395: Realtek AP-Router SDK Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-35395"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-35395","csirts_url":"https://www.csirts.com/advisory/cve-2021-35395-2964"},{"num":2376,"source_id":"cisa-kev","external_id":"CVE-2021-34527","title":"CVE-2021-34527: Microsoft Windows Print Spooler Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-34527"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-34527","csirts_url":"https://www.csirts.com/advisory/cve-2021-34527-2376"},{"num":1315,"source_id":"cisa-kev","external_id":"CVE-2019-9082","title":"CVE-2019-9082: ThinkPHP Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-9082"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9082","csirts_url":"https://www.csirts.com/advisory/cve-2019-9082-1315"},{"num":2224,"source_id":"cisa-kev","external_id":"CVE-2021-37973","title":"CVE-2021-37973: Google Chromium Portals Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-37973"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-37973","csirts_url":"https://www.csirts.com/advisory/cve-2021-37973-2224"},{"num":3644,"source_id":"cisa-kev","external_id":"CVE-2021-38645","title":"CVE-2021-38645: Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38645"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38645","csirts_url":"https://www.csirts.com/advisory/cve-2021-38645-3644"},{"num":3589,"source_id":"cisa-kev","external_id":"CVE-2021-30762","title":"CVE-2021-30762: Apple iOS WebKit Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30762"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30762","csirts_url":"https://www.csirts.com/advisory/cve-2021-30762-3589"},{"num":720,"source_id":"cisa-kev","external_id":"CVE-2021-31956","title":"CVE-2021-31956: Microsoft Windows NTFS Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31956"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31956","csirts_url":"https://www.csirts.com/advisory/cve-2021-31956-720"},{"num":3416,"source_id":"cisa-kev","external_id":"CVE-2020-10987","title":"CVE-2020-10987: Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-10987"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-10987","csirts_url":"https://www.csirts.com/advisory/cve-2020-10987-3416"},{"num":579,"source_id":"cisa-kev","external_id":"CVE-2021-1871","title":"CVE-2021-1871: Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1871"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1871","csirts_url":"https://www.csirts.com/advisory/cve-2021-1871-579"},{"num":3411,"source_id":"cisa-kev","external_id":"CVE-2020-10181","title":"CVE-2020-10181: Sumavision EMR Cross-Site Request Forgery (CSRF) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-10181"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-10181","csirts_url":"https://www.csirts.com/advisory/cve-2020-10181-3411"},{"num":3410,"source_id":"cisa-kev","external_id":"CVE-2020-12271","title":"CVE-2020-12271: Sophos SFOS SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-12271"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-12271","csirts_url":"https://www.csirts.com/advisory/cve-2020-12271-3410"},{"num":3407,"source_id":"cisa-kev","external_id":"CVE-2021-20023","title":"CVE-2021-20023: SonicWall Email Security Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20023"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20023","csirts_url":"https://www.csirts.com/advisory/cve-2021-20023-3407"},{"num":3601,"source_id":"cisa-kev","external_id":"CVE-2021-28664","title":"CVE-2021-28664: Arm Mali Graphics Processing Unit (GPU) Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-28664"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-28664","csirts_url":"https://www.csirts.com/advisory/cve-2021-28664-3601"},{"num":597,"source_id":"cisa-kev","external_id":"CVE-2020-16009","title":"CVE-2020-16009: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-16009"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-16009","csirts_url":"https://www.csirts.com/advisory/cve-2020-16009-597"},{"num":420,"source_id":"cisa-kev","external_id":"CVE-2020-8515","title":"CVE-2020-8515: Multiple DrayTek Vigor Routers Web Management Page Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8515"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8515","csirts_url":"https://www.csirts.com/advisory/cve-2020-8515-420"},{"num":3406,"source_id":"cisa-kev","external_id":"CVE-2021-20022","title":"CVE-2021-20022: SonicWall Email Security Unrestricted Upload of File Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20022"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20022","csirts_url":"https://www.csirts.com/advisory/cve-2021-20022-3406"},{"num":2428,"source_id":"cisa-kev","external_id":"CVE-2021-20021","title":"CVE-2021-20021: SonicWall Email Security Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20021"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20021","csirts_url":"https://www.csirts.com/advisory/cve-2021-20021-2428"},{"num":1533,"source_id":"cisa-kev","external_id":"CVE-2020-8195","title":"CVE-2020-8195: Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8195"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8195","csirts_url":"https://www.csirts.com/advisory/cve-2020-8195-1533"},{"num":3296,"source_id":"cisa-kev","external_id":"CVE-2020-9859","title":"CVE-2020-9859: Apple Multiple Products Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-9859"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-9859","csirts_url":"https://www.csirts.com/advisory/cve-2020-9859-3296"},{"num":2372,"source_id":"cisa-kev","external_id":"CVE-2021-36948","title":"CVE-2021-36948: Microsoft Windows Update Medic Service Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-36948"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-36948","csirts_url":"https://www.csirts.com/advisory/cve-2021-36948-2372"},{"num":3679,"source_id":"cisa-kev","external_id":"CVE-2020-6207","title":"CVE-2020-6207: SAP Solution Manager Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-6207"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-6207","csirts_url":"https://www.csirts.com/advisory/cve-2020-6207-3679"},{"num":3278,"source_id":"cisa-kev","external_id":"CVE-2020-27930","title":"CVE-2020-27930: Apple Multiple Products Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-27930"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-27930","csirts_url":"https://www.csirts.com/advisory/cve-2020-27930-3278"},{"num":3259,"source_id":"cisa-kev","external_id":"CVE-2021-27101","title":"CVE-2021-27101: Accellion FTA SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27101"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27101","csirts_url":"https://www.csirts.com/advisory/cve-2021-27101-3259"},{"num":3678,"source_id":"cisa-kev","external_id":"CVE-2020-6287","title":"CVE-2020-6287: SAP NetWeaver Missing Authentication for Critical Function Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-6287"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-6287","csirts_url":"https://www.csirts.com/advisory/cve-2020-6287-3678"},{"num":3395,"source_id":"cisa-kev","external_id":"CVE-2019-19356","title":"CVE-2019-19356: Netis WF2419 Devices Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-19356"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-19356","csirts_url":"https://www.csirts.com/advisory/cve-2019-19356-3395"},{"num":3401,"source_id":"cisa-kev","external_id":"CVE-2020-10221","title":"CVE-2020-10221: rConfig OS Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-10221"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-10221","csirts_url":"https://www.csirts.com/advisory/cve-2020-10221-3401"},{"num":3669,"source_id":"cisa-kev","external_id":"CVE-2020-8260","title":"CVE-2020-8260: Ivanti Pulse Connect Secure Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8260"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8260","csirts_url":"https://www.csirts.com/advisory/cve-2020-8260-3669"},{"num":1677,"source_id":"cisa-kev","external_id":"CVE-2021-22900","title":"CVE-2021-22900: Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22900"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22900","csirts_url":"https://www.csirts.com/advisory/cve-2021-22900-1677"},{"num":1919,"source_id":"cisa-kev","external_id":"CVE-2010-5326","title":"CVE-2010-5326: SAP NetWeaver Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2010-5326"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2010-5326","csirts_url":"https://www.csirts.com/advisory/cve-2010-5326-1919"},{"num":1898,"source_id":"cisa-kev","external_id":"CVE-2020-11651","title":"CVE-2020-11651: SaltStack Salt Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-11651"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-11651","csirts_url":"https://www.csirts.com/advisory/cve-2020-11651-1898"},{"num":3403,"source_id":"cisa-kev","external_id":"CVE-2020-11652","title":"CVE-2020-11652: SaltStack Salt Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-11652"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-11652","csirts_url":"https://www.csirts.com/advisory/cve-2020-11652-3403"},{"num":3402,"source_id":"cisa-kev","external_id":"CVE-2017-16651","title":"CVE-2017-16651: Roundcube Webmail File Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-16651"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-16651","csirts_url":"https://www.csirts.com/advisory/cve-2017-16651-3402"},{"num":3675,"source_id":"cisa-kev","external_id":"CVE-2021-1905","title":"CVE-2021-1905: Qualcomm Multiple Chipsets Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1905"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1905","csirts_url":"https://www.csirts.com/advisory/cve-2021-1905-3675"},{"num":3674,"source_id":"cisa-kev","external_id":"CVE-2021-1906","title":"CVE-2021-1906: Qualcomm Multiple Chipsets Detection of Error Condition Without Action Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1906"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1906","csirts_url":"https://www.csirts.com/advisory/cve-2021-1906-3674"},{"num":3288,"source_id":"cisa-kev","external_id":"CVE-2021-30661","title":"CVE-2021-30661: Apple Multiple Products WebKit Storage Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30661"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30661","csirts_url":"https://www.csirts.com/advisory/cve-2021-30661-3288"},{"num":1427,"source_id":"cisa-kev","external_id":"CVE-2019-11510","title":"CVE-2019-11510: Ivanti Pulse Connect Secure Arbitrary File Read Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11510"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11510","csirts_url":"https://www.csirts.com/advisory/cve-2019-11510-1427"},{"num":3672,"source_id":"cisa-kev","external_id":"CVE-2021-22899","title":"CVE-2021-22899: Ivanti Pulse Connect Secure Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22899"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22899","csirts_url":"https://www.csirts.com/advisory/cve-2021-22899-3672"},{"num":3289,"source_id":"cisa-kev","external_id":"CVE-2021-30666","title":"CVE-2021-30666: Apple iOS WebKit Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30666"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30666","csirts_url":"https://www.csirts.com/advisory/cve-2021-30666-3289"},{"num":3400,"source_id":"cisa-kev","external_id":"CVE-2020-8243","title":"CVE-2020-8243: Ivanti Pulse Connect Secure Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8243"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8243","csirts_url":"https://www.csirts.com/advisory/cve-2020-8243-3400"},{"num":3397,"source_id":"cisa-kev","external_id":"CVE-2020-8644","title":"CVE-2020-8644: PlaySMS Server-Side Template Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8644"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8644","csirts_url":"https://www.csirts.com/advisory/cve-2020-8644-3397"},{"num":1876,"source_id":"cisa-kev","external_id":"CVE-2020-14883","title":"CVE-2020-14883: Oracle WebLogic Server Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-14883"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-14883","csirts_url":"https://www.csirts.com/advisory/cve-2020-14883-1876"},{"num":3443,"source_id":"cisa-kev","external_id":"CVE-2021-21972","title":"CVE-2021-21972: VMware vCenter Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21972"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21972","csirts_url":"https://www.csirts.com/advisory/cve-2021-21972-3443"},{"num":3396,"source_id":"cisa-kev","external_id":"CVE-2020-14750","title":"CVE-2020-14750: Oracle WebLogic Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-14750"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-14750","csirts_url":"https://www.csirts.com/advisory/cve-2020-14750-3396"},{"num":1662,"source_id":"cisa-kev","external_id":"CVE-2020-14871","title":"CVE-2020-14871: Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-14871"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-14871","csirts_url":"https://www.csirts.com/advisory/cve-2020-14871-1662"},{"num":3405,"source_id":"cisa-kev","external_id":"CVE-2019-16256","title":"CVE-2019-16256: SIMalliance Toolbox Browser Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-16256"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-16256","csirts_url":"https://www.csirts.com/advisory/cve-2019-16256-3405"},{"num":3292,"source_id":"cisa-kev","external_id":"CVE-2021-30665","title":"CVE-2021-30665: Apple Multiple Products WebKit Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30665"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30665","csirts_url":"https://www.csirts.com/advisory/cve-2021-30665-3292"},{"num":3682,"source_id":"cisa-kev","external_id":"CVE-2020-5847","title":"CVE-2020-5847: Unraid Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-5847"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-5847","csirts_url":"https://www.csirts.com/advisory/cve-2020-5847-3682"},{"num":3293,"source_id":"cisa-kev","external_id":"CVE-2021-30663","title":"CVE-2021-30663: Apple Multiple Products WebKit Integer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30663"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30663","csirts_url":"https://www.csirts.com/advisory/cve-2021-30663-3293"},{"num":1717,"source_id":"cisa-kev","external_id":"CVE-2019-0808","title":"CVE-2019-0808: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0808"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0808","csirts_url":"https://www.csirts.com/advisory/cve-2019-0808-1717"},{"num":804,"source_id":"cisa-kev","external_id":"CVE-2021-1675","title":"CVE-2021-1675: Microsoft Windows Print Spooler Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1675"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1675","csirts_url":"https://www.csirts.com/advisory/cve-2021-1675-804"},{"num":3375,"source_id":"cisa-kev","external_id":"CVE-2012-0158","title":"CVE-2012-0158: Microsoft MSCOMCTL.OCX Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-0158"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-0158","csirts_url":"https://www.csirts.com/advisory/cve-2012-0158-3375"},{"num":3372,"source_id":"cisa-kev","external_id":"CVE-2019-0797","title":"CVE-2019-0797: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0797"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0797","csirts_url":"https://www.csirts.com/advisory/cve-2019-0797-3372"},{"num":3368,"source_id":"cisa-kev","external_id":"CVE-2019-0859","title":"CVE-2019-0859: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0859"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0859","csirts_url":"https://www.csirts.com/advisory/cve-2019-0859-3368"},{"num":3362,"source_id":"cisa-kev","external_id":"CVE-2016-7255","title":"CVE-2016-7255: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-7255"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-7255","csirts_url":"https://www.csirts.com/advisory/cve-2016-7255-3362"},{"num":1663,"source_id":"cisa-kev","external_id":"CVE-2015-4852","title":"CVE-2015-4852: Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2015-4852"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2015-4852","csirts_url":"https://www.csirts.com/advisory/cve-2015-4852-1663"},{"num":3334,"source_id":"cisa-kev","external_id":"CVE-2020-4430","title":"CVE-2020-4430: IBM Data Risk Manager Directory Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-4430"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-4430","csirts_url":"https://www.csirts.com/advisory/cve-2020-4430-3334"},{"num":2321,"source_id":"cisa-kev","external_id":"CVE-2021-30563","title":"CVE-2021-30563: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30563"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30563","csirts_url":"https://www.csirts.com/advisory/cve-2021-30563-2321"},{"num":1955,"source_id":"cisa-kev","external_id":"CVE-2021-35211","title":"CVE-2021-35211: SolarWinds Serv-U Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-35211"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-35211","csirts_url":"https://www.csirts.com/advisory/cve-2021-35211-1955"},{"num":2371,"source_id":"cisa-kev","external_id":"CVE-2017-7269","title":"CVE-2017-7269: Microsoft Windows Server Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-7269"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-7269","csirts_url":"https://www.csirts.com/advisory/cve-2017-7269-2371"},{"num":3350,"source_id":"cisa-kev","external_id":"CVE-2021-31199","title":"CVE-2021-31199: Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31199"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31199","csirts_url":"https://www.csirts.com/advisory/cve-2021-31199-3350"},{"num":3287,"source_id":"cisa-kev","external_id":"CVE-2021-1879","title":"CVE-2021-1879: Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1879"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1879","csirts_url":"https://www.csirts.com/advisory/cve-2021-1879-3287"},{"num":595,"source_id":"cisa-kev","external_id":"CVE-2020-16017","title":"CVE-2020-16017: Google Chrome Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-16017"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-16017","csirts_url":"https://www.csirts.com/advisory/cve-2020-16017-595"},{"num":3294,"source_id":"cisa-kev","external_id":"CVE-2021-30761","title":"CVE-2021-30761: Apple iOS WebKit Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30761"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30761","csirts_url":"https://www.csirts.com/advisory/cve-2021-30761-3294"},{"num":3285,"source_id":"cisa-kev","external_id":"CVE-2021-1870","title":"CVE-2021-1870: Apple iOS, iPadOS, and macOS WebKit Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1870"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1870","csirts_url":"https://www.csirts.com/advisory/cve-2021-1870-3285"},{"num":3358,"source_id":"cisa-kev","external_id":"CVE-2021-31979","title":"CVE-2021-31979: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31979"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31979","csirts_url":"https://www.csirts.com/advisory/cve-2021-31979-3358"},{"num":1783,"source_id":"cisa-kev","external_id":"CVE-2020-26919","title":"CVE-2020-26919: Netgear JGS516PE Devices Missing Function Level Access Control Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-26919"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-26919","csirts_url":"https://www.csirts.com/advisory/cve-2020-26919-1783"},{"num":3394,"source_id":"cisa-kev","external_id":"CVE-2019-15949","title":"CVE-2019-15949: Nagios XI Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-15949"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-15949","csirts_url":"https://www.csirts.com/advisory/cve-2019-15949-3394"},{"num":3680,"source_id":"cisa-kev","external_id":"CVE-2021-36741","title":"CVE-2021-36741: Trend Micro Multiple Products Improper Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-36741"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-36741","csirts_url":"https://www.csirts.com/advisory/cve-2021-36741-3680"},{"num":3391,"source_id":"cisa-kev","external_id":"CVE-2021-38648","title":"CVE-2021-38648: Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38648"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38648","csirts_url":"https://www.csirts.com/advisory/cve-2021-38648-3391"},{"num":3347,"source_id":"cisa-kev","external_id":"CVE-2020-0683","title":"CVE-2020-0683: Microsoft Windows Installer Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0683"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0683","csirts_url":"https://www.csirts.com/advisory/cve-2020-0683-3347"},{"num":2515,"source_id":"cisa-kev","external_id":"CVE-2019-0863","title":"CVE-2019-0863: Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0863"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0863","csirts_url":"https://www.csirts.com/advisory/cve-2019-0863-2515"},{"num":3599,"source_id":"cisa-kev","external_id":"CVE-2021-27562","title":"CVE-2021-27562: Arm Trusted Firmware Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27562"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27562","csirts_url":"https://www.csirts.com/advisory/cve-2021-27562-3599"},{"num":3284,"source_id":"cisa-kev","external_id":"CVE-2021-1782","title":"CVE-2021-1782: Apple Multiple Products Race Condition Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1782"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1782","csirts_url":"https://www.csirts.com/advisory/cve-2021-1782-3284"},{"num":806,"source_id":"cisa-kev","external_id":"CVE-2016-3235","title":"CVE-2016-3235: Microsoft Office OLE DLL Side Loading Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3235"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3235","csirts_url":"https://www.csirts.com/advisory/cve-2016-3235-806"},{"num":3385,"source_id":"cisa-kev","external_id":"CVE-2019-0604","title":"CVE-2019-0604: Microsoft SharePoint Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0604"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0604","csirts_url":"https://www.csirts.com/advisory/cve-2019-0604-3385"},{"num":3332,"source_id":"cisa-kev","external_id":"CVE-2021-21224","title":"CVE-2021-21224: Google Chromium V8 Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21224"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21224","csirts_url":"https://www.csirts.com/advisory/cve-2021-21224-3332"},{"num":3349,"source_id":"cisa-kev","external_id":"CVE-2021-33742","title":"CVE-2021-33742: Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-33742"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-33742","csirts_url":"https://www.csirts.com/advisory/cve-2021-33742-3349"},{"num":3602,"source_id":"cisa-kev","external_id":"CVE-2021-28663","title":"CVE-2021-28663: Arm Mali Graphics Processing Unit (GPU) Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-28663"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-28663","csirts_url":"https://www.csirts.com/advisory/cve-2021-28663-3602"},{"num":1773,"source_id":"cisa-kev","external_id":"CVE-2020-6820","title":"CVE-2020-6820: Mozilla Firefox And Thunderbird Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-6820"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-6820","csirts_url":"https://www.csirts.com/advisory/cve-2020-6820-1773"},{"num":3268,"source_id":"cisa-kev","external_id":"CVE-2020-0069","title":"CVE-2020-0069: Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0069"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0069","csirts_url":"https://www.csirts.com/advisory/cve-2020-0069-3268"},{"num":3390,"source_id":"cisa-kev","external_id":"CVE-2019-1214","title":"CVE-2019-1214: Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1214"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1214","csirts_url":"https://www.csirts.com/advisory/cve-2019-1214-3390"},{"num":3318,"source_id":"cisa-kev","external_id":"CVE-2021-22205","title":"CVE-2021-22205: GitLab Community and Enterprise Editions Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22205"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22205","csirts_url":"https://www.csirts.com/advisory/cve-2021-22205-3318"},{"num":3389,"source_id":"cisa-kev","external_id":"CVE-2020-1147","title":"CVE-2020-1147: Microsoft .NET Framework, SharePoint, and Visual Studio Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1147"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1147","csirts_url":"https://www.csirts.com/advisory/cve-2020-1147-3389"},{"num":3297,"source_id":"cisa-kev","external_id":"CVE-2021-26084","title":"CVE-2021-26084: Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26084"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26084","csirts_url":"https://www.csirts.com/advisory/cve-2021-26084-3297"},{"num":3606,"source_id":"cisa-kev","external_id":"CVE-2018-0171","title":"CVE-2018-0171: Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0171"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0171","csirts_url":"https://www.csirts.com/advisory/cve-2018-0171-3606"},{"num":3408,"source_id":"cisa-kev","external_id":"CVE-2021-20016","title":"CVE-2021-20016: SonicWall SSLVPN SMA100 SQL Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20016"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20016","csirts_url":"https://www.csirts.com/advisory/cve-2021-20016-3408"},{"num":1948,"source_id":"cisa-kev","external_id":"CVE-2020-10148","title":"CVE-2020-10148: SolarWinds Orion Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-10148"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-10148","csirts_url":"https://www.csirts.com/advisory/cve-2020-10148-1948"},{"num":1956,"source_id":"cisa-kev","external_id":"CVE-2016-3643","title":"CVE-2016-3643: SolarWinds Virtualization Manager Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-3643"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-3643","csirts_url":"https://www.csirts.com/advisory/cve-2016-3643-1956"},{"num":1837,"source_id":"cisa-kev","external_id":"CVE-2020-0646","title":"CVE-2020-0646: Microsoft .NET Framework Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0646"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0646","csirts_url":"https://www.csirts.com/advisory/cve-2020-0646-1837"},{"num":3413,"source_id":"cisa-kev","external_id":"CVE-2019-18988","title":"CVE-2019-18988: TeamViewer Desktop Bypass Remote Login Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-18988"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-18988","csirts_url":"https://www.csirts.com/advisory/cve-2019-18988-3413"},{"num":3384,"source_id":"cisa-kev","external_id":"CVE-2020-0601","title":"CVE-2020-0601: Microsoft Windows CryptoAPI Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0601"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0601","csirts_url":"https://www.csirts.com/advisory/cve-2020-0601-3384"},{"num":3290,"source_id":"cisa-kev","external_id":"CVE-2021-30713","title":"CVE-2021-30713: Apple macOS Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-30713"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-30713","csirts_url":"https://www.csirts.com/advisory/cve-2021-30713-3290"},{"num":1858,"source_id":"cisa-kev","external_id":"CVE-2012-3152","title":"CVE-2012-3152: Oracle Fusion Middleware Unspecified Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2012-3152"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2012-3152","csirts_url":"https://www.csirts.com/advisory/cve-2012-3152-1858"},{"num":419,"source_id":"cisa-kev","external_id":"CVE-2019-11634","title":"CVE-2019-11634: Citrix Workspace Application and Receiver for Windows Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-11634"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-11634","csirts_url":"https://www.csirts.com/advisory/cve-2019-11634-419"},{"num":3319,"source_id":"cisa-kev","external_id":"CVE-2018-6789","title":"CVE-2018-6789: Exim Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-6789"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-6789","csirts_url":"https://www.csirts.com/advisory/cve-2018-6789-3319"},{"num":3614,"source_id":"cisa-kev","external_id":"CVE-2021-22986","title":"CVE-2021-22986: F5 BIG-IP and BIG-IQ Centralized Management iControl REST Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-22986"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-22986","csirts_url":"https://www.csirts.com/advisory/cve-2021-22986-3614"},{"num":1705,"source_id":"cisa-kev","external_id":"CVE-2020-1054","title":"CVE-2020-1054: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1054"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1054","csirts_url":"https://www.csirts.com/advisory/cve-2020-1054-1705"},{"num":1525,"source_id":"cisa-kev","external_id":"CVE-2020-8655","title":"CVE-2020-8655: EyesOfNetwork Improper Privilege Management Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8655"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8655","csirts_url":"https://www.csirts.com/advisory/cve-2020-8655-1525"},{"num":1842,"source_id":"cisa-kev","external_id":"CVE-2021-26857","title":"CVE-2021-26857: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26857"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26857","csirts_url":"https://www.csirts.com/advisory/cve-2021-26857-1842"},{"num":1703,"source_id":"cisa-kev","external_id":"CVE-2021-27065","title":"CVE-2021-27065: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27065"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27065","csirts_url":"https://www.csirts.com/advisory/cve-2021-27065-1703"},{"num":3280,"source_id":"cisa-kev","external_id":"CVE-2020-27950","title":"CVE-2020-27950: Apple Multiple Products Memory Initialization Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-27950"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-27950","csirts_url":"https://www.csirts.com/advisory/cve-2020-27950-3280"},{"num":3447,"source_id":"cisa-kev","external_id":"CVE-2019-9978","title":"CVE-2019-9978: WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-9978"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-9978","csirts_url":"https://www.csirts.com/advisory/cve-2019-9978-3447"},{"num":3321,"source_id":"cisa-kev","external_id":"CVE-2021-35464","title":"CVE-2021-35464: ForgeRock Access Management (AM) Core Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-35464"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-35464","csirts_url":"https://www.csirts.com/advisory/cve-2021-35464-3321"},{"num":1679,"source_id":"cisa-kev","external_id":"CVE-2020-1472","title":"CVE-2020-1472: Microsoft Netlogon Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1472"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1472","csirts_url":"https://www.csirts.com/advisory/cve-2020-1472-1679"},{"num":3320,"source_id":"cisa-kev","external_id":"CVE-2020-8657","title":"CVE-2020-8657: EyesOfNetwork Use of Hard-Coded Credentials Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8657"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8657","csirts_url":"https://www.csirts.com/advisory/cve-2020-8657-3320"},{"num":796,"source_id":"cisa-kev","external_id":"CVE-2020-0968","title":"CVE-2020-0968: Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0968"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0968","csirts_url":"https://www.csirts.com/advisory/cve-2020-0968-796"},{"num":3608,"source_id":"cisa-kev","external_id":"CVE-2020-8193","title":"CVE-2020-8193: Citrix ADC, Gateway, and SD-WAN WANOP Appliance Authorization Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8193"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8193","csirts_url":"https://www.csirts.com/advisory/cve-2020-8193-3608"},{"num":3598,"source_id":"cisa-kev","external_id":"CVE-2021-20090","title":"CVE-2021-20090: Arcadyan Buffalo Firmware Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-20090"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-20090","csirts_url":"https://www.csirts.com/advisory/cve-2021-20090-3598"},{"num":3281,"source_id":"cisa-kev","external_id":"CVE-2020-27932","title":"CVE-2020-27932: Apple Multiple Products Type Confusion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-27932"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-27932","csirts_url":"https://www.csirts.com/advisory/cve-2020-27932-3281"},{"num":3383,"source_id":"cisa-kev","external_id":"CVE-2017-11774","title":"CVE-2017-11774: Microsoft Office Outlook Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-11774"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-11774","csirts_url":"https://www.csirts.com/advisory/cve-2017-11774-3383"},{"num":3348,"source_id":"cisa-kev","external_id":"CVE-2020-17087","title":"CVE-2020-17087: Microsoft Windows Kernel Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-17087"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-17087","csirts_url":"https://www.csirts.com/advisory/cve-2020-17087-3348"},{"num":787,"source_id":"cisa-kev","external_id":"CVE-2018-0802","title":"CVE-2018-0802: Microsoft Office Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0802"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0802","csirts_url":"https://www.csirts.com/advisory/cve-2018-0802-787"},{"num":3261,"source_id":"cisa-kev","external_id":"CVE-2021-28550","title":"CVE-2021-28550: Adobe Acrobat and Reader Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-28550"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-28550","csirts_url":"https://www.csirts.com/advisory/cve-2021-28550-3261"},{"num":3351,"source_id":"cisa-kev","external_id":"CVE-2021-31201","title":"CVE-2021-31201: Microsoft Enhanced Cryptographic Provider Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31201"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31201","csirts_url":"https://www.csirts.com/advisory/cve-2021-31201-3351"},{"num":3382,"source_id":"cisa-kev","external_id":"CVE-2020-1380","title":"CVE-2020-1380: Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1380"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1380","csirts_url":"https://www.csirts.com/advisory/cve-2020-1380-3382"},{"num":2388,"source_id":"cisa-kev","external_id":"CVE-2018-0798","title":"CVE-2018-0798: Microsoft Office Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-0798"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-0798","csirts_url":"https://www.csirts.com/advisory/cve-2018-0798-2388"},{"num":3367,"source_id":"cisa-kev","external_id":"CVE-2021-26411","title":"CVE-2021-26411: Microsoft Internet Explorer Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-26411"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-26411","csirts_url":"https://www.csirts.com/advisory/cve-2021-26411-3367"},{"num":3381,"source_id":"cisa-kev","external_id":"CVE-2017-0199","title":"CVE-2017-0199: Microsoft Office and WordPad Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-0199"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-0199","csirts_url":"https://www.csirts.com/advisory/cve-2017-0199-3381"},{"num":2404,"source_id":"cisa-kev","external_id":"CVE-2019-1367","title":"CVE-2019-1367: Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-1367"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-1367","csirts_url":"https://www.csirts.com/advisory/cve-2019-1367-2404"},{"num":508,"source_id":"cisa-kev","external_id":"CVE-2020-3118","title":"CVE-2020-3118: Cisco IOS XR Software Discovery Protocol Format String Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3118"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3118","csirts_url":"https://www.csirts.com/advisory/cve-2020-3118-508"},{"num":758,"source_id":"cisa-kev","external_id":"CVE-2020-1040","title":"CVE-2020-1040: Microsoft Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1040"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1040","csirts_url":"https://www.csirts.com/advisory/cve-2020-1040-758"},{"num":3264,"source_id":"cisa-kev","external_id":"CVE-2018-4878","title":"CVE-2018-4878: Adobe Flash Player Use-After-Free Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-4878"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-4878","csirts_url":"https://www.csirts.com/advisory/cve-2018-4878-3264"},{"num":464,"source_id":"cisa-kev","external_id":"CVE-2020-8467","title":"CVE-2020-8467: Trend Micro Apex One and OfficeScan Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8467"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8467","csirts_url":"https://www.csirts.com/advisory/cve-2020-8467-464"},{"num":3366,"source_id":"cisa-kev","external_id":"CVE-2019-0803","title":"CVE-2019-0803: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0803"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0803","csirts_url":"https://www.csirts.com/advisory/cve-2019-0803-3366"},{"num":3263,"source_id":"cisa-kev","external_id":"CVE-2018-15961","title":"CVE-2018-15961: Adobe ColdFusion Unrestricted File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-15961"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-15961","csirts_url":"https://www.csirts.com/advisory/cve-2018-15961-3263"},{"num":3282,"source_id":"cisa-kev","external_id":"CVE-2020-9818","title":"CVE-2020-9818: Apple iOS, iPadOS, and watchOS Out-of-Bounds Write Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-9818"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-9818","csirts_url":"https://www.csirts.com/advisory/cve-2020-9818-3282"},{"num":1500,"source_id":"cisa-kev","external_id":"CVE-2020-3566","title":"CVE-2020-3566: Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3566"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3566","csirts_url":"https://www.csirts.com/advisory/cve-2020-3566-1500"},{"num":3450,"source_id":"cisa-kev","external_id":"CVE-2020-10189","title":"CVE-2020-10189: Zoho ManageEngine Desktop Central File Upload Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-10189"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-10189","csirts_url":"https://www.csirts.com/advisory/cve-2020-10189-3450"},{"num":3379,"source_id":"cisa-kev","external_id":"CVE-2020-0674","title":"CVE-2020-0674: Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0674"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0674","csirts_url":"https://www.csirts.com/advisory/cve-2020-0674-3379"},{"num":3364,"source_id":"cisa-kev","external_id":"CVE-2021-1732","title":"CVE-2021-1732: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1732"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1732","csirts_url":"https://www.csirts.com/advisory/cve-2021-1732-3364"},{"num":3363,"source_id":"cisa-kev","external_id":"CVE-2020-1464","title":"CVE-2020-1464: Microsoft Windows Spoofing Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-1464"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-1464","csirts_url":"https://www.csirts.com/advisory/cve-2020-1464-3363"},{"num":3378,"source_id":"cisa-kev","external_id":"CVE-2017-11882","title":"CVE-2017-11882: Microsoft Office Memory Corruption Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2017-11882"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2017-11882","csirts_url":"https://www.csirts.com/advisory/cve-2017-11882-3378"},{"num":583,"source_id":"cisa-kev","external_id":"CVE-2019-3398","title":"CVE-2019-3398: Atlassian Confluence Server and Data Center Path Traversal Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-3398"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-3398","csirts_url":"https://www.csirts.com/advisory/cve-2019-3398-583"},{"num":3441,"source_id":"cisa-kev","external_id":"CVE-2020-8599","title":"CVE-2020-8599: Trend Micro Apex One and OfficeScan Authentication Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-8599"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-8599","csirts_url":"https://www.csirts.com/advisory/cve-2020-8599-3441"},{"num":2744,"source_id":"cisa-kev","external_id":"CVE-2021-40444","title":"CVE-2021-40444: Microsoft MSHTML Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-40444"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-40444","csirts_url":"https://www.csirts.com/advisory/cve-2021-40444-2744"},{"num":3629,"source_id":"cisa-kev","external_id":"CVE-2021-21148","title":"CVE-2021-21148: Google Chromium V8 Heap Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21148"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21148","csirts_url":"https://www.csirts.com/advisory/cve-2021-21148-3629"},{"num":3345,"source_id":"cisa-kev","external_id":"CVE-2021-1647","title":"CVE-2021-1647: Microsoft Defender Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1647"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1647","csirts_url":"https://www.csirts.com/advisory/cve-2021-1647-3345"},{"num":759,"source_id":"cisa-kev","external_id":"CVE-2021-28310","title":"CVE-2021-28310: Microsoft Win32k Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-28310"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-28310","csirts_url":"https://www.csirts.com/advisory/cve-2021-28310-759"},{"num":2153,"source_id":"cisa-kev","external_id":"CVE-2021-1497","title":"CVE-2021-1497: Cisco HyperFlex HX Installer Virtual Machine Command Injection Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-1497"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-1497","csirts_url":"https://www.csirts.com/advisory/cve-2021-1497-2153"},{"num":1602,"source_id":"cisa-kev","external_id":"CVE-2020-15505","title":"CVE-2020-15505: Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-15505"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-15505","csirts_url":"https://www.csirts.com/advisory/cve-2020-15505-1602"},{"num":2389,"source_id":"cisa-kev","external_id":"CVE-2021-27085","title":"CVE-2021-27085: Microsoft Internet Explorer Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-27085"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-27085","csirts_url":"https://www.csirts.com/advisory/cve-2021-27085-2389"},{"num":3365,"source_id":"cisa-kev","external_id":"CVE-2021-31207","title":"CVE-2021-31207: Microsoft Exchange Server Security Feature Bypass Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31207"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31207","csirts_url":"https://www.csirts.com/advisory/cve-2021-31207-3365"},{"num":753,"source_id":"cisa-kev","external_id":"CVE-2019-0708","title":"CVE-2019-0708: Microsoft Remote Desktop Services Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-0708"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-0708","csirts_url":"https://www.csirts.com/advisory/cve-2019-0708-753"},{"num":3648,"source_id":"cisa-kev","external_id":"CVE-2020-0688","title":"CVE-2020-0688: Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0688"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0688","csirts_url":"https://www.csirts.com/advisory/cve-2020-0688-3648"},{"num":2726,"source_id":"cisa-kev","external_id":"CVE-2021-38649","title":"CVE-2021-38649: Microsoft Open Management Infrastructure (OMI) Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-38649"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-38649","csirts_url":"https://www.csirts.com/advisory/cve-2021-38649-2726"},{"num":2330,"source_id":"cisa-kev","external_id":"CVE-2019-4716","title":"CVE-2019-4716: IBM Planning Analytics Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2019-4716"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2019-4716","csirts_url":"https://www.csirts.com/advisory/cve-2019-4716-2330"},{"num":421,"source_id":"cisa-kev","external_id":"CVE-2018-7600","title":"CVE-2018-7600: Drupal Core Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2018-7600"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2018-7600","csirts_url":"https://www.csirts.com/advisory/cve-2018-7600-421"},{"num":1652,"source_id":"cisa-kev","external_id":"CVE-2021-34523","title":"CVE-2021-34523: Microsoft Exchange Server Privilege Escalation Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-34523"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-34523","csirts_url":"https://www.csirts.com/advisory/cve-2021-34523-1652"},{"num":3360,"source_id":"cisa-kev","external_id":"CVE-2020-17144","title":"CVE-2020-17144: Microsoft Exchange Server Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-17144"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-17144","csirts_url":"https://www.csirts.com/advisory/cve-2020-17144-3360"},{"num":3359,"source_id":"cisa-kev","external_id":"CVE-2020-0938","title":"CVE-2020-0938: Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-0938"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-0938","csirts_url":"https://www.csirts.com/advisory/cve-2020-0938-3359"},{"num":1532,"source_id":"cisa-kev","external_id":"CVE-2020-3569","title":"CVE-2020-3569: Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3569"],"exploited":true,"has_exploit":false,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3569","csirts_url":"https://www.csirts.com/advisory/cve-2020-3569-1532"},{"num":2341,"source_id":"cisa-kev","external_id":"CVE-2016-0185","title":"CVE-2016-0185: Microsoft Windows Media Center Remote Code Execution Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2016-0185"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2016-0185","csirts_url":"https://www.csirts.com/advisory/cve-2016-0185-2341"},{"num":3344,"source_id":"cisa-kev","external_id":"CVE-2021-31955","title":"CVE-2021-31955: Microsoft Windows Kernel Information Disclosure Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-31955"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-31955","csirts_url":"https://www.csirts.com/advisory/cve-2021-31955-3344"},{"num":1498,"source_id":"cisa-kev","external_id":"CVE-2021-21017","title":"CVE-2021-21017: Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2021-21017"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2021-21017","csirts_url":"https://www.csirts.com/advisory/cve-2021-21017-1498"},{"num":3308,"source_id":"cisa-kev","external_id":"CVE-2020-3580","title":"CVE-2020-3580: Cisco ASA and FTD Cross-Site Scripting (XSS) Vulnerability","severity":"critical","cvss":null,"cves":["CVE-2020-3580"],"exploited":true,"has_exploit":true,"published_at":"2021-11-03T00:00:00+00:00","link":"https://nvd.nist.gov/vuln/detail/CVE-2020-3580","csirts_url":"https://www.csirts.com/advisory/cve-2020-3580-3308"},{"num":87085,"source_id":"jenkins","external_id":"jenkins-advisory-2021-10-06","title":"Jenkins Security Advisory 2021-10-06","severity":"unknown","cvss":null,"cves":["CVE-2021-21682","CVE-2014-3577","CVE-2021-21683","CVE-2021-21684"],"exploited":false,"has_exploit":false,"published_at":"2021-10-06T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-10-06/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-10-06-87085"},{"num":87086,"source_id":"jenkins","external_id":"jenkins-advisory-2021-08-31","title":"Jenkins Security Advisory 2021-08-31","severity":"unknown","cvss":null,"cves":["CVE-2021-21677","CVE-2021-21678","CVE-2021-21679","CVE-2021-21680","CVE-2021-21681"],"exploited":false,"has_exploit":false,"published_at":"2021-08-31T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-08-31/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-08-31-87086"},{"num":87087,"source_id":"jenkins","external_id":"jenkins-advisory-2021-06-30","title":"Jenkins Security Advisory 2021-06-30","severity":"unknown","cvss":null,"cves":["CVE-2021-21670","CVE-2021-21671","CVE-2021-21672","CVE-2021-21673","CVE-2021-21674","CVE-2021-21675","CVE-2021-21676"],"exploited":false,"has_exploit":false,"published_at":"2021-06-30T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-06-30/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-06-30-87087"},{"num":87088,"source_id":"jenkins","external_id":"jenkins-advisory-2021-06-18","title":"Jenkins Security Advisory 2021-06-18","severity":"unknown","cvss":null,"cves":["CVE-2021-21669"],"exploited":false,"has_exploit":false,"published_at":"2021-06-18T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-06-18/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-06-18-87088"},{"num":87089,"source_id":"jenkins","external_id":"jenkins-advisory-2021-06-16","title":"Jenkins Security Advisory 2021-06-16","severity":"unknown","cvss":null,"cves":["CVE-2021-21667","CVE-2021-21668"],"exploited":false,"has_exploit":false,"published_at":"2021-06-16T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-06-16/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-06-16-87089"},{"num":87090,"source_id":"jenkins","external_id":"jenkins-advisory-2021-06-10","title":"Jenkins Security Advisory 2021-06-10","severity":"unknown","cvss":null,"cves":["CVE-2021-21661","CVE-2021-21662","CVE-2021-21663","CVE-2021-21664","CVE-2021-21665","CVE-2021-21666"],"exploited":false,"has_exploit":false,"published_at":"2021-06-10T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-06-10/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-06-10-87090"},{"num":87091,"source_id":"jenkins","external_id":"jenkins-advisory-2021-05-25","title":"Jenkins Security Advisory 2021-05-25","severity":"unknown","cvss":null,"cves":["CVE-2021-21657","CVE-2021-21658","CVE-2021-21659","CVE-2021-21660"],"exploited":false,"has_exploit":false,"published_at":"2021-05-25T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-05-25/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-05-25-87091"},{"num":87092,"source_id":"jenkins","external_id":"jenkins-advisory-2021-05-11","title":"Jenkins Security Advisory 2021-05-11","severity":"unknown","cvss":null,"cves":["CVE-2021-21648","CVE-2021-21649","CVE-2021-21650","CVE-2021-21651","CVE-2021-21652","CVE-2021-21653","CVE-2021-21654","CVE-2021-21655","CVE-2021-21656"],"exploited":false,"has_exploit":false,"published_at":"2021-05-11T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-05-11/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-05-11-87092"},{"num":217,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/acd-report-year-four","title":"Active Cyber Defence (ACD) - the fourth year","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2021-05-10T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/acd-report-year-four","csirts_url":"https://www.csirts.com/advisory/active-cyber-defence-acd-the-fourth-year-217"},{"num":87093,"source_id":"jenkins","external_id":"jenkins-advisory-2021-04-21","title":"Jenkins Security Advisory 2021-04-21","severity":"unknown","cvss":null,"cves":["CVE-2021-21642","CVE-2021-21643","CVE-2021-21644","CVE-2021-21645","CVE-2021-21646","CVE-2021-21647"],"exploited":false,"has_exploit":false,"published_at":"2021-04-21T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-04-21/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-04-21-87093"},{"num":87094,"source_id":"jenkins","external_id":"jenkins-advisory-2021-04-20","title":"Jenkins Security Advisory 2021-04-20","severity":"unknown","cvss":null,"cves":["CVE-2021-28165"],"exploited":false,"has_exploit":false,"published_at":"2021-04-20T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-04-20/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-04-20-87094"},{"num":87095,"source_id":"jenkins","external_id":"jenkins-advisory-2021-04-07","title":"Jenkins Security Advisory 2021-04-07","severity":"unknown","cvss":null,"cves":["CVE-2021-21639","CVE-2021-21640","CVE-2021-21641","CVE-2021-22512","CVE-2021-22513","CVE-2021-22510","CVE-2021-22511"],"exploited":false,"has_exploit":false,"published_at":"2021-04-07T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-04-07/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-04-07-87095"},{"num":87096,"source_id":"jenkins","external_id":"jenkins-advisory-2021-03-30","title":"Jenkins Security Advisory 2021-03-30","severity":"unknown","cvss":null,"cves":["CVE-2021-21628","CVE-2021-21629","CVE-2021-21630","CVE-2021-21631","CVE-2021-21632","CVE-2021-21633","CVE-2021-21634","CVE-2021-21635","CVE-2021-21636","CVE-2021-21637","CVE-2021-21638"],"exploited":false,"has_exploit":false,"published_at":"2021-03-30T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-03-30/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-03-30-87096"},{"num":87097,"source_id":"jenkins","external_id":"jenkins-advisory-2021-03-18","title":"Jenkins Security Advisory 2021-03-18","severity":"unknown","cvss":null,"cves":["CVE-2021-21623","CVE-2021-21624","CVE-2021-21625","CVE-2021-21626","CVE-2021-21627"],"exploited":false,"has_exploit":false,"published_at":"2021-03-18T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-03-18/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-03-18-87097"},{"num":87098,"source_id":"jenkins","external_id":"jenkins-advisory-2021-02-24","title":"Jenkins Security Advisory 2021-02-24","severity":"unknown","cvss":null,"cves":["CVE-2021-21616","CVE-2021-21617","CVE-2021-21618","CVE-2021-21619","CVE-2021-21620","CVE-2021-21621","CVE-2021-21622"],"exploited":false,"has_exploit":false,"published_at":"2021-02-24T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-02-24/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-02-24-87098"},{"num":87099,"source_id":"jenkins","external_id":"jenkins-advisory-2021-02-19","title":"Jenkins Security Advisory 2021-02-19","severity":"unknown","cvss":null,"cves":["CVE-2021-22112"],"exploited":false,"has_exploit":false,"published_at":"2021-02-19T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-02-19/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-02-19-87099"},{"num":218,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/acd-report-year-three","title":"Active Cyber Defence (ACD) - The Third Year","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2021-02-19T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/acd-report-year-three","csirts_url":"https://www.csirts.com/advisory/active-cyber-defence-acd-the-third-year-218"},{"num":87100,"source_id":"jenkins","external_id":"jenkins-advisory-2021-01-26","title":"Jenkins Security Advisory 2021-01-26","severity":"unknown","cvss":null,"cves":["CVE-2021-21615","CVE-2021-21602"],"exploited":false,"has_exploit":false,"published_at":"2021-01-26T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-01-26/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-01-26-87100"},{"num":219,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/responsible-use-of-bgp-for-isp-interworking","title":"Technical report: Responsible use of the Border Gateway Protocol (BGP) for ISP interworking","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2021-01-20T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/responsible-use-of-bgp-for-isp-interworking","csirts_url":"https://www.csirts.com/advisory/technical-report-responsible-use-of-the-219"},{"num":87101,"source_id":"jenkins","external_id":"jenkins-advisory-2021-01-13","title":"Jenkins Security Advisory 2021-01-13","severity":"unknown","cvss":null,"cves":["CVE-2021-21603","CVE-2021-21608","CVE-2021-21610","CVE-2021-21611","CVE-2021-21604","CVE-2021-21602","CVE-2018-1000862","CVE-2021-21605","CVE-2021-21606","CVE-2021-21607","CVE-2021-21609","CVE-2021-21612","CVE-2021-21613","CVE-2021-21614"],"exploited":false,"has_exploit":false,"published_at":"2021-01-13T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2021-01-13/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2021-01-13-87101"},{"num":87102,"source_id":"jenkins","external_id":"jenkins-advisory-2020-12-03","title":"Jenkins Security Advisory 2020-12-03","severity":"unknown","cvss":null,"cves":["CVE-2020-2324","CVE-2020-2320","CVE-2020-2321","CVE-2020-2322","CVE-2020-2323"],"exploited":false,"has_exploit":false,"published_at":"2020-12-03T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-12-03/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-12-03-87102"},{"num":87103,"source_id":"jenkins","external_id":"jenkins-advisory-2020-11-04","title":"Jenkins Security Advisory 2020-11-04","severity":"unknown","cvss":null,"cves":["CVE-2020-2299","CVE-2020-2300","CVE-2020-2301","CVE-2020-2302","CVE-2020-2303","CVE-2020-2304","CVE-2020-2305","CVE-2020-2306","CVE-2020-2307","CVE-2020-2308","CVE-2020-2309","CVE-2020-2310","CVE-2020-2311","CVE-2020-2312","CVE-2020-2313","CVE-2020-2314","CVE-2020-2315","CVE-2020-2316","CVE-2020-2317","CVE-2020-2318","CVE-2020-2319"],"exploited":false,"has_exploit":false,"published_at":"2020-11-04T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-11-04/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-11-04-87103"},{"num":87104,"source_id":"jenkins","external_id":"jenkins-advisory-2020-10-08","title":"Jenkins Security Advisory 2020-10-08","severity":"unknown","cvss":null,"cves":["CVE-2020-2286","CVE-2020-2287","CVE-2020-2288","CVE-2020-2289","CVE-2020-2290","CVE-2020-2291","CVE-2020-2292","CVE-2020-2293","CVE-2020-2294","CVE-2020-2295","CVE-2020-2296","CVE-2020-2297","CVE-2020-2298"],"exploited":false,"has_exploit":false,"published_at":"2020-10-08T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-10-08/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-10-08-87104"},{"num":87105,"source_id":"jenkins","external_id":"jenkins-advisory-2020-09-23","title":"Jenkins Security Advisory 2020-09-23","severity":"unknown","cvss":null,"cves":["CVE-2020-2279","CVE-2020-2280","CVE-2020-2281","CVE-2020-2282","CVE-2020-2283","CVE-2020-2284","CVE-2020-2285"],"exploited":false,"has_exploit":false,"published_at":"2020-09-23T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-09-23/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-09-23-87105"},{"num":87106,"source_id":"jenkins","external_id":"jenkins-advisory-2020-09-16","title":"Jenkins Security Advisory 2020-09-16","severity":"unknown","cvss":null,"cves":["CVE-2020-2252","CVE-2020-2253","CVE-2020-2254","CVE-2020-2255","CVE-2020-2256","CVE-2020-2257","CVE-2020-2258","CVE-2020-2259","CVE-2020-2260","CVE-2020-2261","CVE-2020-2262","CVE-2020-2263","CVE-2020-2264","CVE-2020-2265","CVE-2020-2266","CVE-2020-2267","CVE-2020-2268","CVE-2020-2269","CVE-2020-2270","CVE-2020-2271","CVE-2020-2272","CVE-2020-2273","CVE-2020-2274","CVE-2020-2275","CVE-2020-2276","CVE-2020-2277","CVE-2020-2278"],"exploited":false,"has_exploit":false,"published_at":"2020-09-16T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-09-16/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-09-16-87106"},{"num":87107,"source_id":"jenkins","external_id":"jenkins-advisory-2020-09-01","title":"Jenkins Security Advisory 2020-09-01","severity":"unknown","cvss":null,"cves":["CVE-2020-2238","CVE-2020-2239","CVE-2020-2240","CVE-2020-2241","CVE-2020-2242","CVE-2020-2243","CVE-2020-2244","CVE-2020-2245","CVE-2020-2246","CVE-2020-2247","CVE-2020-2248","CVE-2020-2249","CVE-2020-2250","CVE-2020-2251"],"exploited":false,"has_exploit":false,"published_at":"2020-09-01T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-09-01/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-09-01-87107"},{"num":87108,"source_id":"jenkins","external_id":"jenkins-advisory-2020-08-17","title":"Jenkins Security Advisory 2020-08-17","severity":"unknown","cvss":null,"cves":["CVE-2019-17638"],"exploited":false,"has_exploit":false,"published_at":"2020-08-17T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-08-17/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-08-17-87108"},{"num":87109,"source_id":"jenkins","external_id":"jenkins-advisory-2020-08-12","title":"Jenkins Security Advisory 2020-08-12","severity":"unknown","cvss":null,"cves":["CVE-2020-2229","CVE-2020-2230","CVE-2020-2231","CVE-2020-2232","CVE-2020-2233","CVE-2020-2234","CVE-2020-2235","CVE-2020-2236","CVE-2020-2237"],"exploited":false,"has_exploit":false,"published_at":"2020-08-12T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-08-12/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-08-12-87109"},{"num":220,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/diversity-and-inclusion-in-cyber-security-report","title":"Decrypting diversity: Diversity and inclusion in cyber security report 2020","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2020-07-28T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/diversity-and-inclusion-in-cyber-security-report","csirts_url":"https://www.csirts.com/advisory/decrypting-diversity-diversity-and-220"},{"num":221,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/the-cyber-threat-to-sports-organisations","title":"The cyber threat to sports organisations","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2020-07-23T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/the-cyber-threat-to-sports-organisations","csirts_url":"https://www.csirts.com/advisory/the-cyber-threat-to-sports-organisations-221"},{"num":87110,"source_id":"jenkins","external_id":"jenkins-advisory-2020-07-15","title":"Jenkins Security Advisory 2020-07-15","severity":"unknown","cvss":null,"cves":["CVE-2020-2220","CVE-2020-2221","CVE-2020-2222","CVE-2020-2223","CVE-2020-2224","CVE-2020-2225","CVE-2020-2226","CVE-2020-2227","CVE-2020-2228"],"exploited":false,"has_exploit":false,"published_at":"2020-07-15T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-07-15/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-07-15-87110"},{"num":222,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/summary-of-ncsc-analysis-of-us-may-2020-sanction","title":"Summary of the NCSC analysis of May 2020 US sanction","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2020-07-14T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/summary-of-ncsc-analysis-of-us-may-2020-sanction","csirts_url":"https://www.csirts.com/advisory/summary-of-the-ncsc-analysis-of-may-2020-222"},{"num":87111,"source_id":"jenkins","external_id":"jenkins-advisory-2020-07-02","title":"Jenkins Security Advisory 2020-07-02","severity":"unknown","cvss":null,"cves":["CVE-2020-2201","CVE-2020-2202","CVE-2020-2203","CVE-2020-2204","CVE-2020-2205","CVE-2020-2206","CVE-2020-2207","CVE-2020-2208","CVE-2020-2209","CVE-2020-2210","CVE-2020-2211","CVE-2020-2212","CVE-2020-2213","CVE-2020-2214","CVE-2020-2215","CVE-2020-2216","CVE-2020-2217","CVE-2020-2218","CVE-2020-2219"],"exploited":false,"has_exploit":false,"published_at":"2020-07-02T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-07-02/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-07-02-87111"},{"num":87112,"source_id":"jenkins","external_id":"jenkins-advisory-2020-06-03","title":"Jenkins Security Advisory 2020-06-03","severity":"unknown","cvss":null,"cves":["CVE-2020-2190","CVE-2020-2191","CVE-2020-2192","CVE-2020-2193","CVE-2020-2194","CVE-2020-2195","CVE-2020-2196","CVE-2020-2197","CVE-2020-2198","CVE-2020-2199","CVE-2020-2200"],"exploited":false,"has_exploit":false,"published_at":"2020-06-03T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-06-03/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-06-03-87112"},{"num":87113,"source_id":"jenkins","external_id":"jenkins-advisory-2020-05-06","title":"Jenkins Security Advisory 2020-05-06","severity":"unknown","cvss":null,"cves":["CVE-2020-2181","CVE-2020-2182","CVE-2020-2183","CVE-2020-2184","CVE-2020-2185","CVE-2020-2186","CVE-2020-2187","CVE-2020-2188","CVE-2020-2189"],"exploited":false,"has_exploit":false,"published_at":"2020-05-06T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-05-06/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-05-06-87113"},{"num":223,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/nhs-covid-19-app-privacy-security-report","title":"High level privacy and security design for NHS COVID-19 contact tracing app","severity":"high","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2020-05-04T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/nhs-covid-19-app-privacy-security-report","csirts_url":"https://www.csirts.com/advisory/high-level-privacy-and-security-design-223"},{"num":87114,"source_id":"jenkins","external_id":"jenkins-advisory-2020-04-16","title":"Jenkins Security Advisory 2020-04-16","severity":"unknown","cvss":null,"cves":["CVE-2020-2177","CVE-2020-2178","CVE-2020-2179","CVE-2020-2180"],"exploited":false,"has_exploit":false,"published_at":"2020-04-16T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-04-16/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-04-16-87114"},{"num":87115,"source_id":"jenkins","external_id":"jenkins-advisory-2020-04-07","title":"Jenkins Security Advisory 2020-04-07","severity":"unknown","cvss":null,"cves":["CVE-2020-2172","CVE-2020-2173","CVE-2020-2174","CVE-2020-2175","CVE-2020-2176"],"exploited":false,"has_exploit":false,"published_at":"2020-04-07T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-04-07/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-04-07-87115"},{"num":87116,"source_id":"jenkins","external_id":"jenkins-advisory-2020-03-25","title":"Jenkins Security Advisory 2020-03-25","severity":"unknown","cvss":null,"cves":["CVE-2020-2160","CVE-2020-2161","CVE-2020-2162","CVE-2020-2163","CVE-2020-2164","CVE-2020-2165","CVE-2020-2166","CVE-2020-2167","CVE-2020-2168","CVE-2020-2169","CVE-2020-2170","CVE-2020-2171"],"exploited":false,"has_exploit":false,"published_at":"2020-03-25T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-03-25/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-03-25-87116"},{"num":87117,"source_id":"jenkins","external_id":"jenkins-advisory-2020-03-09","title":"Jenkins Security Advisory 2020-03-09","severity":"unknown","cvss":null,"cves":["CVE-2020-2134","CVE-2020-2135","CVE-2020-2136","CVE-2020-2137","CVE-2020-2138","CVE-2020-2139","CVE-2020-2140","CVE-2020-2141","CVE-2020-2142","CVE-2020-2143","CVE-2020-2144","CVE-2020-2145","CVE-2020-2146","CVE-2020-2147","CVE-2020-2148","CVE-2020-2149","CVE-2020-2150","CVE-2020-2151","CVE-2020-2152","CVE-2020-2153","CVE-2020-2154","CVE-2020-2155","CVE-2020-2156","CVE-2020-2157","CVE-2020-2158","CVE-2020-2159"],"exploited":false,"has_exploit":false,"published_at":"2020-03-09T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-03-09/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-03-09-87117"},{"num":87118,"source_id":"jenkins","external_id":"jenkins-advisory-2020-02-12","title":"Jenkins Security Advisory 2020-02-12","severity":"unknown","cvss":null,"cves":["CVE-2020-2109","CVE-2020-2110","CVE-2020-2111","CVE-2020-2112","CVE-2020-2113","CVE-2020-2114","CVE-2020-2115","CVE-2020-2116","CVE-2020-2117","CVE-2020-2118","CVE-2020-2119","CVE-2020-2120","CVE-2020-2121","CVE-2020-2122","CVE-2020-2123","CVE-2020-2124","CVE-2020-2125","CVE-2020-2126","CVE-2020-2127","CVE-2020-2128","CVE-2020-2129","CVE-2020-2130","CVE-2020-2131","CVE-2020-2132","CVE-2020-2133"],"exploited":false,"has_exploit":false,"published_at":"2020-02-12T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-02-12/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-02-12-87118"},{"num":87119,"source_id":"jenkins","external_id":"jenkins-advisory-2020-01-29","title":"Jenkins Security Advisory 2020-01-29","severity":"unknown","cvss":null,"cves":["CVE-2020-2099","CVE-2020-2100","CVE-2020-2101","CVE-2020-2102","CVE-2020-2103","CVE-2020-2104","CVE-2020-2105","CVE-2020-2106","CVE-2020-2107","CVE-2020-2108"],"exploited":false,"has_exploit":false,"published_at":"2020-01-29T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-01-29/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-01-29-87119"},{"num":224,"source_id":"ncsc-uk","external_id":"https://www.ncsc.gov.uk/report/summary-of-ncsc-security-analysis-for-the-uk-telecoms-sector","title":"Summary of NCSC’s security analysis for the UK telecoms sector","severity":"unknown","cvss":null,"cves":[],"exploited":false,"has_exploit":false,"published_at":"2020-01-28T12:00:00+00:00","link":"https://www.ncsc.gov.uk/report/summary-of-ncsc-security-analysis-for-the-uk-telecoms-sector","csirts_url":"https://www.csirts.com/advisory/summary-of-ncsc-s-security-analysis-for-224"},{"num":87120,"source_id":"jenkins","external_id":"jenkins-advisory-2020-01-15","title":"Jenkins Security Advisory 2020-01-15","severity":"unknown","cvss":null,"cves":["CVE-2020-2090","CVE-2020-2091","CVE-2020-2092","CVE-2020-2093","CVE-2020-2094","CVE-2020-2095","CVE-2020-2096","CVE-2020-2097","CVE-2020-2098"],"exploited":false,"has_exploit":false,"published_at":"2020-01-15T12:00:00+00:00","link":"https://www.jenkins.io/security/advisory/2020-01-15/","csirts_url":"https://www.csirts.com/advisory/jenkins-security-advisory-2020-01-15-87120"}]}