| | CVE-2025-20333 | Cisco | critical | 9.9 | 29.2%
| ⚠ KEV | A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Sof… | Sep 25, 2025 | Jun 17, 2026 |
| | CVE-2025-20362 | Cisco | medium | 6.5 | 83.7%
| ⚠ KEV | Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisc… | Sep 25, 2025 | Jun 17, 2026 |
| | CVE-2025-20363 | Cisco | critical | 9.0 | 2.4%
| | A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Softw… | Sep 25, 2025 | Feb 10, 2026 |
| | CVE-2025-10578 | HPE | high | 7.8 | 0.0%
| | A potential security vulnerability has been identified in the HP Support Assistant for versions prio… | Oct 1, 2025 | Jan 16, 2026 |
| | CVE-2025-22862 | Fortinet | medium | 6.7 | 0.0%
| | An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] in FortiOS 7.4.0… | Oct 2, 2025 | Jun 9, 2026 |
| | CVE-2025-58903 | Fortinet | low | 2.5 | 0.1%
| | An Unchecked Return Value vulnerability [CWE-252] in Fortinet FortiOS version 7.6.0 through 7.6.3 an… | Oct 14, 2025 | Jun 9, 2026 |
| | CVE-2024-47569 | Fortinet | medium | 4.3 | 0.0%
| | A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 throug… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2024-50571 | Fortinet | high | 7.2 | 0.1%
| | A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.2, FortiAnaly… | Oct 14, 2025 | Jan 27, 2026 |
| | CVE-2025-25253 | Fortinet | high | 7.5 | 0.0%
| | An Improper Validation of Certificate with Host Mismatch vulnerability [CWE-297] in FortiProxy versi… | Oct 14, 2025 | Jun 9, 2026 |
| | CVE-2025-25255 | Fortinet | medium | 5.3 | 0.0%
| | An Improperly Implemented Security Check for Standard vulnerability [CWE-358] vulnerability in Forti… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2025-31366 | Fortinet | medium | 4.7 | 0.4%
| | An Improper Neutralization of Input During Web Page Generation vulnerability [CWE-79] vulnerability … | Oct 14, 2025 | Jul 8, 2026 |
| | CVE-2025-31514 | Fortinet | low | 2.7 | 0.0%
| | A insertion of sensitive information into log file vulnerability in Fortinet FortiOS 7.6.0 through 7… | Oct 14, 2025 | Jun 9, 2026 |
| | CVE-2025-47890 | Fortinet | low | 2.6 | 0.2%
| | An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6… | Oct 14, 2025 | Jul 8, 2026 |
| | CVE-2025-49201 | Fortinet | high | 8.1 | 0.1%
| | A weak authentication vulnerability in Fortinet FortiPAM 1.5.0, FortiPAM 1.4.0 through 1.4.2, FortiP… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2025-54822 | Fortinet | medium | 4.3 | 0.0%
| | An improper authorization vulnerability [CWE-285] vulnerability in Fortinet FortiOS 7.4.0 through 7.… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2025-57740 | Fortinet | high | 7.5 | 0.1%
| | An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS version 7.6.2 and below, version 7.… | Oct 14, 2025 | Jun 9, 2026 |
| | CVE-2025-53782 | Microsoft | high | 8.4 | 0.3%
| | Incorrect implementation of authentication algorithm in Microsoft Exchange Server allows an unauthor… | Oct 14, 2025 | Jun 15, 2026 |
| | CVE-2025-59213 | Microsoft | high | 8.8 | 0.1%
| | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Co… | Oct 14, 2025 | Feb 13, 2026 |
| | CVE-2025-59248 | Microsoft | high | 7.5 | 0.9%
| | Improper input validation in Microsoft Exchange Server allows an unauthorized attacker to perform sp… | Oct 14, 2025 | Jun 15, 2026 |
| | CVE-2025-59249 | Microsoft | high | 8.8 | 0.7%
| | Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate privileges… | Oct 14, 2025 | Jun 15, 2026 |
| | CVE-2025-53521 | F5 | critical | 9.8 | 8.8%
| ⚠ KEV | When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can le… | Oct 15, 2025 | Apr 2, 2026 |
| | CVE-2025-53868 | F5 | high | 8.7 | 0.0%
| | When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SF… | Oct 15, 2025 | Feb 4, 2026 |
| | CVE-2025-54755 | F5 | medium | 4.9 | 0.2%
| | A directory traversal vulnerability exists in TMUI that allows a highly privileged authenticated att… | Oct 15, 2025 | Jan 27, 2026 |
| | CVE-2025-58153 | F5 | medium | 5.9 | 0.0%
| | Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware s… | Oct 15, 2025 | Feb 4, 2026 |
| | CVE-2025-58424 | F5 | medium | 5.3 | 0.0%
| | On BIG-IP systems, undisclosed traffic can cause data corruption and unauthorized data modification … | Oct 15, 2025 | Feb 4, 2026 |
| | CVE-2025-59481 | F5 | high | 8.7 | 0.0%
| | A vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may… | Oct 15, 2025 | Feb 4, 2026 |
| | CVE-2025-61958 | F5 | high | 8.7 | 0.0%
| | A vulnerability exists in the iHealth command that may allow an authenticated attacker with at least… | Oct 15, 2025 | Feb 4, 2026 |
| | CVE-2025-20360 | Cisco | medium | 5.8 | 0.1%
| | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow… | Oct 15, 2025 | Feb 12, 2026 |
| | CVE-2025-54658 | Fortinet | high | 7.2 | 0.2%
| | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE… | Oct 16, 2025 | Jul 8, 2026 |
| | CVE-2025-53951 | Fortinet | medium | 4.9 | 0.2%
| | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE… | Oct 16, 2025 | Jul 8, 2026 |
| | CVE-2025-55752 | Apache | high | 7.5 | 0.1%
| | Relative Path Traversal vulnerability in Apache Tomcat.
The fix for bug 60013 introduced a regressi… | Oct 27, 2025 | May 12, 2026 |
| | CVE-2025-55754 | Apache | critical | 9.6 | 0.1%
| | Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat.
Tomca… | Oct 27, 2025 | May 12, 2026 |
| | CVE-2025-61795 | Apache | medium | 5.3 | 0.1%
| | Improper Resource Shutdown or Release vulnerability in Apache Tomcat.
If an error occurred (includi… | Oct 27, 2025 | May 12, 2026 |
| | CVE-2025-48982 | Veeam | high | 7.8 | — | | This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation if a s… | Oct 31, 2025 | Dec 1, 2025 |
| | CVE-2025-48983 | Veeam | critical | 9.9 | — | | A vulnerability in the Mount service of Veeam Backup & Replication, which allows for remote code exe… | Oct 31, 2025 | Dec 1, 2025 |
| | CVE-2025-48984 | Veeam | high | 8.8 | — | | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain… | Oct 31, 2025 | Nov 11, 2025 |
| | CVE-2025-11761 | HPE | high | 7.8 | 0.0%
| | A potential security vulnerability has been identified in the HP Client Management Script Library so… | Nov 3, 2025 | Jan 21, 2026 |
| | CVE-2025-60710 | Microsoft | high | 7.8 | 0.2%
| ⚠ KEV | Improper link resolution before file access ('link following') in Host Process for Windows Tasks all… | Nov 11, 2025 | Apr 14, 2026 |
| | CVE-2025-30398 | Microsoft | high | 8.1 | 0.8%
| | Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information … | Nov 11, 2025 | Jun 29, 2026 |
| | CVE-2025-40119 | Check Point | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
ext4: fix potential null deref … | Nov 12, 2025 | Mar 13, 2026 |
| | CVE-2025-54821 | Fortinet | low | 1.8 | 0.1%
| | An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 thr… | Nov 18, 2025 | Jun 23, 2026 |
| | CVE-2025-53843 | Fortinet | medium | 6.9 | 0.0%
| | A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 t… | Nov 18, 2025 | Jun 9, 2026 |
| | CVE-2025-54972 | Fortinet | medium | 4.3 | 0.0%
| | An improper neutralization of crlf sequences ('crlf injection') vulnerability in Fortinet FortiMail … | Nov 18, 2025 | Jan 14, 2026 |
| | CVE-2025-58413 | Fortinet | high | 7.5 | 0.0%
| | A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 t… | Nov 18, 2025 | Jun 9, 2026 |
| | CVE-2025-58692 | Fortinet | high | 8.8 | 0.0%
| | An improper neutralization of special elements used in an SQL Command ("SQL Injection") vulnerabilit… | Nov 18, 2025 | Jan 14, 2026 |
| | CVE-2025-41115 | Grafana | critical | 10.0 | 17.0%
| | SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how org… | Nov 21, 2025 | Jun 17, 2026 |
| | CVE-2025-64657 | Microsoft | critical | 9.8 | 0.1%
| | Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to elevate … | Nov 26, 2025 | Feb 13, 2026 |
| | CVE-2025-54057 | Apache | medium | 6.1 | 0.4%
| | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Apach… | Nov 27, 2025 | Apr 13, 2026 |
| | CVE-2024-3884 | Apache | high | 7.5 | 0.1%
| | A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses t… | Dec 3, 2025 | Jun 8, 2026 |
| | CVE-2025-62631 | Fortinet | medium | 5.3 | 0.0%
| | An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, … | Dec 9, 2025 | May 12, 2026 |