{"kevs":[{"cve_id":"CVE-2024-21182","title":"Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are...","vendor":"Oracle Corporation","product":"WebLogic Server","added_date":"2026-06-01T18:00:44.103Z","source":"CISA","source_url":"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"},{"cve_id":"CVE-2023-43000","title":"A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari...","vendor":"Apple","product":"macOS, iOS and iPadOS, Safari","added_date":"2026-06-01T13:30:35.576Z","source":"CISA","source_url":"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"},{"cve_id":"CVE-2025-31277","title":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6,...","vendor":"Apple","product":"Safari, iOS and iPadOS, macOS, tvOS, visionOS, watchOS","added_date":"2026-06-01T13:30:35.304Z","source":"CISA","source_url":"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"},{"cve_id":"CVE-2026-9082","title":"Drupal core - Highly critical - SQL injection - SA-CORE-2026-004","vendor":"Drupal","product":"Drupal core","added_date":"2026-06-01T13:29:38.047Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-9082"},{"cve_id":"CVE-2026-48172","title":"LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is...","vendor":"LiteSpeed Technologies","product":"cPanel Plugin, WHM Plugin","added_date":"2026-06-01T13:29:31.681Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-48172"},{"cve_id":"CVE-2026-34926","title":"A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the...","vendor":"Trend Micro, Inc.","product":"TrendAI Apex One, TrendAI Apex One as a Service","added_date":"2026-06-01T13:29:30.761Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-34926"},{"cve_id":"CVE-2025-34291","title":"Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE","vendor":"Langflow","product":"Langflow","added_date":"2026-06-01T13:29:30.499Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2025-34291"},{"cve_id":"CVE-2026-45498","title":"Microsoft Defender Denial of Service Vulnerability","vendor":"Microsoft","product":"Microsoft Defender Antimalware Platform","added_date":"2026-06-01T13:29:26.865Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-45498"},{"cve_id":"CVE-2026-41091","title":"Microsoft Defender Elevation of Privilege Vulnerability","vendor":"Microsoft","product":"Microsoft Malware Protection Engine","added_date":"2026-06-01T13:29:26.114Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-41091"},{"cve_id":"CVE-2026-34234","title":"CtrlPanel: Unauthenticated RCE using installer script","vendor":"Ctrlpanel-gg","product":"panel","added_date":"2026-06-01T13:29:18.130Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-34234"},{"cve_id":"CVE-2026-42897","title":"Microsoft Exchange Server Spoofing Vulnerability","vendor":"Microsoft","product":"Microsoft Exchange Server 2016 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 14, Microsoft Exchange Server 2019 Cumulative Update 15, Microsoft Exchange Server Subscription Edition RTM","added_date":"2026-06-01T13:29:03.497Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-42897"},{"cve_id":"CVE-2026-42208","title":"LiteLLM: SQL injection in Proxy API key verification","vendor":"BerriAI","product":"litellm","added_date":"2026-06-01T13:26:37.184Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-42208"},{"cve_id":"CVE-2026-6973","title":"An Improper Input Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remotely authenticated...","vendor":"Ivanti","product":"Endpoint Manager Mobile","added_date":"2026-06-01T13:26:33.373Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-6973"},{"cve_id":"CVE-2026-44742","title":"Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May...","vendor":"Postorius project","product":"Postorius","added_date":"2026-06-01T13:26:33.175Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-44742"},{"cve_id":"CVE-2026-0300","title":"PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal","vendor":"Palo Alto Networks","product":"Cloud NGFW, PAN-OS, Prisma Access","added_date":"2026-06-01T13:26:25.457Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-0300"},{"cve_id":"CVE-2026-31431","title":"crypto: algif_aead - Revert to operating out-of-place","vendor":"Linux","product":"Linux","added_date":"2026-06-01T13:26:07.375Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-31431"},{"cve_id":"CVE-2026-41940","title":"WebPros cPanel and WHM Authentication Bypass via Login Flow","vendor":"WebPros","product":"cPanel, WP Squared, WHM","added_date":"2026-06-01T13:26:04.201Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-41940"},{"cve_id":"CVE-2026-32202","title":"Windows Shell Spoofing Vulnerability","vendor":"Microsoft","product":"Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)","added_date":"2026-06-01T13:25:49.558Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-32202"},{"cve_id":"CVE-2024-1708","title":"Improper limitation of a pathname to a restricted directory (“path traversal”)","vendor":"ConnectWise","product":"ScreenConnect","added_date":"2026-06-01T13:24:35.769Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2024-1708"},{"cve_id":"CVE-2025-29635","title":"A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote...","vendor":"n/a","product":"n/a","added_date":"2026-06-01T13:23:43.718Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2025-29635"},{"cve_id":"CVE-2024-7399","title":"Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to...","vendor":"Samsung Electronics","product":"MagicINFO 9 Server","added_date":"2026-06-01T13:23:43.436Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2024-7399"},{"cve_id":"CVE-2024-57728","title":"SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a...","vendor":"n/a","product":"n/a","added_date":"2026-06-01T13:23:43.404Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2024-57728"},{"cve_id":"CVE-2024-57726","title":"SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive...","vendor":"n/a","product":"n/a","added_date":"2026-06-01T13:23:43.375Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2024-57726"},{"cve_id":"CVE-2026-39987","title":"marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass","vendor":"marimo-team","product":"marimo","added_date":"2026-06-01T13:23:39.702Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-39987"},{"cve_id":"CVE-2026-33825","title":"Microsoft Defender Elevation of Privilege Vulnerability","vendor":"Microsoft","product":"Microsoft Defender Antimalware Platform","added_date":"2026-06-01T13:22:36.497Z","source":"CVE","source_url":"https://www.cve.org/CVERecord?id=CVE-2026-33825"}],"pagination":{"current_page":1,"total_pages":153,"total_count":3822,"per_page":25,"next_page":2,"prev_page":null,"first_page":1,"last_page":153}}