{"source":"CISA Known Exploited Vulnerabilities catalog","scope":"privacy / comms / network circumvention stack","filtered_total":865,"known_ransomware_total":169,"returned":50,"generated_at":"2026-07-14T01:22:52.041Z","disclaimer":"Re-surfaced from CISA. Voidly adds the circumvention-relevance filter; it makes no independent vulnerability claim. Always verify against the linked NVD/CISA record. CVSS is enriched from NVD and may be absent (null) for recently-added CVEs.","threats":[{"cve_id":"CVE-2008-4128","vendor":"Cisco","product":"IOS","name":"Cisco IOS Cross-Site Request Forgery Vulnerability","date_added":"2026-07-13","description":"Cisco IOS 12.4 contains multiple cross-site forgery vulnerabilities that allows remote attackers to execute arbitrary commands via (1) a certain \"show privilege\" command to the /level/15/exec/- URI, and (2) a certain \"alias exec\" command to the /level/15/exec/-/configure/http URI.","required_action":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","remediation_due":"2026-07-16","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4128","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-45659","vendor":"Microsoft","product":"SharePoint Server","name":"Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability","date_added":"2026-07-01","description":"Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network.","required_action":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","remediation_due":"2026-07-04","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45659","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20230","vendor":"Cisco","product":"Unified Communications Manager","name":"Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability","date_added":"2026-06-25","description":"Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root.","required_action":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","remediation_due":"2026-06-28","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20230","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20262","vendor":"Cisco","product":"Catalyst SD-WAN Manager","name":"Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability","date_added":"2026-06-15","description":"Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system.","required_action":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","remediation_due":"2026-06-29","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20262","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-10520","vendor":"Ivanti","product":"Sentry","name":"Ivanti Sentry OS Command Injection Vulnerability","date_added":"2026-06-11","description":"Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the Sentry appliance is in an unmanaged state with its endpoints externally reachable. The use of mTLS with EPMM or restricted HTTPS access through Neurons for MDM makes interfaces inaccessible to external actors.","required_action":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","remediation_due":"2026-06-14","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-10520","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20245","vendor":"Cisco","product":"Catalyst SD-WAN Manager","name":"Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability","date_added":"2026-06-09","description":"Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-23","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20245","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-11645","vendor":"Google","product":"Chromium V8","name":"Google Chromium V8 Out-of-Bounds Read and Write Vulnerability","date_added":"2026-06-09","description":"Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-23","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-11645","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-50751","vendor":"Check Point","product":"Security Gateway","name":"Check Point Security Gateway Improper Authentication Vulnerability","date_added":"2026-06-08","description":"Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-11","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-50751","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-0257","vendor":"Palo Alto Networks","product":"PAN-OS","name":"Palo Alto Networks PAN-OS Authentication Bypass Vulnerability","date_added":"2026-05-29","description":"Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establish an unauthorized VPN connection.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-01","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0257","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-45498","vendor":"Microsoft","product":"Defender","name":"Microsoft Defender Denial of Service Vulnerability","date_added":"2026-05-20","description":"Microsoft Defender contains an unspecified vulnerability that allows for denial of service.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-03","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45498","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-41091","vendor":"Microsoft","product":"Defender","name":"Microsoft Defender Link Following Vulnerability","date_added":"2026-05-20","description":"Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-03","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41091","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2010-0806","vendor":"Microsoft","product":"Internet Explorer","name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2026-05-20","description":"Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-03","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0806","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2010-0249","vendor":"Microsoft","product":"Internet Explorer","name":"Microsoft Internet Explorer Use-After-Free Vulnerability","date_added":"2026-05-20","description":"Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-03","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0249","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2009-1537","vendor":"Microsoft","product":"DirectX","name":"Microsoft DirectX NULL Byte Overwrite Vulnerability","date_added":"2026-05-20","description":"Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-03","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-1537","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2008-4250","vendor":"Microsoft","product":"Windows","name":"Microsoft Windows Buffer Overflow Vulnerability","date_added":"2026-05-20","description":"Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-06-03","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-4250","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-42897","vendor":"Microsoft","product":"Microsoft","name":"Microsoft Exchange Server Cross-Site Scripting Vulnerability","date_added":"2026-05-15","description":"Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be executed in the browser context.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-05-29","known_ransomware":false,"cvss_score":8.1,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42897","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20182","vendor":"Cisco","product":"Catalyst SD-WAN","name":"Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability","date_added":"2026-05-14","description":"Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.","required_action":"Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.","remediation_due":"2026-05-17","known_ransomware":false,"cvss_score":10,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20182","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-6973","vendor":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","name":"Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability","date_added":"2026-05-07","description":"Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-05-10","known_ransomware":false,"cvss_score":7.2,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-6973","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-0300","vendor":"Palo Alto Networks","product":"PAN-OS","name":"Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability","date_added":"2026-05-06","description":"Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Until the vendor releases an official fix, the following workaround should be implemented:  - Restrict User-ID Authentication Portal access to only trusted zones.  - Disable User-ID Authentication Portal if not required. 5/13/2026: Palo Alto has released a variety of patches. If these are relevant to your environment, please apply the designated patch.","remediation_due":"2026-05-09","known_ransomware":false,"cvss_score":9.8,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0300","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-32202","vendor":"Microsoft","product":"Windows","name":"Microsoft Windows Protection Mechanism Failure Vulnerability","date_added":"2026-04-28","description":"Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-05-12","known_ransomware":false,"cvss_score":4.3,"cvss_severity":"MEDIUM","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32202","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2025-29635","vendor":"D-Link","product":"DIR-823X","name":"D-Link DIR-823X Command Injection Vulnerability","date_added":"2026-04-24","description":"D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/set_prohibiting via the corresponding function. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-05-08","known_ransomware":false,"cvss_score":7.2,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-29635","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-33825","vendor":"Microsoft","product":"Defender","name":"Microsoft Defender Insufficient Granularity of Access Control Vulnerability","date_added":"2026-04-22","description":"Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-05-06","known_ransomware":false,"cvss_score":7.8,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33825","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20133","vendor":"Cisco","product":"Catalyst SD-WAN Manager","name":"Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability","date_added":"2026-04-20","description":"Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems.","required_action":"Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.","remediation_due":"2026-04-23","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20133","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20128","vendor":"Cisco","product":"Catalyst SD-WAN Manager","name":"Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability","date_added":"2026-04-20","description":"Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.","required_action":"Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.","remediation_due":"2026-04-23","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20128","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20122","vendor":"Cisco","product":"Catalyst SD-WAN Manger","name":"Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability","date_added":"2026-04-20","description":"Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.","required_action":"Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.","remediation_due":"2026-04-23","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20122","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-32201","vendor":"Microsoft","product":"SharePoint Server","name":"Microsoft SharePoint Server Improper Input Validation Vulnerability","date_added":"2026-04-14","description":"Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-28","known_ransomware":false,"cvss_score":6.5,"cvss_severity":"MEDIUM","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32201","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2009-0238","vendor":"Microsoft","product":"Office","name":"Microsoft Office Remote Code Execution","date_added":"2026-04-14","description":"Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-28","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0238","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-21643","vendor":"Fortinet","product":"FortiClient EMS","name":"Fortinet FortiClient EMS SQL Injection Vulnerability","date_added":"2026-04-13","description":"Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-16","known_ransomware":false,"cvss_score":9.8,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21643","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2025-60710","vendor":"Microsoft","product":"Windows","name":"Microsoft Windows Link Following Vulnerability","date_added":"2026-04-13","description":"Microsoft Windows contains a link following vulnerability that allows for privilege escalation","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-27","known_ransomware":false,"cvss_score":7.8,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-60710","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2023-36424","vendor":"Microsoft","product":"Windows","name":"Microsoft Windows Out-of-Bounds Read Vulnerability","date_added":"2026-04-13","description":"Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-27","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-36424","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2023-21529","vendor":"Microsoft","product":"Exchange Server","name":"Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability","date_added":"2026-04-13","description":"Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-27","known_ransomware":true,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-21529","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2012-1854","vendor":"Microsoft","product":"Visual Basic for Applications (VBA)","name":"Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability","date_added":"2026-04-13","description":"Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-27","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-1854","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-1340","vendor":"Ivanti","product":"Endpoint Manager Mobile (EPMM)","name":"Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability","date_added":"2026-04-08","description":"Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-11","known_ransomware":false,"cvss_score":9.8,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1340","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-35616","vendor":"Fortinet","product":"FortiClient EMS","name":"Fortinet FortiClient EMS Improper Access Control Vulnerability","date_added":"2026-04-06","description":"Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-09","known_ransomware":false,"cvss_score":9.8,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35616","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-5281","vendor":"Google","product":"Dawn","name":"Google Dawn Use-After-Free Vulnerability","date_added":"2026-04-01","description":"Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-15","known_ransomware":false,"cvss_score":8.8,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5281","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-3055","vendor":"Citrix","product":"NetScaler","name":"Citrix NetScaler Out-of-Bounds Read Vulnerability","date_added":"2026-03-30","description":"Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-02","known_ransomware":false,"cvss_score":9.8,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-3055","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2025-53521","vendor":"F5","product":"BIG-IP","name":"F5 BIG-IP Stack-Based Buffer Overflow Vulnerability","date_added":"2026-03-27","description":"F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-30","known_ransomware":false,"cvss_score":9.8,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-53521","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2025-43520","vendor":"Apple","product":"Multiple Products","name":"Apple Multiple Products Classic Buffer Overflow Vulnerability","date_added":"2026-03-20","description":"Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system termination or write kernel memory.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-03","known_ransomware":false,"cvss_score":5.5,"cvss_severity":"MEDIUM","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43520","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2025-43510","vendor":"Apple","product":"Multiple Products","name":"Apple Multiple Products Improper Locking Vulnerability","date_added":"2026-03-20","description":"Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-03","known_ransomware":false,"cvss_score":7.8,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43510","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2025-31277","vendor":"Apple","product":"Multiple Products","name":"Apple Multiple Products Buffer Overflow Vulnerability","date_added":"2026-03-20","description":"Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web content which may lead to memory corruption.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-04-03","known_ransomware":false,"cvss_score":8.8,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-31277","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20131","vendor":"Cisco","product":"Secure Firewall Management Center (FMC)","name":"Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability","date_added":"2026-03-19","description":"Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-22","known_ransomware":true,"cvss_score":10,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20131","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20963","vendor":"Microsoft","product":"SharePoint","name":"Microsoft SharePoint Deserialization of Untrusted Data Vulnerability","date_added":"2026-03-18","description":"Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-21","known_ransomware":false,"cvss_score":9.8,"cvss_severity":"CRITICAL","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20963","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-3910","vendor":"Google","product":"Chromium V8","name":"Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability","date_added":"2026-03-13","description":"Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-27","known_ransomware":false,"cvss_score":8.8,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-3910","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-3909","vendor":"Google","product":"Skia","name":"Google Skia Out-of-Bounds Write Vulnerability","date_added":"2026-03-13","description":"Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-27","known_ransomware":false,"cvss_score":8.8,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-3909","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-1603","vendor":"Ivanti","product":" Endpoint Manager (EPM)","name":"Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability","date_added":"2026-03-09","description":"Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credential data.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-23","known_ransomware":false,"cvss_score":8.6,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-1603","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2023-43000","vendor":"Apple","product":"Multiple Products","name":"Apple Multiple products Use-After-Free Vulnerability","date_added":"2026-03-05","description":"Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously crafted web content that may lead to memory corruption.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-26","known_ransomware":false,"cvss_score":8.8,"cvss_severity":"HIGH","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43000","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2023-41974","vendor":"Apple","product":"iOS and iPadOS","name":"Apple iOS and iPadOS Use-After-Free Vulnerability","date_added":"2026-03-05","description":"Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel privileges.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-26","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41974","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2021-30952","vendor":"Apple","product":"Multiple Products","name":"Apple Multiple Products Integer Overflow or Wraparound Vulnerability","date_added":"2026-03-05","description":"Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content that may lead to arbitrary code execution.","required_action":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","remediation_due":"2026-03-26","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-30952","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2026-20127","vendor":"Cisco","product":"Catalyst SD-WAN Controller and Manager","name":"Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability","date_added":"2026-02-25","description":"Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.","required_action":"Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.","remediation_due":"2026-02-27","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20127","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"},{"cve_id":"CVE-2022-20775","vendor":"Cisco","product":"SD-WAN","name":"Cisco SD-WAN Path Traversal Vulnerability","date_added":"2026-02-25","description":"Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.","required_action":"Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.","remediation_due":"2026-02-27","known_ransomware":false,"cvss_score":null,"cvss_severity":null,"nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-20775","cisa_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog"}],"_voidly_pay":{"claim_did":"https://voidly.ai/pay/claim","for_builders":"https://voidly.ai/pay/for-builders","marketplace":"https://api.voidly.ai/v1/pay/marketplace","live_demo":"https://huggingface.co/spaces/emperor-mew/voidly-pay","universal_proxy":{"url":"https://api.voidly.ai/v1/pay/proxy","example":"https://api.voidly.ai/v1/pay/proxy?u=<https-url>&to=did:voidly:<your-did>&price=0.01","page":"https://voidly.ai/pay/proxy","note":"Paywall any public HTTPS URL with one query param. No SDK install required."},"install":{"typescript":"npm install @voidly/pay","python":"pip install voidly-pay","langchain":"pip install voidly-pay-langchain","vercel_ai":"npm install @voidly/pay-vercel-ai","mcp":"npx @voidly/pay-mcp","cli":"npm install -g @voidly/pay-cli"},"note":"Voidly Pay is the open agent-to-agent payment rail. Claim a DID + 10 starter credits in 60s, or paywall any URL via the universal proxy with one query param."}}