| | CVE-2024-42455 |  Veeam | high | 8.1 | — | | A vulnerability in Veeam Backup & Replication allows a low-privileged user to connect to remoting se… | Dec 4, 2024 | Apr 24, 2025 |
| | CVE-2024-42456 | Veeam | high | 8.8 | — | | A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific … | Dec 4, 2024 | Apr 24, 2025 |
| | CVE-2024-42457 | Veeam | medium | 6.5 | — | | A vulnerability in Veeam Backup & Replication allows users with certain operator roles to expose sav… | Dec 4, 2024 | Apr 24, 2025 |
| | CVE-2024-45204 | Veeam | medium | 4.3 | — | | A vulnerability exists where a low-privileged user can exploit insufficient permissions in credentia… | Dec 4, 2024 | Apr 24, 2025 |
| | CVE-2024-45206 | Veeam | medium | 6.5 | — | | A vulnerability in Veeam Service Provider Console has been identified, which allows to perform arbit… | Dec 4, 2024 | Jul 2, 2025 |
| | CVE-2024-45207 | Veeam | high | 7.0 | — | | DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes insecure l… | Dec 4, 2024 | Jul 2, 2025 |
| | CVE-2025-23082 | Veeam | high | 7.2 | — | | Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may allow… | Jan 14, 2025 | Nov 18, 2025 |
| | CVE-2024-27778 |  Fortinet | high | 8.8 | 0.5%
| | An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerab… | Jan 14, 2025 | Jan 14, 2026 |
| | CVE-2024-45326 | Fortinet | medium | 4.3 | 0.3%
| | An Improper Access Control vulnerability [CWE-284] vulnerability in Fortinet FortiDeceptor 6.0.0, Fo… | Jan 14, 2025 | Feb 4, 2026 |
| | CVE-2024-48884 | Fortinet | high | 7.5 | 39.3%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Jan 14, 2025 | Jan 14, 2026 |
| | CVE-2024-50566 | Fortinet | high | 7.2 | 0.3%
| | A improper neutralization of special elements used in an os command ('os command injection') vulnera… | Jan 14, 2025 | Jan 14, 2026 |
| | CVE-2024-35280 | Fortinet | medium | 5.4 | 0.6%
| | A improper neutralization of input during web page generation ('cross-site scripting') vulnerability… | Jan 15, 2025 | Feb 4, 2026 |
| | CVE-2024-48885 | Fortinet | medium | 5.3 | 0.3%
| | A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fo… | Jan 16, 2025 | Jan 14, 2026 |
| | CVE-2022-23439 | Fortinet | medium | 4.7 | 0.2%
| | A externally controlled reference to a resource in another sphere vulnerability in Fortinet allows … | Jan 22, 2025 | Jan 14, 2026 |
| | CVE-2025-20204 |  Cisco | medium | 4.8 | 0.0%
| | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (IS… | Feb 5, 2025 | May 6, 2026 |
| | CVE-2025-20205 | Cisco | medium | 4.8 | 0.0%
| | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (IS… | Feb 5, 2025 | May 6, 2026 |
| | CVE-2025-23239 |  F5 | high | 8.7 | 0.4%
| | When running in Appliance mode, and logged into a highly-privileged role, an authenticated remote co… | Feb 5, 2025 | Feb 4, 2026 |
| | CVE-2025-23419 | F5 | medium | 4.3 | 0.6%
| | When multiple server blocks are configured to share the same IP address and port, an attacker can us… | Feb 5, 2025 | Jan 27, 2026 |
| | CVE-2025-24319 | F5 | medium | 6.5 | 0.3%
| | When BIG-IP Next Central Manager is running, undisclosed requests to the BIG-IP Next Central Manager… | Feb 5, 2025 | Feb 4, 2026 |
| | CVE-2024-11831 |  Apache | medium | 5.4 | 1.7%
| | A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascr… | Feb 10, 2025 | Mar 18, 2026 |
| | CVE-2023-40721 | Fortinet | medium | 6.7 | 0.0%
| | A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allo… | Feb 11, 2025 | Jan 14, 2026 |
| | CVE-2024-27781 | Fortinet | high | 7.1 | 0.3%
| | An improper neutralization of input during web page generation ('cross-site scripting') vulnerabilit… | Feb 11, 2025 | Jan 14, 2026 |
| | CVE-2025-26466 | Fortinet | medium | 5.9 | 42.5%
| | A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet… | Feb 28, 2025 | Feb 10, 2026 |
| | CVE-2024-52961 | Fortinet | high | 8.8 | 0.2%
| | An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerab… | Mar 11, 2025 | Jan 14, 2026 |
| | CVE-2024-54026 | Fortinet | medium | 4.3 | 0.1%
| | An improper neutralization of special elements used in an sql command ('sql injection') in Fortinet … | Mar 11, 2025 | Jan 14, 2026 |
| | CVE-2025-26627 |  Microsoft | high | 7.0 | 0.1%
| | Improper neutralization of special elements used in a command ('command injection') in Azure Arc all… | Mar 11, 2025 | Jan 20, 2026 |
| | CVE-2024-47552 | Apache | critical | 9.8 | 0.2%
| | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).
This issue affect… | Mar 20, 2025 | Mar 30, 2026 |
| | CVE-2025-23120 | Veeam | high | 8.8 | — | | A vulnerability allowing remote code execution (RCE) for domain users. | Mar 20, 2025 | Apr 2, 2025 |
| | CVE-2023-37930 | Fortinet | high | 7.5 | 0.6%
| | Multiple issues including the use of uninitialized ressources [CWE-908] and excessive iteration [CWE… | Apr 8, 2025 | Jan 14, 2026 |
| | CVE-2025-25002 | Microsoft | medium | 6.8 | 1.8%
| | Insertion of sensitive information into log file in Azure Local Cluster allows an authorized attacke… | Apr 8, 2025 | Jan 16, 2026 |
| | CVE-2025-26628 | Microsoft | high | 7.3 | 0.8%
| | Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclos… | Apr 8, 2025 | Jan 16, 2026 |
| | CVE-2025-1697 |  HPE | high | 7.8 | 0.1%
| | A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for ce… | Apr 18, 2025 | Feb 24, 2026 |
| | CVE-2025-29813 | Microsoft | critical | 10.0 | 1.9%
| | Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to e… | May 8, 2025 | Feb 13, 2026 |
| | CVE-2025-29972 | Microsoft | critical | 9.9 | 4.5%
| | Server-side request forgery (ssrf) in Azure Storage Resource Provider allows an authorized attacker … | May 8, 2025 | Feb 13, 2026 |
| | CVE-2025-47732 | Microsoft | high | 8.7 | 2.7%
| | Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute co… | May 8, 2025 | Feb 13, 2026 |
| | CVE-2024-35281 | Fortinet | low | 2.5 | 0.1%
| | An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7.4.… | May 13, 2025 | Feb 5, 2026 |
| | CVE-2025-32756 | Fortinet | critical | 9.8 | 41.6%
| ⚠ KEV | A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 th… | May 13, 2025 | Jan 14, 2026 |
| | CVE-2025-4123 |  Grafana | high | 7.6 | 3.9%
| | A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path trave… | May 22, 2025 | Apr 29, 2026 |
| | CVE-2025-24473 | Fortinet | low | 3.7 | 0.1%
| | A exposure of sensitive system information to an unauthorized control sphere vulnerability in Fortin… | May 28, 2025 | Jan 8, 2026 |
| | CVE-2025-48734 | Apache | medium | — | 0.3%
| | Improper Access Control vulnerability in Apache Commons.
A special BeanIntrospector class was add… | May 28, 2025 | Apr 29, 2026 |
| | CVE-2025-43026 | HPE | high | 7.8 | 0.0%
| | A potential security vulnerability has been identified in the HP Support Assistant for versions prio… | Jun 5, 2025 | Jan 13, 2026 |
| | CVE-2025-22254 | Fortinet | medium | 6.6 | 0.1%
| | An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 thr… | Jun 10, 2025 | Jan 14, 2026 |
| | CVE-2025-47176 | Microsoft | high | 7.8 | 0.5%
| | '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. | Jun 10, 2025 | Feb 13, 2026 |
| | CVE-2025-32711 | Microsoft | critical | 9.3 | 3.4%
| | Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a … | Jun 11, 2025 | Feb 20, 2026 |
| | CVE-2025-23121 | Veeam | high | 8.8 | — | | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain… | Jun 19, 2025 | Jul 15, 2025 |
| | CVE-2025-24286 | Veeam | high | 7.2 | — | | A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, … | Jun 19, 2025 | Jul 16, 2025 |
| | CVE-2025-3722 |  Trellix | medium | 4.4 | 0.0%
| | A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an auth… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-3771 | Trellix | high | 7.1 | 0.0%
| | A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authent… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-3773 | Trellix | medium | 5.5 | 0.0%
| | A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-32897 | Apache | critical | 9.8 | 0.3%
| | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).
This security vulnera… | Jun 28, 2025 | Mar 30, 2026 |