| | CVE-2025-47855 |  Fortinet | critical | 9.8 | 1.2%
| | An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in Fortinet Fo… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2025-58693 | Fortinet | medium | 6.5 | 0.2%
| | An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in F… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2025-59922 | Fortinet | high | 7.2 | 0.1%
| | An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerabilit… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2025-64155 | Fortinet | critical | 9.8 | 0.0%
| | An improper neutralization of special elements used in an os command ('os command injection') vulner… | Jan 13, 2026 | Jan 20, 2026 |
| | CVE-2025-67685 | Fortinet | low | 3.8 | 0.0%
| | A Server-Side Request Forgery (SSRF) vulnerability [CWE-918] vulnerability in Fortinet FortiSandbox … | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20963 |  Microsoft | critical | 9.8 | 6.2%
| ⚠ KEV | Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to … | Jan 13, 2026 | Apr 2, 2026 |
| | CVE-2025-37165 |  HPE | high | 7.5 | 0.0%
| | A vulnerability in the router mode configuration of HPE Instant On Access Points exposed certain net… | Jan 13, 2026 | Mar 2, 2026 |
| | CVE-2025-37166 | HPE | high | 7.5 | 0.0%
| | A vulnerability affecting HPE Networking Instant On Access Points has been identified where a device… | Jan 13, 2026 | Feb 26, 2026 |
| | CVE-2026-20803 | Microsoft | high | 7.2 | 0.1%
| | Missing authentication for critical function in SQL Server allows an authorized attacker to elevate … | Jan 13, 2026 | Jan 16, 2026 |
| | CVE-2026-20822 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Microsoft Graphics Component allows an authorized attacker to elevate privileges l… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20943 | Microsoft | high | 7.0 | 0.0%
| | Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally. | Jan 13, 2026 | Jan 16, 2026 |
| | CVE-2026-20944 | Microsoft | high | 8.4 | 0.0%
| | Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally. | Jan 13, 2026 | Jan 16, 2026 |
| | CVE-2026-20946 | Microsoft | high | 7.8 | 0.0%
| | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally… | Jan 13, 2026 | Jan 16, 2026 |
| | CVE-2026-20947 | Microsoft | high | 8.8 | 0.1%
| | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Of… | Jan 13, 2026 | Jan 16, 2026 |
| | CVE-2026-20948 | Microsoft | high | 7.8 | 0.0%
| | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute co… | Jan 13, 2026 | Jan 16, 2026 |
| | CVE-2026-20949 | Microsoft | high | 7.8 | 0.0%
| | Improper access control in Microsoft Office Excel allows an unauthorized attacker to bypass a securi… | Jan 13, 2026 | Jan 16, 2026 |
| | CVE-2026-20950 | Microsoft | high | 7.8 | 0.0%
| | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20951 | Microsoft | high | 7.8 | 0.1%
| | Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute … | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20952 | Microsoft | high | 8.4 | 0.0%
| | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20953 | Microsoft | high | 8.4 | 0.0%
| | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20955 | Microsoft | high | 7.8 | 0.1%
| | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute c… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20956 | Microsoft | high | 7.8 | 0.1%
| | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute c… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20957 | Microsoft | high | 7.8 | 0.1%
| | Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to … | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20958 | Microsoft | medium | 5.4 | 0.1%
| | Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to d… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20959 | Microsoft | medium | 4.6 | 0.1%
| | Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Of… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-20965 | Microsoft | high | 7.5 | 0.0%
| | Improper verification of cryptographic signature in Windows Admin Center allows an authorized attack… | Jan 13, 2026 | Jan 16, 2026 |
| | CVE-2026-21219 | Microsoft | high | 7.0 | 0.1%
| | Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | Jan 13, 2026 | Feb 9, 2026 |
| | CVE-2026-21224 | Microsoft | high | 7.8 | 0.1%
| | Stack-based buffer overflow in Azure Connected Machine Agent allows an authorized attacker to elevat… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-21265 | Microsoft | medium | 6.4 | 0.3%
| | Windows Secure Boot stores Microsoft certificates in the UEFI KEK and DB. These original certificate… | Jan 13, 2026 | Jan 14, 2026 |
| | CVE-2026-22791 |  Red Hat | medium | 6.6 | 0.0%
| | openCryptoki is a PKCS#11 library and tools for Linux and AIX. In 3.25.0 and 3.26.0, there is a heap… | Jan 13, 2026 | Jan 13, 2026 |
| | CVE-2026-21226 | Microsoft | high | 7.5 | 1.5%
| | Deserialization of untrusted data in Azure Core shared client library for Python allows an authorize… | Jan 13, 2026 | Feb 5, 2026 |
| | CVE-2026-0530 | Red Hat | medium | 6.5 | 0.1%
| | Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to Excessive… | Jan 13, 2026 | Jan 13, 2026 |
| | CVE-2026-0531 | Red Hat | medium | 6.5 | 0.1%
| | Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana Fleet can lead to Excessive… | Jan 13, 2026 | Jan 13, 2026 |
| | CVE-2026-0543 | Red Hat | medium | 6.5 | 0.1%
| | Improper Input Validation (CWE-20) in Kibana's Email Connector can allow an attacker to cause an Exc… | Jan 13, 2026 | Jan 13, 2026 |
| | CVE-2025-37186 | HPE | high | 7.8 | 0.0%
| | A local privilege-escalation vulnerability has been discovered in the HPE Aruba Networking Virtual I… | Jan 13, 2026 | Mar 2, 2026 |
| | CVE-2025-70968 | Red Hat | high | 9.8 | 0.1%
| | FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE(). | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71141 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
drm/tilcdc: Fix removal actions … | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71102 | Red Hat | medium | — | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
scs: fix a wrong parameter in __… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71128 | Red Hat | medium | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
erspan: Initialize options_len b… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71122 | Red Hat | low | 2.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
iommufd/selftest: Check for over… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71126 | Red Hat | medium | 4.4 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
mptcp: avoid deadlock on fallbac… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71142 | Red Hat | low | 5.5 | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
cpuset: fix warning when disabli… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71108 | Red Hat | low | 3.3 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
usb: typec: ucsi: Handle incorre… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71113 | Red Hat | low | 3.3 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
crypto: af_alg - zero initialize… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71137 | Red Hat | medium | 4.4 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
octeontx2-pf: fix "UBSAN: shift-… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71107 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
f2fs: ensure node page reads com… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71121 | Red Hat | medium | — | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
parisc: Do not reprogram affinit… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71120 | Red Hat | medium | 6.5 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: svcauth_gss: avoid NULL … | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71118 | Red Hat | low | 5.5 | 0.1%
| | In the Linux kernel, the following vulnerability has been resolved:
ACPICA: Avoid walking the Namesp… | Jan 14, 2026 | Jan 14, 2026 |
| | CVE-2025-71130 | Red Hat | medium | — | 0.0%
| | In the Linux kernel, the following vulnerability has been resolved:
drm/i915/gem: Zero-initialize th… | Jan 14, 2026 | Jan 14, 2026 |