| | CVE-2025-53868 |  F5 | high | 8.7 | 0.0%
| | When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SF… | Oct 15, 2025 | Feb 4, 2026 |
| | CVE-2025-53521 | F5 | critical | 9.8 | 19.9%
| ⚠ KEV | When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can le… | Oct 15, 2025 | Mar 31, 2026 |
| | CVE-2025-59213 |  Microsoft | high | 8.8 | 0.1%
| | Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Co… | Oct 14, 2025 | Feb 13, 2026 |
| | CVE-2025-54822 |  Fortinet | medium | 4.3 | 0.0%
| | An improper authorization vulnerability [CWE-285] vulnerability in Fortinet FortiOS 7.4.0 through 7.… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2025-49201 | Fortinet | high | 8.1 | 0.1%
| | A weak authentication vulnerability in Fortinet FortiPAM 1.5.0, FortiPAM 1.4.0 through 1.4.2, FortiP… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2025-47890 | Fortinet | low | 2.6 | 0.0%
| | An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2025-31366 | Fortinet | medium | 4.7 | 0.0%
| | An Improper Neutralization of Input During Web Page Generation vulnerability [CWE-79] vulnerability … | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2025-25255 | Fortinet | medium | 5.3 | 0.0%
| | An Improperly Implemented Security Check for Standard vulnerability [CWE-358] vulnerability in Forti… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2024-50571 | Fortinet | high | 7.2 | 0.1%
| | A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.2, FortiAnaly… | Oct 14, 2025 | Jan 27, 2026 |
| | CVE-2024-47569 | Fortinet | medium | 4.3 | 0.0%
| | A insertion of sensitive information into sent data vulnerability in Fortinet FortiMail 7.4.0 throug… | Oct 14, 2025 | Jan 14, 2026 |
| | CVE-2025-10578 |  HPE | high | 7.8 | 0.0%
| | A potential security vulnerability has been identified in the HP Support Assistant for versions prio… | Oct 1, 2025 | Jan 16, 2026 |
| | CVE-2025-20363 |  Cisco | critical | 9.0 | 2.4%
| | A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Softw… | Sep 25, 2025 | Feb 10, 2026 |
| | CVE-2025-55319 | Microsoft | high | 8.8 | 0.1%
| | Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute… | Sep 12, 2025 | Feb 20, 2026 |
| | CVE-2025-43491 | HPE | critical | 9.8 | 0.0%
| | A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow mod… | Sep 9, 2025 | Jan 16, 2026 |
| | CVE-2025-9784 |  Apache | high | 7.5 | 1.6%
| | A flaw was found in Undertow where malformed client requests can trigger server-side stream resets w… | Sep 2, 2025 | Apr 30, 2026 |
| | CVE-2025-54500 | F5 | medium | 5.3 | 0.1%
| | An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control fr… | Aug 13, 2025 | Feb 4, 2026 |
| | CVE-2025-48989 | Apache | high | 7.5 | 0.5%
| | Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the m… | Aug 13, 2025 | May 12, 2026 |
| | CVE-2024-40588 | Fortinet | medium | 4.4 | 0.0%
| | Multiple relative path traversal vulnerabilities [CWE-23] vulnerability in Fortinet FortiCamera 2.1 … | Aug 12, 2025 | Jan 14, 2026 |
| | CVE-2024-26009 | Fortinet | high | 8.1 | 0.1%
| | An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet Fort… | Aug 12, 2025 | Apr 20, 2026 |
| | CVE-2023-45584 | Fortinet | medium | 6.6 | 0.2%
| | A double free vulnerability [CWE-415] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2.0 through… | Aug 12, 2025 | Jan 14, 2026 |
| | CVE-2025-53786 | Microsoft | high | 8.0 | 0.1%
| | On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and … | Aug 6, 2025 | Feb 27, 2026 |
| | CVE-2025-43023 | HPE | critical | 9.1 | 0.0%
| | A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software… | Jul 28, 2025 | Jan 16, 2026 |
| | CVE-2025-25257 | Fortinet | critical | 9.8 | 28.1%
| ⚠ KEV | An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerabilit… | Jul 17, 2025 | Feb 20, 2026 |
| | CVE-2025-47964 | Microsoft | medium | 5.4 | 0.0%
| | Microsoft Edge (Chromium-based) Spoofing Vulnerability | Jul 11, 2025 | Feb 13, 2026 |
| | CVE-2025-47963 | Microsoft | medium | 6.3 | 0.1%
| | No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform … | Jul 11, 2025 | Feb 13, 2026 |
| | CVE-2025-49756 | Microsoft | low | 3.3 | 0.0%
| | Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an authorized a… | Jul 8, 2025 | Feb 13, 2026 |
| | CVE-2025-49737 | Microsoft | high | 7.0 | 0.0%
| | Concurrent execution using shared resource with improper synchronization ('race condition') in Micro… | Jul 8, 2025 | Feb 13, 2026 |
| | CVE-2025-49731 | Microsoft | low | 3.1 | 0.1%
| | Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized … | Jul 8, 2025 | Feb 13, 2026 |
| | CVE-2025-43019 | HPE | high | 7.8 | 0.0%
| | A potential security vulnerability has been identified in the HP Support Assistant, which allows a l… | Jul 8, 2025 | Jan 20, 2026 |
| | CVE-2025-43025 | HPE | high | 7.5 | 0.1%
| | HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in v… | Jul 2, 2025 | Jan 20, 2026 |
| | CVE-2025-32897 | Apache | critical | 9.8 | 0.3%
| | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).
This security vulnera… | Jun 28, 2025 | Mar 30, 2026 |
| | CVE-2025-3773 |  Trellix | medium | 5.5 | 0.0%
| | A sensitive information exposure vulnerability in System Information Reporter (SIR) 1.0.3 and prior… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-3771 | Trellix | high | 7.1 | 0.0%
| | A path or symbolic link manipulation vulnerability in SIR 1.0.3 and prior versions allows an authent… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-3722 | Trellix | medium | 4.4 | 0.0%
| | A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an auth… | Jun 26, 2025 | Feb 11, 2026 |
| | CVE-2025-24286 |  Veeam | high | 7.2 | — | | A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, … | Jun 19, 2025 | Jul 16, 2025 |
| | CVE-2025-23121 | Veeam | high | 8.8 | — | | A vulnerability allowing remote code execution (RCE) on the Backup Server by an authenticated domain… | Jun 19, 2025 | Jul 15, 2025 |
| | CVE-2025-32711 | Microsoft | critical | 9.3 | 3.4%
| | Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a … | Jun 11, 2025 | Feb 20, 2026 |
| | CVE-2025-47176 | Microsoft | high | 7.8 | 0.5%
| | '.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. | Jun 10, 2025 | Feb 13, 2026 |
| | CVE-2025-22254 | Fortinet | medium | 6.6 | 0.1%
| | An Improper Privilege Management vulnerability [CWE-269] vulnerability in Fortinet FortiOS 7.6.0 thr… | Jun 10, 2025 | Jan 14, 2026 |
| | CVE-2025-43026 | HPE | high | 7.8 | 0.0%
| | A potential security vulnerability has been identified in the HP Support Assistant for versions prio… | Jun 5, 2025 | Jan 13, 2026 |
| | CVE-2025-48734 | Apache | medium | — | 0.3%
| | Improper Access Control vulnerability in Apache Commons.
A special BeanIntrospector class was add… | May 28, 2025 | Apr 29, 2026 |
| | CVE-2025-24473 | Fortinet | low | 3.7 | 0.1%
| | A exposure of sensitive system information to an unauthorized control sphere vulnerability in Fortin… | May 28, 2025 | Jan 8, 2026 |
| | CVE-2025-4123 |  Grafana | high | 7.6 | 3.9%
| | A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path trave… | May 22, 2025 | Apr 29, 2026 |
| | CVE-2025-32756 | Fortinet | critical | 9.8 | 41.6%
| ⚠ KEV | A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 th… | May 13, 2025 | Jan 14, 2026 |
| | CVE-2024-35281 | Fortinet | low | 2.5 | 0.1%
| | An improper isolation or compartmentalization vulnerability [CWE-653] in FortiClientMac version 7.4.… | May 13, 2025 | Feb 5, 2026 |
| | CVE-2025-47732 | Microsoft | high | 8.7 | 2.7%
| | Deserialization of untrusted data in Microsoft Dataverse allows an authorized attacker to execute co… | May 8, 2025 | Feb 13, 2026 |
| | CVE-2025-29972 | Microsoft | critical | 9.9 | 4.5%
| | Server-side request forgery (ssrf) in Azure Storage Resource Provider allows an authorized attacker … | May 8, 2025 | Feb 13, 2026 |
| | CVE-2025-29813 | Microsoft | critical | 10.0 | 1.9%
| | Authentication bypass by assumed-immutable data in Azure DevOps allows an unauthorized attacker to e… | May 8, 2025 | Feb 13, 2026 |
| | CVE-2025-1697 | HPE | high | 7.8 | 0.1%
| | A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for ce… | Apr 18, 2025 | Feb 24, 2026 |
| | CVE-2025-26628 | Microsoft | high | 7.3 | 0.8%
| | Insufficiently protected credentials in Azure Local Cluster allows an authorized attacker to disclos… | Apr 8, 2025 | Jan 16, 2026 |