| | CVE-2025-1697 | HPE | high | 7.8 | 0.1%
| | A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for ce… | Apr 18, 2025 | Feb 24, 2026 |
| | CVE-2025-3891 | Apache | high | 7.5 | 1.2%
| | A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthe… | Apr 29, 2025 | Jun 29, 2026 |
| | CVE-2025-29813 | Microsoft | critical | 10.0 | 1.9%
| | Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to e… | May 8, 2025 | Feb 13, 2026 |
| | CVE-2025-29972 | Microsoft | critical | 9.9 | 4.5%
| | Server-side request forgery (ssrf) in Azure Storage Resource Provider allows an authorized attacker … | May 8, 2025 | Feb 13, 2026 |
| | CVE-2025-47732 | Microsoft | high | 8.7 | 2.7%
| | Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute co… | May 8, 2025 | Feb 13, 2026 |
| | CVE-2024-35281 | Fortinet | low | 2.5 | 0.1%
| | An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7.4.… | May 13, 2025 | Feb 5, 2026 |
| | CVE-2025-32756 | Fortinet | critical | 9.8 | 41.6%
| ⚠ KEV | A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 th… | May 13, 2025 | Jan 14, 2026 |
| | CVE-2025-4123 | Grafana | high | 7.6 | 3.9%
| | A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path trave… | May 22, 2025 | Apr 29, 2026 |
| | CVE-2025-24473 | Fortinet | low | 3.7 | 0.1%
| | A exposure of sensitive system information to an unauthorized control sphere vulnerability in Fortin… | May 28, 2025 | Jan 8, 2026 |
| | CVE-2025-48734 | Apache | medium | — | 0.3%
| | Improper Access Control vulnerability in Apache Commons.
A special BeanIntrospector class was add… | May 28, 2025 | Apr 29, 2026 |
| | CVE-2025-43026 | HPE | high | 7.8 | 0.0%
| | A potential security vulnerability has been identified in the HP Support Assistant for versions prio… | Jun 5, 2025 | Jan 13, 2026 |
| | CVE-2025-25250 | Fortinet | low | 3.9 | 0.4%
| | An Exposure of Sensitive Information to an Unauthorized Actor vulnerability [CWE-200] vulnerability … | Jun 10, 2025 | Jun 23, 2026 |
| | CVE-2024-50562 | Fortinet | medium | 4.8 | 0.8%
| | An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version… | Jun 10, 2025 | Jun 9, 2026 |
| | CVE-2025-22254 | Fortinet | medium | 6.6 | 0.1%
| | An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 thr… | Jun 10, 2025 | Jan 14, 2026 |
| | CVE-2025-24471 | Fortinet | medium | 6.5 | 0.1%
| | An Improper Certificate Validation vulnerability [CWE-295] in FortiOS version 7.6.1 and below, versi… | Jun 10, 2025 | Jun 9, 2026 |
| | CVE-2025-47176 | Microsoft | high | 7.8 | 0.5%
| | '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. | Jun 10, 2025 | Feb 13, 2026 |
| | CVE-2025-32711 | Microsoft | critical | 9.3 | 3.4%
| | Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a … | Jun 11, 2025 | Feb 20, 2026 |
| | CVE-2025-23121 | Veeam | high | 8.8 | — | | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain… | Jun 19, 2025 | Jul 15, 2025 |
| | CVE-2025-24286 | Veeam | high | 7.2 | — | | A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, … | Jun 19, 2025 | Jul 16, 2025 |
| | CVE-2025-3722 | Trellix | medium | 4.4 | 0.0%
| | A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an auth… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-3771 | Trellix | high | 7.1 | 0.0%
| | A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authent… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-3773 | Trellix | medium | 5.5 | 0.0%
| | A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-32897 | Apache | critical | 9.8 | 0.3%
| | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).
This security vulnera… | Jun 28, 2025 | Mar 30, 2026 |
| | CVE-2025-43025 | HPE | high | 7.5 | 0.1%
| | HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in v… | Jul 2, 2025 | Jan 20, 2026 |
| | CVE-2024-55599 | Fortinet | medium | 5.3 | 0.2%
| | An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6… | Jul 8, 2025 | Jun 9, 2026 |
| | CVE-2025-43019 | HPE | high | 7.8 | 0.0%
| | A potential security vulnerability has been identified in the HP Support Assistant, which allows a l… | Jul 8, 2025 | Jan 20, 2026 |
| | CVE-2025-49731 | Microsoft | low | 3.1 | 0.1%
| | Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized … | Jul 8, 2025 | Feb 13, 2026 |
| | CVE-2025-49737 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Micro… | Jul 8, 2025 | Feb 13, 2026 |
| | CVE-2025-49756 | Microsoft | low | 3.3 | 0.0%
| | Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized a… | Jul 8, 2025 | Feb 13, 2026 |
| | CVE-2025-47963 | Microsoft | medium | 6.3 | 0.1%
| | No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform … | Jul 11, 2025 | Feb 13, 2026 |
| | CVE-2025-47964 | Microsoft | medium | 5.4 | 0.0%
| | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Jul 11, 2025 | Feb 13, 2026 |
| | CVE-2025-20272 | Cisco | medium | 4.3 | 0.3%
| | A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure and Cisco Evolved Programmabl… | Jul 16, 2025 | Jun 29, 2026 |
| | CVE-2025-25257 | Fortinet | critical | 9.8 | 28.1%
| ⚠ KEV | An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerabilit… | Jul 17, 2025 | Feb 20, 2026 |
| | CVE-2025-43023 | HPE | critical | 9.1 | 0.0%
| | A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software… | Jul 28, 2025 | Jan 16, 2026 |
| | CVE-2025-53786 | Microsoft | high | 8.0 | 7.4%
| | On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and … | Aug 6, 2025 | Jun 15, 2026 |
| | CVE-2025-25005 | Microsoft | medium | 6.5 | 1.3%
| | Improper input validation in Microsoft Exchange Server allows an authorized attacker to perform tamp… | Aug 12, 2025 | Jun 15, 2026 |
| | CVE-2025-25006 | Microsoft | medium | 5.3 | 0.8%
| | Improper handling of additional special element in Microsoft Exchange Server allows an unauthorized … | Aug 12, 2025 | Jun 15, 2026 |
| | CVE-2025-25007 | Microsoft | medium | 5.3 | 0.8%
| | Improper validation of syntactic correctness of input in Microsoft Exchange Server allows an unautho… | Aug 12, 2025 | Jun 15, 2026 |
| | CVE-2025-33051 | Microsoft | high | 7.5 | 1.1%
| | Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an un… | Aug 12, 2025 | Jun 15, 2026 |
| | CVE-2025-53744 | Fortinet | medium | 6.8 | 0.7%
| | An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 t… | Aug 12, 2025 | Jun 9, 2026 |
| | CVE-2023-45584 | Fortinet | medium | 6.6 | 0.2%
| | A double free vulnerability [CWE-415] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through… | Aug 12, 2025 | Jan 14, 2026 |
| | CVE-2024-26009 | Fortinet | high | 8.1 | 0.1%
| | An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet Fort… | Aug 12, 2025 | Apr 20, 2026 |
| | CVE-2024-40588 | Fortinet | medium | 4.4 | 0.0%
| | Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 … | Aug 12, 2025 | Jan 14, 2026 |
| | CVE-2025-25248 | Fortinet | medium | 5.3 | 0.2%
| | An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, versio… | Aug 12, 2025 | Jun 9, 2026 |
| | CVE-2025-48989 | Apache | high | 7.5 | 0.5%
| | Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the m… | Aug 13, 2025 | May 12, 2026 |
| | CVE-2025-54500 | F5 | medium | 5.3 | 0.1%
| | An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control fr… | Aug 13, 2025 | Feb 4, 2026 |
| | CVE-2012-10062 | Apache | high | 8.7 | 58.0%
| | A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration … | Aug 30, 2025 | May 15, 2026 |
| | CVE-2025-9784 | Apache | high | 7.5 | 2.2%
| | A flaw was found in Undertow where malformed client requests can trigger server-side stream resets w… | Sep 2, 2025 | Jun 30, 2026 |
| | CVE-2025-43491 | HPE | critical | 9.8 | 0.0%
| | A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow mod… | Sep 9, 2025 | Jan 16, 2026 |
| | CVE-2025-55319 | Microsoft | high | 8.8 | 0.1%
| | Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute… | Sep 12, 2025 | Feb 20, 2026 |