|
High
|
2 Mar 2026 |
2 Mar 2026 |
CPAI-2025-12525
|
|
CVE-2025-15234
|
Tenda M3 Heap Overflow (CVE-2025-15234)
|
|
High
|
2 Mar 2026 |
2 Mar 2026 |
CPAI-2025-12521
|
|
CVE-2025-35028
|
HexStrike AI MCP Server Command Injection (CVE-2025-35028)
|
|
High
|
2 Mar 2026 |
2 Mar 2026 |
CPAI-2018-3293
|
|
CVE-2018-11803
|
Apache Subversion Memory Corruption (CVE-2018-11803)
|
|
High
|
2 Mar 2026 |
2 Mar 2026 |
CPAI-2025-12720
|
|
CVE-2025-68926
|
RustFS Authentication Bypass (CVE-2025-68926)
|
|
High
|
2 Mar 2026 |
2 Mar 2026 |
CPAI-2025-12715
|
|
CVE-2025-9713
|
Ivanti Endpoint Manager Directory Traversal (CVE-2025-9713)
|
|
High
|
2 Mar 2026 |
2 Mar 2026 |
CPAI-2026-1072
|
|
CVE-2026-25512
|
Group-Office Command Injection (CVE-2026-25512)
|
|
High
|
2 Mar 2026 |
2 Mar 2026 |
CPAI-2025-12722
|
|
CVE-2025-10242
|
Ivanti Endpoint Manager Mobile Command Injection (CVE-2025-10242)
|
|
Critical
|
29 Jan 2026 |
26 Feb 2026 |
CPAI-2025-12677
|
|
CVE-2025-40536
CVE-2025-40552
CVE-2025-40554
|
SolarWinds Web Help Desk Authentication Bypass (CVE-2025-40536; CVE-2025-40552; CVE-2025-40554)
|
|
High
|
25 Feb 2026 |
25 Feb 2026 |
CPAI-2025-12582
|
|
CVE-2025-65093
|
LibreNMS SQL Injection (CVE-2025-65093)
|
|
High
|
24 Feb 2026 |
24 Feb 2026 |
CPAI-2025-12449
|
|
CVE-2025-53144
|
Microsoft Windows Type Confusion (CVE-2025-53144)
|
|
High
|
24 Feb 2026 |
24 Feb 2026 |
CPAI-2025-12453
|
|
CVE-2025-63932
|
D-Link DIR-868L Command Injection (CVE-2025-63932)
|
|
High
|
23 Feb 2026 |
23 Feb 2026 |
CPAI-2025-12332
|
|
CVE-2025-49712
|
Microsoft SharePoint Server Insecure Deserialization (CVE-2025-49712)
|
|
Critical
|
22 Feb 2026 |
22 Feb 2026 |
CPAI-2026-0972
|
|
CVE-2026-2441
|
Google Chrome Use After Free (CVE-2026-2441)
|
|
High
|
22 Feb 2026 |
22 Feb 2026 |
CPAI-2025-12360
|
|
CVE-2025-13065
|
WordPress Starter Templates Plugin Arbitrary File Upload (CVE-2025-13065)
|
|
High
|
15 Jan 2026 |
22 Feb 2026 |
CPAI-2025-12358
|
|
CVE-2025-64155
|
Fortinet FortiSIEM Command Injection (CVE-2025-64155)
|
|
High
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2026-0925
|
|
CVE-2026-23744
|
MCPJam Inspector Remote Code Execution (CVE-2026-23744)
|
|
Critical
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2026-0932
|
|
CVE-2026-22769
|
Dell RecoverPoint For Virtual Machines Arbitrary File Upload (CVE-2026-22769)
|
|
Critical
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2026-0931
|
|
CVE-2026-2329
|
Grandstream GXP1600 Stack Overflow (CVE-2026-2329)
|
|
Critical
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2020-4652
|
|
CVE-2020-7796
|
Zimbra Collaboration Suite Server-Side Request Forgery (CVE-2020-7796)
|
|
High
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2026-0907
|
|
CVE-2026-20925
|
Microsoft Windows Information Disclosure (CVE-2026-20925)
|
|
High
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2025-12342
|
|
CVE-2025-5473
|
GIMP Integer Overflow (CVE-2025-5473)
|
|
Medium
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2025-12225
|
|
CVE-2025-13444
|
Progress Multiple Products Remote Code Execution (CVE-2025-13444)
|
|
High
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2024-5508
|
|
CVE-2024-6886
|
Gitea Open Source Git Server Cross-Site Scripting (CVE-2024-6886)
|
|
High
|
19 Feb 2026 |
19 Feb 2026 |
CPAI-2020-4633
|
|
CVE-2020-7387
|
Sage X3 AdxAdmin Information Disclosure (CVE-2020-7387)
|
|
High
|
17 Feb 2026 |
19 Feb 2026 |
CPAI-2026-0891
|
|
CVE-2026-26190
|
Milvus Authentication Bypass (CVE-2026-26190)
|
|
Critical
|
18 Feb 2026 |
18 Feb 2026 |
CPAI-2016-1572
|
|
CVE-2016-3141
|
PHP Use After Free (CVE-2016-3141)
|
|
High
|
18 Feb 2026 |
18 Feb 2026 |
CPAI-2024-5476
|
|
CVE-2024-39602
CVE-2024-39788
CVE-2024-39789
CVE-2024-39790
CVE-2024-39793
CVE-2024-39794
CVE-2024-39795
|
Wavlink AC3000 Arbitrary File Write (CVE-2024-39602; CVE-2024-39788; CVE-2024-39789; CVE-2024-39790; CVE-2024-39793; CVE-2024-39794; CVE-2024-39795)
|
|
Critical
|
19 Jan 2026 |
18 Feb 2026 |
CPAI-2024-5494
|
|
CVE-2024-4255
CVE-2024-4501
CVE-2024-4502
CVE-2024-4503
CVE-2024-4504
CVE-2024-4505
CVE-2024-4506
CVE-2024-4507
CVE-2024-4508
CVE-2024-4509
CVE-2024-4510
CVE-2024-4813
CVE-2024-4814
CVE-2024-4815
|
Ruijie RG-UAC Command Injection (CVE-2024-4255; CVE-2024-4501; CVE-2024-4502; CVE-2024-4503; CVE-2024-4504; CVE-2024-4505; CVE-2024-4506; CVE-2024-4507; CVE-2024-4508; CVE-2024-4509; CVE-2024-4510; CVE-2024-4813; CVE-2024-4814; CVE-2024-4815)
|
|
High
|
17 Feb 2026 |
17 Feb 2026 |
CPAI-2026-0869
|
|
CVE-2026-26190
|
Milvus Authentication Bypass (CVE-2026-26190)
|
|
High
|
16 Feb 2026 |
16 Feb 2026 |
CPAI-2025-12177
|
|
CVE-2025-14655
|
Tenda AC20 Stack Overflow (CVE-2025-14655)
|
|
High
|
16 Feb 2026 |
16 Feb 2026 |
CPAI-2025-12175
|
|
CVE-2025-58176
|
OpenAgentPlatform Dive Remote Code Execution (CVE-2025-58176)
|
|
High
|
16 Feb 2026 |
16 Feb 2026 |
CPAI-2025-12173
|
|
CVE-2025-55346
|
Flowise Remote Code Execution (CVE-2025-55346)
|
|
High
|
16 Feb 2026 |
16 Feb 2026 |
CPAI-2025-12172
|
|
CVE-2025-8723
|
WordPress Cloudflare Image Resizing Plugin Remote Code Execution (CVE-2025-8723)
|
|
High
|
16 Feb 2026 |
16 Feb 2026 |
CPAI-2024-5410
|
|
CVE-2024-47066
|
LobeHub Lobe Chat Server-Side Request Forgery (CVE-2024-47066)
|
|
High
|
16 Feb 2026 |
16 Feb 2026 |
CPAI-2025-12204
|
|
CVE-2025-48148
|
StoreKeeper for WooCommerce Unrestricted File Upload (CVE-2025-48148)
|
|
Critical
|
12 Feb 2026 |
16 Feb 2026 |
CPAI-2026-0850
|
|
CVE-2026-1731
|
BeyondTrust Multiple Products Command Injection (CVE-2026-1731)
|
|
Critical
|
1 Feb 2026 |
16 Feb 2026 |
CPAI-2026-0845
|
|
CVE-2026-1281
CVE-2026-1340
|
Ivanti Endpoint Manager Mobile Command Injection (CVE-2026-1281; CVE-2026-1340)
|
|
Critical
|
29 Jan 2026 |
15 Feb 2026 |
CPAI-2025-12238
|
|
CVE-2025-40536
CVE-2025-40554
|
SolarWinds Web Help Desk Authentication Bypass (CVE-2025-40536; CVE-2025-40554)
|
|
High
|
15 Feb 2026 |
15 Feb 2026 |
CPAI-2026-0839
|
|
CVE-2026-1603
|
Ivanti Endpoint Manager Authentication Bypass (CVE-2026-1603)
|
|
Medium
|
15 Feb 2026 |
15 Feb 2026 |
CPAI-2025-12152
|
|
CVE-2025-34176
|
pfSense CE Directory Traversal (CVE-2025-34176)
|
|
High
|
15 Feb 2026 |
15 Feb 2026 |
CPAI-2024-5460
|
|
CVE-2024-39924
|
Dani-Garcia Vaultwarden Privilege Escalation (CVE-2024-39924)
|
|
High
|
15 Feb 2026 |
15 Feb 2026 |
CPAI-2026-0834
|
|
|
Lazarus Campaign Command and Control
|
|
High
|
15 Feb 2026 |
15 Feb 2026 |
CPAI-2026-0832
|
|
|
Formbook Campaign Command and Control
|
|
High
|
15 Feb 2026 |
15 Feb 2026 |
CPAI-2026-0836
|
|
|
Belkin Wemo Cross-Site Scripting
|
|
High
|
15 Feb 2026 |
15 Feb 2026 |
CPAI-2024-5456
|
|
CVE-2024-43441
|
Apache HugeGraph Authentication Bypass (CVE-2024-43441)
|
|
High
|
15 Feb 2026 |
15 Feb 2026 |
CPAI-2025-12037
|
|
CVE-2025-15029
|
Centreon Awie SQL Injection (CVE-2025-15029)
|
|
Critical
|
12 Feb 2026 |
12 Feb 2026 |
CPAI-2026-0801
|
|
CVE-2026-1731
|
BeyondTrust Multiple Products Command Injection (CVE-2026-1731)
|
|
High
|
12 Feb 2026 |
12 Feb 2026 |
CPAI-2025-12211
|
|
CVE-2025-67736
|
Sangoma FreePBX SQL Injection (CVE-2025-67736)
|
|
High
|
12 Feb 2026 |
12 Feb 2026 |
CPAI-2020-4613
|
|
CVE-2020-36911
|
Covenant Remote Code Execution (CVE-2020-36911)
|
|
High
|
12 Feb 2026 |
12 Feb 2026 |
CPAI-2025-11956
|
|
CVE-2025-62507
|
Redis Stack Overflow (CVE-2025-62507)
|
Feedback