| 2026-07-01 |
cisco |
Cisco Catalyst Center Arbitrary File Read Vulnerability |
7.5 |
|
| 2026-07-01 |
cisco |
ClamAV Vulnerabilities Affecting Cisco Products: July 2026 |
7.5 |
|
| 2026-06-24 |
cisco |
Cisco Advance Notification for Publication of July 1, 2026, Security Advisories |
Not yet scored |
|
| 2026-06-17 |
cisco |
Cisco Webex App Open Redirect Vulnerability |
4.3 |
|
| 2026-06-17 |
cisco |
Cisco Crosswork Network Controller Server-Side Template Injection Vulnerability |
6.3 |
|
| 2026-06-17 |
cisco |
Cisco Umbrella Virtual Appliance Privilege Escalation Vulnerability |
6.0 |
|
| 2026-06-17 |
cisco |
Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities |
9.1 |
|
| 2026-06-15 |
cisco |
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability |
6.5 |
Exploited (KEV) |
| 2026-06-09 |
fortinet |
Second-Order OS Command Injection via JSON Input on start vnc feature |
9.1 |
|
| 2026-06-09 |
fortinet |
Restricted CLI escape using Lua |
6.0 |
|
| 2026-06-09 |
fortinet |
Improper access control in API endpoints |
6.2 |
|
| 2026-06-09 |
microsoft |
June 2026 Security Updates |
10.0 |
Exploited (KEV) |
| 2026-06-04 |
cisco |
Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability |
7.8 |
Exploited (KEV) |
| 2026-06-03 |
fortinet |
Linux Kernel vulnerability Dirty Frag |
7.9 |
|
| 2026-06-03 |
cisco |
Cisco Webex Meetings Cross-Site Scripting Vulnerability |
6.1 |
|
| 2026-06-03 |
cisco |
Cisco Finesse Remote File Inclusion Vulnerability |
6.1 |
|
| 2026-06-03 |
cisco |
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability |
8.6 |
Exploited (KEV) |
| 2026-05-20 |
cisco |
Cisco Secure Workload Unauthorized API Access Vulnerability |
10.0 |
|
| 2026-05-20 |
cisco |
Cisco ThousandEyes Virtual Appliance Authenticated Remote Code Execution Vulnerability |
4.7 |
|
| 2026-05-20 |
cisco |
Cisco ThousandEyes Enterprise Agent BrowserBot Command Injection Vulnerability |
6.3 |
|
| 2026-05-20 |
cisco |
Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability |
6.8 |
|
| 2026-05-14 |
cisco |
Cisco Catalyst SD-WAN Manager Vulnerabilities |
8.6 |
|
| 2026-05-14 |
cisco |
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability |
10.0 |
Exploited (KEV) |
| 2026-05-13 |
fortinet |
Linux Kernel Vulnerability copy.fail - CVE-2026-31431 |
7.8 |
Exploited (KEV) |
| 2026-05-12 |
fortinet |
User controlled SQL commands |
5.1 |
|
| 2026-05-12 |
fortinet |
SQL command injection in administrative portal |
6.3 |
|
| 2026-05-12 |
fortinet |
Out-of-bounds access in CAPWAP daemon |
8.3 |
|
| 2026-05-12 |
fortinet |
OTP Disclosure via Exported TokenContentProvider |
5.0 |
|
| 2026-05-12 |
fortinet |
OS command injection in CLI |
6.5 |
|
| 2026-05-12 |
fortinet |
Incorrect global authorization |
9.1 |
|
| 2026-05-12 |
fortinet |
Improper access control on API endpoints |
9.1 |
|
| 2026-05-12 |
fortinet |
Hardcoded Encryption Key Used for VPN Saved Passwords |
2.1 |
|
| 2026-05-12 |
fortinet |
DoS due to unsafe function in signal handler |
5.2 |
|
| 2026-05-12 |
fortinet |
Command injection in CLI |
6.1 |
|
| 2026-05-12 |
fortinet |
Arbitrary log file read in administrative interface |
4.0 |
|
| 2026-05-12 |
microsoft |
May 2026 Security Updates |
10.0 |
Exploited (KEV) |
| 2026-05-06 |
cisco |
Cisco Identity Services Engine Authentication Bypass Vulnerabilities |
5.3 |
|
| 2026-05-06 |
cisco |
Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability |
4.3 |
|
| 2026-05-06 |
cisco |
Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities |
8.8 |
|
| 2026-05-06 |
cisco |
Cisco SG350 and SG350X Series Managed Switches SNMP Denial of Service Vulnerability |
7.7 |
|
| 2026-05-06 |
cisco |
Cisco IoT Field Network Director Vulnerabilities |
7.7 |
|
| 2026-05-06 |
cisco |
Cisco Slido Insecure Direct Object Reference Vulnerability |
5.4 |
|
| 2026-05-06 |
cisco |
Cisco Prime Infrastructure Information Disclosure Vulnerability |
4.3 |
|
| 2026-05-06 |
cisco |
Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory |
0.0 |
|
| 2026-04-23 |
cisco |
Continued Evolution of Persistence Mechanism Against Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense |
Not yet scored |
|
| 2026-04-15 |
fortinet |
Out-Of-Bounds Write in administrative interface |
6.7 |
|
| 2026-04-15 |
cisco |
Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability |
6.0 |
|
| 2026-04-15 |
cisco |
Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities |
4.8 |
|
| 2026-04-15 |
cisco |
Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability |
5.5 |
|
| 2026-04-15 |
cisco |
Cisco Unity Connection Arbitrary File Download Vulnerabilities |
6.5 |
|
| 2026-04-15 |
cisco |
Cisco Webex Contact Center Cross-Site Scripting Vulnerability |
6.1 |
|
| 2026-04-15 |
cisco |
Cisco Identity Services Engine Remote Code Execution Vulnerabilities |
9.9 |
|
| 2026-04-15 |
cisco |
Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities |
6.1 |
|
| 2026-04-15 |
cisco |
Cisco Secure Web Appliance Authentication Bypass Vulnerability |
5.3 |
|
| 2026-04-15 |
cisco |
Cisco Webex Services Certificate Validation Vulnerability |
9.8 |
|
| 2026-04-15 |
cisco |
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities |
9.9 |
|
| 2026-04-14 |
fortinet |
unauthorized backup file access |
5.4 |
|
| 2026-04-14 |
fortinet |
Unauthenticated Authentication bypass and Privilege escalation in FortiSandbox |
9.1 |
|
| 2026-04-14 |
fortinet |
Stored Cross Site Scripting (XSS) in Reports View page |
4.4 |
|
| 2026-04-14 |
fortinet |
SSRF via Report template and scheduling |
4.1 |
|
| 2026-04-14 |
fortinet |
SQL Injection via JSON RPC API |
6.8 |
|
| 2026-04-14 |
fortinet |
SQL Injection via API |
7.9 |
|
| 2026-04-14 |
fortinet |
Reflected XSS in Operation Center |
4.9 |
|
| 2026-04-14 |
fortinet |
Path Traversal on File Content Extraction connector |
6.2 |
|
| 2026-04-14 |
fortinet |
Path Traversal in CLI |
5.4 |
|
| 2026-04-14 |
fortinet |
Path Traversal in CLI |
5.4 |
|
| 2026-04-14 |
fortinet |
Open Redirection via Import CSV option |
2.2 |
|
| 2026-04-14 |
fortinet |
OS Command Injection through API endpoint |
9.1 |
|
| 2026-04-14 |
fortinet |
Multiple Stored XSS |
4.3 |
|
| 2026-04-14 |
fortinet |
Multiple SQL Injections |
7.1 |
|
| 2026-04-14 |
fortinet |
Multiple Path traversals in CLI |
6.2 |
|
| 2026-04-14 |
fortinet |
Missing Authentication for critical function in CAPWAP daemon |
6.2 |
|
| 2026-04-14 |
fortinet |
Integer Overflow Denial of Service in administrative interface |
4.4 |
|
| 2026-04-14 |
fortinet |
Heap-based buffer overflow in oftpd daemon |
7.3 |
|
| 2026-04-14 |
fortinet |
Hardcoded symmetric encryption key for Postgresql |
5.2 |
|
| 2026-04-14 |
fortinet |
Credential disclosure in LDAP configuration web page. |
2.5 |
|
| 2026-04-14 |
fortinet |
Cleartext Credentials in response for API endpoints |
6.2 |
|
| 2026-04-14 |
fortinet |
Clear-text credentials retrievable with IP modification for connectors |
4.1 |
|
| 2026-04-14 |
fortinet |
Clear-text credentials retrievable with IP modification for LDAP |
4.1 |
|
| 2026-04-14 |
fortinet |
Axios npm Package Compromised |
Not yet scored |
|
| 2026-04-14 |
fortinet |
Arbitrary directory delete on vmimages delete feature |
6.2 |
|
| 2026-04-14 |
fortinet |
2FA request can be replayed without a valid token after one successful request |
6.7 |
|
| 2026-04-14 |
microsoft |
April 2026 Security Updates |
10.0 |
Exploited (KEV) |
| 2026-04-04 |
fortinet |
API authentication and authorization bypass |
9.1 |
Exploited (KEV) |