| | CVE-2026-20127 |  Cisco | critical | 10.0 | 2.6%
| ⚠ KEV | A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN v… | Feb 25, 2026 | Feb 26, 2026 |
| | CVE-2026-20128 | Cisco | high | 7.5 | 0.1%
| ⚠ KEV | A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could al… | Feb 25, 2026 | Apr 21, 2026 |
| | CVE-2026-20129 | Cisco | critical | 9.8 | 0.1%
| | A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unaut… | Feb 25, 2026 | Mar 4, 2026 |
| | CVE-2026-20133 | Cisco | medium | 6.5 | 1.4%
| ⚠ KEV | A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to… | Feb 25, 2026 | Apr 22, 2026 |
| | CVE-2026-27795 |  Red Hat | medium | 6.5 | 0.0%
| | LangChain is a framework for building LLM-powered applications. Prior to version 1.1.8, a redirect-b… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-22719 |  VMware | high | 8.1 | 2.3%
| ⚠ KEV | VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor… | Feb 25, 2026 | Apr 14, 2026 |
| | CVE-2026-22720 | VMware | high | 8.0 | 0.1%
| | VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with … | Feb 25, 2026 | Apr 14, 2026 |
| | CVE-2026-25941 | Red Hat | medium | 5.4 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-25942 | Red Hat | medium | 4.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_s… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-2636 |  Microsoft | medium | 5.5 | 0.0%
| | This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" we… | Feb 25, 2026 | Feb 27, 2026 |
| | CVE-2026-25952 | Red Hat | medium | 6.4 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_SetWin… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-25953 | Red Hat | medium | 4.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpd… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-25954 | Red Hat | medium | 5.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_s… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-25955 | Red Hat | medium | 4.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpd… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-25959 | Red Hat | medium | 5.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_cliprd… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-25997 | Red Hat | medium | 5.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipbo… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-26271 | Red Hat | medium | 4.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a buffer o… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-27015 | Red Hat | medium | 6.5 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing … | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-26955 | Red Hat | high | 8.8 | 0.0%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a maliciou… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-3172 | Red Hat | medium | 6.8 | 0.0%
| | Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user … | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-26965 | Red Hat | high | 8.8 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-26986 | Red Hat | medium | 5.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_wind… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-27950 | Red Hat | medium | 4.3 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix fo… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-27951 | Red Hat | medium | 5.9 | 0.1%
| | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the functi… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-22721 | VMware | medium | 6.2 | 0.1%
| | VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privile… | Feb 25, 2026 | Mar 4, 2026 |
| | CVE-2026-27148 | Red Hat | high | 8.8 | 0.2%
| | Storybook is a frontend workshop for building user interface components and pages in isolation. Prio… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-27798 | Red Hat | medium | 7.1 | 0.0%
| | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-27799 | Red Hat | medium | 4.0 | 0.0%
| | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior… | Feb 25, 2026 | Feb 25, 2026 |
| | CVE-2026-28295 | Red Hat | low | 4.3 | 0.0%
| | A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by p… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-28296 | Red Hat | medium | 4.3 | 0.1%
| | A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vuln… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-3234 | Red Hat | low | 4.3 | 0.1%
| | No description is available for this CVE. | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27976 |  Check Point | high | 8.8 | 0.0%
| | Zed, a code editor, has an extension installer allows tar/gzip downloads. Prior to version 0.224.4, … | Feb 26, 2026 | Mar 5, 2026 |
| | CVE-2026-27837 | Red Hat | medium | 6.3 | 0.1%
| | Dottie provides nested object access and manipulation in JavaScript. Versions 2.0.4 through 2.0.6 co… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27888 | Red Hat | medium | 5.3 | 0.0%
| | pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this v… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27830 | Red Hat | high | 8.0 | 0.1%
| ✓ Fix | c3p0, a JDBC Connection pooling library, is vulnerable to attack via maliciously crafted Java-serial… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27896 | Red Hat | high | 7.2 | 0.1%
| | The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message pars… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27901 | Red Hat | medium | 5.4 | 0.0%
| | Svelte performance oriented web framework. Prior to version 5.53.5, the contents of `bind:innerText`… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27902 | Red Hat | medium | 4.2 | 0.0%
| | Svelte performance oriented web framework. Prior to version 5.53.5, errors from `transformError` wer… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27903 | Red Hat | medium | 5.9 | 0.1%
| | minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objec… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27904 | Red Hat | medium | 6.5 | 0.1%
| | minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objec… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27945 | Check Point | medium | 6.5 | 0.0%
| | ZITADEL is an open source identity management platform. Zitadel Action V2 (introduced as early previ… | Feb 26, 2026 | Mar 5, 2026 |
| | CVE-2026-27942 | Red Hat | medium | 7.5 | 0.1%
| | fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object wi… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27959 | Red Hat | high | 8.2 | 0.1%
| | Koa is middleware for Node.js using ES2017 async functions. Prior to versions 3.1.2 and 2.16.4, Koa'… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27970 | Red Hat | high | 7.1 | 0.0%
| | Angular is a development platform for building mobile and desktop web applications using TypeScript/… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-27141 | Red Hat | medium | 5.3 | 0.1%
| | Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-22715 | VMware | medium | 5.9 | 0.0%
| | VMWare Workstation and Fusion contain a logic flaw in the management of network packets.
Known att… | Feb 26, 2026 | Feb 27, 2026 |
| | CVE-2026-28208 | Red Hat | medium | 5.9 | 0.1%
| | Junrar is an open source java RAR archive library. Prior to version 7.5.8, a backslash path traversa… | Feb 26, 2026 | Feb 26, 2026 |
| | CVE-2026-28364 | Red Hat | high | 7.9 | 0.0%
| | In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-3293 | Red Hat | low | 3.3 | 0.0%
| | A weakness has been identified in snowflakedb snowflake-jdbc up to 4.0.1. Impacted is the function S… | Feb 27, 2026 | Feb 27, 2026 |
| | CVE-2026-2359 | Red Hat | high | 7.5 | 0.1%
| | Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability in Multer prior t… | Feb 27, 2026 | Feb 27, 2026 |