{"kevs":[{"cve_id":"CVE-2026-10795","title":"UpdraftPlus: WP Backup & Migration Plugin <= 1.26.4 - Unauthenticated Authentication Bypass via UpdraftCentral udrpc","vendor":"davidanderson","product":"UpdraftPlus: WP Backup & Migration Plugin","cvss_score":8.1,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":false},"epss_score":null,"epss_percentile":null,"used_in_malware":"unknown","added_date":"2026-06-11T07:20:32.076Z","primary_source":"Daily CyberSecurity","all_sources":["Daily CyberSecurity"],"ahead_of_cisa_kev":null,"source_url":"https://securityonline.info/updraftplus-cve-2026-10795-exploit/"},{"cve_id":"CVE-2025-5821","title":"Case Theme User <= 1.0.3 - Authentication Bypass via Social Login","vendor":"Case-Themes","product":"Case Theme User","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00477,"epss_percentile":0.6534,"used_in_malware":"unknown","added_date":"2026-06-11T00:20:49.551Z","primary_source":"Daily CyberSecurity","all_sources":["Daily CyberSecurity"],"ahead_of_cisa_kev":null,"source_url":"https://securityonline.info/updraftplus-cve-2026-10795-exploit/"},{"cve_id":"CVE-2026-5027","title":"Langflow - Path Traversal Arbitrary File Write via upload_user_file","vendor":"langflow-ai","product":"langflow","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00035,"epss_percentile":0.10609,"used_in_malware":"unknown","added_date":"2026-06-10T16:20:36.494Z","primary_source":"TheHackerNews","all_sources":["TheHackerNews","BleepingComputer"],"ahead_of_cisa_kev":null,"source_url":"https://thehackernews.com/2026/06/unpatched-langflow-flaw-cve-2026-5027.html"},{"cve_id":"CVE-2026-10520","title":"An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to...","vendor":"ivanti","product":"Sentry","cvss_score":10.0,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00217,"epss_percentile":0.44365,"used_in_malware":"unknown","added_date":"2026-06-10T09:50:00.000Z","primary_source":"Defused Cyber","all_sources":["Defused Cyber","KEVIntel"],"ahead_of_cisa_kev":null,"source_url":"https://x.com/DefusedCyber/status/2064639896254382543/photo/1"},{"cve_id":"CVE-2026-11645","title":"Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox...","vendor":"Google","product":"Chrome","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.05467,"epss_percentile":0.90404,"used_in_malware":"unknown","added_date":"2026-06-09T13:20:17.736Z","primary_source":"TheHackerNews","all_sources":["TheHackerNews","CISA","CVE","All CISA Advisories"],"ahead_of_cisa_kev":{"unit":"hour","count":5},"source_url":"https://thehackernews.com/2026/06/chrome-v8-zero-day-cve-2026-11645.html"},{"cve_id":"CVE-2026-34910","title":"A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a...","vendor":"Ubiquiti Inc","product":"UniFi OS Server, UDM, UDM-Pro, UDM-SE, UDM-Pro-Max, UDM-Beast, EFG, UDW, UDR, UDR7, UDR-5G, Express 7, UNVR, UNVR-Pro, UNVR-Instant, UNVR-G2, UNVR-G2-Pro, ENVR, ENVR-Core, UNAS-2, UNAS-4, UNAS-Pro, UNAS-Pro-4, UNAS-Pro-8, UCKP, UCK, UCK-Enterprise, UCG-Ultra, UCG-Max, UCG-Fiber, UCG-Industrial","cvss_score":10.0,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.18147,"epss_percentile":0.9533,"used_in_malware":"unknown","added_date":"2026-06-09T08:18:00.000Z","primary_source":"Defused Cyber","all_sources":["Defused Cyber"],"ahead_of_cisa_kev":null,"source_url":"https://x.com/DefusedCyber/status/2064238751258178006"},{"cve_id":"CVE-2026-34909","title":"A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the...","vendor":"Ubiquiti Inc","product":"UniFi OS Server, Express, UDM, UDM-Pro, UDM-SE, UDM-Pro-Max, UDM-Beast, EFG, UDW, UDR, UDR7, UDR-5G, Express 7, UNVR, UNVR-Pro, UNVR-Instant, UNVR-G2, UNVR-G2-Pro, ENVR, ENVR-Core, UNAS-2, UNAS-4, UNAS-Pro, UNAS-Pro-4, UNAS-Pro-8, UCKP, UCK, UCK-Enterprise, UCG-Ultra, UCG-Max, UCG-Fiber, UCG-Industrial","cvss_score":10.0,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00026,"epss_percentile":0.07836,"used_in_malware":"unknown","added_date":"2026-06-09T07:29:00.000Z","primary_source":"Defused Cyber","all_sources":["Defused Cyber"],"ahead_of_cisa_kev":null,"source_url":"https://x.com/DefusedCyber/status/2064238751258178006"},{"cve_id":"CVE-2026-34908","title":"A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized...","vendor":"Ubiquiti Inc","product":"UniFi OS Server, UDM, UDM-Pro, UDM-SE, UDM-Pro-Max, UDM-Beast, EFG, UDW, UDR, UDR7, UDR-5G, Express 7, UNVR, UNVR-Pro, UNVR-Instant, UNVR-G2, UNVR-G2-Pro, ENVR, ENVR-Core, UNAS-2, UNAS-4, UNAS-Pro, UNAS-Pro-4, UNAS-Pro-8, UCKP, UCK, UCK-Enterprise, UCG-Ultra, UCG-Max, UCG-Fiber, UCG-Industrial","cvss_score":10.0,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00022,"epss_percentile":0.06302,"used_in_malware":"unknown","added_date":"2026-06-09T07:27:00.000Z","primary_source":"Defused Cyber","all_sources":["Defused Cyber"],"ahead_of_cisa_kev":null,"source_url":"https://x.com/DefusedCyber/status/2064238751258178006"},{"cve_id":"CVE-2026-42271","title":"LiteLLM: Authenticated command execution via MCP stdio test endpoints","vendor":"BerriAI","product":"litellm","cvss_score":8.7,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.60784,"epss_percentile":0.98326,"used_in_malware":"unknown","added_date":"2026-06-08T18:00:45.030Z","primary_source":"CISA","all_sources":["CISA","TheHackerNews","CVE","All CISA Advisories"],"ahead_of_cisa_kev":null,"source_url":"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"},{"cve_id":"CVE-2026-50751","title":"User Authentication Bypass in VPN Remote Access and Mobile Access","vendor":"checkpoint","product":"Quantum Security Gateway, Spark Firewalls","cvss_score":9.3,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.11841,"epss_percentile":0.9388,"used_in_malware":"yes","added_date":"2026-06-08T14:20:34.968Z","primary_source":"Check Point Blog","all_sources":["Check Point Blog","TheHackerNews","Rapid7","CISA","All CISA Advisories","CVE"],"ahead_of_cisa_kev":{"unit":"hour","count":6},"source_url":"https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/"},{"cve_id":"CVE-2021-33544","title":"UDP Technology/Geutebrück camera devices: command injection leading to RCE","vendor":"Geutebrück","product":"E2 Series, Encoder G-Code","cvss_score":7.2,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.94247,"epss_percentile":0.99932,"used_in_malware":"unknown","added_date":"2026-06-08T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2025-61666","title":"Traccar Unauthenticated Local File Inclusion on Windows - Leakage of Traccar Config File","vendor":"traccar","product":"traccar","cvss_score":8.7,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.01364,"epss_percentile":0.80582,"used_in_malware":"unknown","added_date":"2026-06-08T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2025-8085","title":"Ditty < 3.1.58 - Unauthenticated SSRF","vendor":"Unknown","product":"Ditty","cvss_score":8.6,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.10923,"epss_percentile":0.93561,"used_in_malware":"unknown","added_date":"2026-06-08T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2022-3801","title":"IBAX go-ibax rowsInfo sql injection","vendor":"IBAX","product":"go-ibax","cvss_score":6.3,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.02768,"epss_percentile":0.86351,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2021-24227","title":"Patreon WordPress < 1.7.0 - Unauthenticated Local File Disclosure","vendor":"Unknown","product":"Patreon WordPress","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.38694,"epss_percentile":0.97347,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2024-8752","title":"WebIQ 2.15.9 Runtime on Windows - Directory Traversal Vulnerability","vendor":"Smart HMI","product":"WebIQ","cvss_score":9.3,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.91135,"epss_percentile":0.99664,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2026-1405","title":"Slider Future <= 1.0.5 - Unauthenticated Arbitrary File Upload","vendor":"franchidesign","product":"Slider Future","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.20498,"epss_percentile":0.95689,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2024-39713","title":"A Server-Side Request Forgery (SSRF) affects Rocket.Chat's Twilio webhook endpoint before version 6.10.1.","vendor":"Rocket.Chat","product":"Rocket.Chat","cvss_score":8.6,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.90057,"epss_percentile":0.99603,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2022-34753","title":"A CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause remote...","vendor":"Schneider Electric","product":"SpaceLogic C-Bus Home Controller","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.93795,"epss_percentile":0.99868,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2021-27358","title":"The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API...","vendor":"Grafana Labs","product":"Grafana","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.92396,"epss_percentile":0.99743,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2021-3577","title":"An unauthenticated remote code execution vulnerability was reported in some Motorola-branded Binatone Hubble Cameras that could allow an attacker...","vendor":"Motorola","product":"Binatone Hubble Cameras","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.78899,"epss_percentile":0.99077,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2021-41569","title":"SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows...","vendor":"SAS Institute Inc.","product":"SAS/Intrnet","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.7377,"epss_percentile":0.98836,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2022-34121","title":"Cuppa CMS v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.","vendor":"Cuppa CMS","product":"Cuppa CMS","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.2541,"epss_percentile":0.96336,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2017-10974","title":"Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. NOTE: this CVE is only about use of...","vendor":"Yaws","product":"Yaws","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.91277,"epss_percentile":0.99671,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2021-20166","title":"Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router...","vendor":"Netgear","product":"RAX43","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.64228,"epss_percentile":0.98462,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2024-55457","title":"MasterSAM Star Gate 11 is vulnerable to directory traversal via /adama/adama/downloadService. An attacker can exploit this vulnerability by...","vendor":"MasterSAM","product":"Star Gate 11","cvss_score":6.5,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.75254,"epss_percentile":0.98901,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2023-4490","title":"WP Job Portal < 2.0.6 - Unauthenticated SQLi","vendor":"Unknown","product":"WP Job Portal","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.51967,"epss_percentile":0.97969,"used_in_malware":"unknown","added_date":"2026-06-07T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2022-29078","title":"The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view...","vendor":"mde","product":"ejs","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.93462,"epss_percentile":0.9983,"used_in_malware":"unknown","added_date":"2026-06-06T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2021-27670","title":"Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url parameter.","vendor":"Appspace","product":"Appspace 6.2.4","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.92837,"epss_percentile":0.99775,"used_in_malware":"unknown","added_date":"2026-06-06T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2022-1390","title":"Admin Word Count Column <= 2.2 - Unauthenticated Arbitrary File Read","vendor":"Unknown","product":"Admin Word Count Column","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.91147,"epss_percentile":0.99664,"used_in_malware":"unknown","added_date":"2026-06-06T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2021-4458","title":"Modern Events Calendar Lite <= 6.3.0 - Unauthenticated SQL Injection","vendor":"webnus","product":"Modern Events Calendar Lite","cvss_score":5.9,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":false},"epss_score":0.00243,"epss_percentile":0.47761,"used_in_malware":"unknown","added_date":"2026-06-06T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2021-21805","title":"An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted...","vendor":"Advantech","product":"R-SeeNet","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.92871,"epss_percentile":0.99778,"used_in_malware":"unknown","added_date":"2026-06-06T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2026-28318","title":"SolarWinds Serv-U Unauthenticated Denial of Service Vulnerability","vendor":"SolarWinds","product":"Serv-U","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.07837,"epss_percentile":0.92168,"used_in_malware":"unknown","added_date":"2026-06-05T18:00:36.180Z","primary_source":"CISA","all_sources":["TheHackerNews","CISA","CVE","All CISA Advisories"],"ahead_of_cisa_kev":null,"source_url":"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"},{"cve_id":"CVE-2026-7473","title":"Arista EOS Unexpected Tunnel Protocol Decapsulation and Forwarding Bypass","vendor":"Arista Networks","product":"EOS","cvss_score":6.9,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.22469,"epss_percentile":0.95961,"used_in_malware":"unknown","added_date":"2026-06-05T16:40:23.554Z","primary_source":"CVE","all_sources":["CVE","CISA","All CISA Advisories"],"ahead_of_cisa_kev":{"unit":"day","count":4},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-7473"},{"cve_id":"CVE-2026-3300","title":"Everest Forms Pro <= 1.9.12 - Unauthenticated Remote Code Execution via Calculation Field","vendor":"WPEverest","product":"Everest Forms Pro","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00327,"epss_percentile":0.55986,"used_in_malware":"unknown","added_date":"2026-06-05T09:20:13.225Z","primary_source":"TheHackerNews","all_sources":["BleepingComputer","TheHackerNews"],"ahead_of_cisa_kev":null,"source_url":"https://thehackernews.com/2026/06/hackers-exploit-critical-everest-forms.html"},{"cve_id":"CVE-2026-20245","title":"Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00334,"epss_percentile":0.56579,"used_in_malware":"unknown","added_date":"2026-06-05T06:24:20.000Z","primary_source":"BleepingComputer","all_sources":["BleepingComputer","TheHackerNews","CISA","CVE","All CISA Advisories"],"ahead_of_cisa_kev":{"unit":"day","count":4},"source_url":"https://www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/"},{"cve_id":"CVE-2024-45309","title":"OneDev vulnerable to arbitrary file reading for unauthenticated user","vendor":"theonedev","product":"onedev","cvss_score":8.7,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.88966,"epss_percentile":0.99546,"used_in_malware":"unknown","added_date":"2026-06-05T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2024-27564","title":"pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy...","vendor":"dirk1983","product":"mm1.ltd source code","cvss_score":5.8,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.91891,"epss_percentile":0.99707,"used_in_malware":"unknown","added_date":"2026-06-05T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2025-30567","title":"WordPress WP01 plugin <= 2.6.2 - Arbitrary File Download Vulnerability","vendor":"WP01","product":"WP01","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.43807,"epss_percentile":0.97611,"used_in_malware":"unknown","added_date":"2026-06-05T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2025-67303","title":"An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was...","vendor":"Comfy-Org","product":"ComfyUI-Manager","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00882,"epss_percentile":0.75806,"used_in_malware":"unknown","added_date":"2026-06-04T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2020-13379","title":"The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated...","vendor":"Grafana","product":"Grafana","cvss_score":8.2,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.9295,"epss_percentile":0.99785,"used_in_malware":"unknown","added_date":"2026-06-04T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2022-24716","title":"Path traversal in Icinga Web 2","vendor":"Icinga","product":"icingaweb2","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.92546,"epss_percentile":0.99753,"used_in_malware":"unknown","added_date":"2026-06-04T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2023-6875","title":"The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to...","vendor":"wpexpertsio","product":"POST SMTP – The #1 WordPress SMTP Plugin with Advanced Email Logging and Delivery Failure Notifications","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.93684,"epss_percentile":0.99858,"used_in_malware":"unknown","added_date":"2026-06-04T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2023-22620","title":"An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an...","vendor":"SecurePoint","product":"UTM","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":false},"epss_score":0.82886,"epss_percentile":0.99271,"used_in_malware":"unknown","added_date":"2026-06-04T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2024-6671","title":"WhatsUp Gold GetStatisticalMonitorList SQL Injection Authentication Bypass Vulnerability","vendor":"Progress Software Corporation","product":"WhatsUp Gold","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.76181,"epss_percentile":0.98945,"used_in_malware":"unknown","added_date":"2026-06-04T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2026-45247","title":"Mirasvit Cache Warmer for Magento < 1.11.12 PHP Object Injection","vendor":"Mirasvit","product":"Full Page Cache Warmer for Magento 2","cvss_score":9.3,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.06149,"epss_percentile":0.91012,"used_in_malware":"unknown","added_date":"2026-06-03T18:00:21.829Z","primary_source":"CISA","all_sources":["CISA","The Shadowserver (via CIRCL)","TheHackerNews","All CISA Advisories","CVE"],"ahead_of_cisa_kev":null,"source_url":"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"},{"cve_id":"CVE-2025-48827","title":"vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP...","vendor":"vBulletin","product":"vBulletin","cvss_score":10.0,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.7763099999999999,"epss_percentile":0.99011,"used_in_malware":"unknown","added_date":"2026-06-03T10:06:54.268Z","primary_source":"CVE","all_sources":["CVE"],"ahead_of_cisa_kev":null,"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-48827"},{"cve_id":"CVE-2026-8206","title":"Kirki 6.0.0 - 6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password'","vendor":"themeum","product":"Kirki – Freeform Page Builder, Website Builder & Customizer","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00157,"epss_percentile":0.36282,"used_in_malware":"unknown","added_date":"2026-06-03T08:20:48.478Z","primary_source":"BleepingComputer","all_sources":["BleepingComputer"],"ahead_of_cisa_kev":null,"source_url":"https://www.bleepingcomputer.com/news/security/critical-kirki-flaw-exploited-to-hijack-wordpress-admin-accounts/"},{"cve_id":"CVE-2025-9316","title":"N-central unauthenticated sessionID generation","vendor":"N-able","product":"N-central","cvss_score":6.9,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.71424,"epss_percentile":0.98742,"used_in_malware":"unknown","added_date":"2026-06-03T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2022-4059","title":"Cryptocurrency Widgets Pack < 2.0 - Unauthenticated SQLi","vendor":"Unknown","product":"Cryptocurrency Widgets Pack","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.56563,"epss_percentile":0.98162,"used_in_malware":"unknown","added_date":"2026-06-03T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2026-41176","title":"Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution","vendor":"rclone","product":"rclone","cvss_score":9.2,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.26321,"epss_percentile":0.96428,"used_in_malware":"unknown","added_date":"2026-06-03T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2023-6909","title":"Path Traversal: '\\..\\filename' in mlflow/mlflow","vendor":"mlflow","product":"mlflow/mlflow","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.85715,"epss_percentile":0.99395,"used_in_malware":"unknown","added_date":"2026-06-03T00:00:00.000Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["The Shadowserver (via CIRCL)"],"ahead_of_cisa_kev":null,"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2022-0492","title":"A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain...","vendor":"Linux","product":"kernel","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.27578,"epss_percentile":0.9654,"used_in_malware":"unknown","added_date":"2026-06-02T18:00:02.476Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["CISA","The Shadowserver (via CIRCL)","All CISA Advisories","CVE"],"ahead_of_cisa_kev":{"unit":"hour","count":1},"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2025-48595","title":"In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of...","vendor":"Google","product":"Android","cvss_score":8.4,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00528,"epss_percentile":0.67563,"used_in_malware":"unknown","added_date":"2026-06-02T12:15:00.000Z","primary_source":"KEVIntel","all_sources":["The Shadowserver (via CIRCL)","CISA","All CISA Advisories","CyberInsider","TheHackerNews","CVE","KEVIntel"],"ahead_of_cisa_kev":{"unit":"hour","count":6},"source_url":"https://source.android.com/docs/security/bulletin/2026/2026-06-01"},{"cve_id":"CVE-2026-41089","title":"Windows Netlogon Remote Code Execution Vulnerability","vendor":"Microsoft","product":"Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00095,"epss_percentile":0.26409,"used_in_malware":"unknown","added_date":"2026-06-02T11:06:00.000Z","primary_source":"KEVIntel","all_sources":["The Shadowserver (via CIRCL)","KEVIntel"],"ahead_of_cisa_kev":null,"source_url":"https://www.helpnetsecurity.com/2026/06/01/windows-netlogon-rce-exploited-cve-2026-41089/"},{"cve_id":"CVE-2024-21182","title":"Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).  Supported versions that are affected are...","vendor":"Oracle Corporation","product":"WebLogic Server","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.89742,"epss_percentile":0.99588,"used_in_malware":"unknown","added_date":"2026-06-01T18:00:02.554Z","primary_source":"The Shadowserver (via CIRCL)","all_sources":["CVE","The Shadowserver (via CIRCL)","TheHackerNews","All CISA Advisories","CISA"],"ahead_of_cisa_kev":{"unit":"hour","count":1},"source_url":"https://cve.circl.lu/api/sighting"},{"cve_id":"CVE-2023-43000","title":"A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari...","vendor":"Apple","product":"macOS, iOS and iPadOS, Safari","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.00027,"epss_percentile":0.08019,"used_in_malware":"unknown","added_date":"2026-06-01T13:30:35.576Z","primary_source":"CISA","all_sources":["CISA"],"ahead_of_cisa_kev":null,"source_url":"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"},{"cve_id":"CVE-2025-31277","title":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6,...","vendor":"Apple","product":"Safari, iOS and iPadOS, macOS, tvOS, visionOS, watchOS","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.00253,"epss_percentile":0.48904,"used_in_malware":"unknown","added_date":"2026-06-01T13:30:35.304Z","primary_source":"CISA","all_sources":["CISA"],"ahead_of_cisa_kev":null,"source_url":"https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"},{"cve_id":"CVE-2026-9082","title":"Drupal core - Highly critical - SQL injection - SA-CORE-2026-004","vendor":"Drupal","product":"Drupal core","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.10403,"epss_percentile":0.93378,"used_in_malware":"unknown","added_date":"2026-06-01T13:29:38.047Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-9082"},{"cve_id":"CVE-2026-48172","title":"LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is...","vendor":"LiteSpeed Technologies","product":"cPanel Plugin, WHM Plugin","cvss_score":10.0,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.07956,"epss_percentile":0.92244,"used_in_malware":"unknown","added_date":"2026-06-01T13:29:31.681Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-48172"},{"cve_id":"CVE-2026-34926","title":"A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the...","vendor":"Trend Micro, Inc.","product":"TrendAI Apex One, TrendAI Apex One as a Service","cvss_score":6.7,"cvss_severity":"MEDIUM","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":false},"epss_score":0.01018,"epss_percentile":0.77603,"used_in_malware":"unknown","added_date":"2026-06-01T13:29:30.761Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-34926"},{"cve_id":"CVE-2025-34291","title":"Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE","vendor":"Langflow","product":"Langflow","cvss_score":9.4,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.32746,"epss_percentile":0.96987,"used_in_malware":"unknown","added_date":"2026-06-01T13:29:30.499Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-34291"},{"cve_id":"CVE-2026-45498","title":"Microsoft Defender Denial of Service Vulnerability","vendor":"Microsoft","product":"Microsoft Defender Antimalware Platform","cvss_score":4.0,"cvss_severity":"MEDIUM","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.0355,"epss_percentile":0.87959,"used_in_malware":"unknown","added_date":"2026-06-01T13:29:26.865Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-45498"},{"cve_id":"CVE-2026-41091","title":"Microsoft Defender Elevation of Privilege Vulnerability","vendor":"Microsoft","product":"Microsoft Malware Protection Engine","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.08207,"epss_percentile":0.92391,"used_in_malware":"unknown","added_date":"2026-06-01T13:29:26.114Z","primary_source":"CVE","all_sources":["CISA","Tenable Blog","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-41091"},{"cve_id":"CVE-2026-34234","title":"CtrlPanel: Unauthenticated RCE using installer script","vendor":"Ctrlpanel-gg","product":"panel","cvss_score":10.0,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00091,"epss_percentile":0.25654,"used_in_malware":"unknown","added_date":"2026-06-01T13:29:18.130Z","primary_source":"CVE","all_sources":["CVE"],"ahead_of_cisa_kev":null,"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-34234"},{"cve_id":"CVE-2026-42897","title":"Microsoft Exchange Server Spoofing Vulnerability","vendor":"Microsoft","product":"Microsoft Exchange Server 2016 Cumulative Update 23, Microsoft Exchange Server 2019 Cumulative Update 14, Microsoft Exchange Server 2019 Cumulative Update 15, Microsoft Exchange Server Subscription Edition RTM","cvss_score":8.1,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.07856,"epss_percentile":0.92182,"used_in_malware":"unknown","added_date":"2026-06-01T13:29:03.497Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-42897"},{"cve_id":"CVE-2026-42208","title":"LiteLLM: SQL injection in Proxy API key verification","vendor":"BerriAI","product":"litellm","cvss_score":9.3,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.6259,"epss_percentile":0.98399,"used_in_malware":"unknown","added_date":"2026-06-01T13:26:37.184Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-42208"},{"cve_id":"CVE-2026-6973","title":"A configuration control vulnerability in the Ivanti Endpoint Manager Mobile before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote...","vendor":"Ivanti","product":"Endpoint Manager Mobile","cvss_score":7.2,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.04792,"epss_percentile":0.89715,"used_in_malware":"unknown","added_date":"2026-06-01T13:26:33.373Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-6973"},{"cve_id":"CVE-2026-44742","title":"Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May...","vendor":"Postorius project","product":"Postorius","cvss_score":7.2,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00012,"epss_percentile":0.01804,"used_in_malware":"unknown","added_date":"2026-06-01T13:26:33.175Z","primary_source":"CVE","all_sources":["CVE"],"ahead_of_cisa_kev":null,"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-44742"},{"cve_id":"CVE-2026-0300","title":"PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal","vendor":"Palo Alto Networks","product":"Cloud NGFW, PAN-OS, Prisma Access","cvss_score":9.3,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.04916,"epss_percentile":0.89837,"used_in_malware":"unknown","added_date":"2026-06-01T13:26:25.457Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-0300"},{"cve_id":"CVE-2026-31431","title":"crypto: algif_aead - Revert to operating out-of-place","vendor":"Linux","product":"Linux","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.02194,"epss_percentile":0.84756,"used_in_malware":"unknown","added_date":"2026-06-01T13:26:07.375Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-31431"},{"cve_id":"CVE-2026-32202","title":"Windows Shell Spoofing Vulnerability","vendor":"Microsoft","product":"Windows 10 Version 1607, Windows 10 Version 1809, Windows 10 Version 21H2, Windows 10 Version 22H2, Windows 11 version 22H3, Windows 11 Version 23H2, Windows 11 Version 24H2, Windows 11 Version 25H2, Windows 11 version 26H1, Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation), Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows Server 2022, 23H2 Edition (Server Core installation), Windows Server 2025, Windows Server 2025 (Server Core installation)","cvss_score":4.3,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.53056,"epss_percentile":0.98018,"used_in_malware":"unknown","added_date":"2026-06-01T13:25:49.558Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-32202"},{"cve_id":"CVE-2024-1708","title":"Improper limitation of a pathname to a restricted directory (“path traversal”)","vendor":"ConnectWise","product":"ScreenConnect","cvss_score":8.4,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.8481,"epss_percentile":0.9936,"used_in_malware":"yes","added_date":"2026-06-01T13:24:35.769Z","primary_source":"CVE","all_sources":["CISA","Tenable Blog","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2024-1708"},{"cve_id":"CVE-2025-29635","title":"A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote...","vendor":"D-Link","product":"DIR-823X","cvss_score":7.2,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.19949,"epss_percentile":0.95606,"used_in_malware":"unknown","added_date":"2026-06-01T13:23:43.718Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-29635"},{"cve_id":"CVE-2024-7399","title":"Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1050 allows attackers to...","vendor":"Samsung Electronics","product":"MagicINFO 9 Server","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.72886,"epss_percentile":0.98797,"used_in_malware":"unknown","added_date":"2026-06-01T13:23:43.436Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2024-7399"},{"cve_id":"CVE-2024-57728","title":"SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a...","vendor":"SimpleHelp","product":"SimpleHelp remote support software","cvss_score":7.2,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.54072,"epss_percentile":0.98061,"used_in_malware":"yes","added_date":"2026-06-01T13:23:43.404Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2024-57728"},{"cve_id":"CVE-2024-57726","title":"SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive...","vendor":"SimpleHelp","product":"SimpleHelp remote support software","cvss_score":9.9,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.3883,"epss_percentile":0.97353,"used_in_malware":"yes","added_date":"2026-06-01T13:23:43.375Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2024-57726"},{"cve_id":"CVE-2026-39987","title":"marimo Affected by Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass","vendor":"marimo-team","product":"marimo","cvss_score":9.3,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.8071,"epss_percentile":0.99165,"used_in_malware":"unknown","added_date":"2026-06-01T13:23:39.702Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-39987"},{"cve_id":"CVE-2026-33825","title":"Microsoft Defender Elevation of Privilege Vulnerability","vendor":"Microsoft","product":"Microsoft Defender Antimalware Platform","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.07894,"epss_percentile":0.92204,"used_in_malware":"unknown","added_date":"2026-06-01T13:22:36.497Z","primary_source":"CVE","all_sources":["CISA","Tenable Blog","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-33825"},{"cve_id":"CVE-2026-20133","title":"A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected...","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","cvss_score":6.5,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.02015,"epss_percentile":0.84099,"used_in_malware":"unknown","added_date":"2026-06-01T13:22:22.662Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-20133"},{"cve_id":"CVE-2026-20128","title":"Cisco Catalyst SD-WAN Manager Information Disclosure Vulnerability","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":false},"epss_score":0.00077,"epss_percentile":0.23162,"used_in_malware":"unknown","added_date":"2026-06-01T13:22:22.629Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-20128"},{"cve_id":"CVE-2026-20122","title":"Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability","vendor":"Cisco","product":"Cisco Catalyst SD-WAN Manager","cvss_score":5.4,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.01402,"epss_percentile":0.80849,"used_in_malware":"unknown","added_date":"2026-06-01T13:22:22.601Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-20122"},{"cve_id":"CVE-2025-48700","title":"An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra...","vendor":"Zimbra","product":"Zimbra Collaboration (ZCS)","cvss_score":6.1,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.18191,"epss_percentile":0.9534,"used_in_malware":"unknown","added_date":"2026-06-01T13:22:22.416Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-48700"},{"cve_id":"CVE-2025-32975","title":"Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch...","vendor":"Quest","product":"KACE Systems Management Appliance","cvss_score":10.0,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.39315,"epss_percentile":0.97382,"used_in_malware":"unknown","added_date":"2026-06-01T13:22:22.342Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-32975"},{"cve_id":"CVE-2025-2749","title":"Kentico Xperience <= 13.0.178 Staging Media File Upload Authenticated RCE","vendor":"Kentico","product":"Xperience","cvss_score":7.2,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.04767,"epss_percentile":0.89688,"used_in_malware":"unknown","added_date":"2026-06-01T13:22:22.312Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-2749"},{"cve_id":"CVE-2023-27351","title":"This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication...","vendor":"PaperCut","product":"NG","cvss_score":7.5,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.65644,"epss_percentile":0.9852,"used_in_malware":"yes","added_date":"2026-06-01T13:22:22.013Z","primary_source":"CVE","all_sources":["The Shadowserver (via CIRCL)","CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2023-27351"},{"cve_id":"CVE-2026-32201","title":"Microsoft SharePoint Server Spoofing Vulnerability","vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition","cvss_score":6.5,"cvss_severity":"MEDIUM","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.07891,"epss_percentile":0.92201,"used_in_malware":"unknown","added_date":"2026-06-01T13:07:19.548Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-32201"},{"cve_id":"CVE-2026-34621","title":"Acrobat Reader | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') (CWE-1321)","vendor":"Adobe","product":"Acrobat Reader","cvss_score":8.6,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":false,"low_complexity":true},"epss_score":0.11034,"epss_percentile":0.93601,"used_in_malware":"unknown","added_date":"2026-06-01T13:07:13.584Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-34621"},{"cve_id":"CVE-2025-60710","title":"Host Process for Windows Tasks Elevation of Privilege Vulnerability","vendor":"Microsoft","product":"Windows 11 Version 24H2, Windows 11 Version 25H2, Windows Server 2025, Windows Server 2025 (Server Core installation)","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.19032,"epss_percentile":0.95473,"used_in_malware":"unknown","added_date":"2026-06-01T13:07:10.908Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-60710"},{"cve_id":"CVE-2023-36424","title":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","vendor":"Microsoft","product":"Windows 11 version 22H3, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 23H2, Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 11 version 21H2, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008  Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation)","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.09761,"epss_percentile":0.93118,"used_in_malware":"unknown","added_date":"2026-06-01T13:07:10.027Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2023-36424"},{"cve_id":"CVE-2023-21529","title":"Microsoft Exchange Server Remote Code Execution Vulnerability","vendor":"Microsoft","product":"Microsoft Exchange Server 2019 Cumulative Update 12, Microsoft Exchange Server 2019 Cumulative Update 11, Microsoft Exchange Server 2013 Cumulative Update 23, Microsoft Exchange Server 2016 Cumulative Update 23","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.27044,"epss_percentile":0.96491,"used_in_malware":"yes","added_date":"2026-06-01T13:07:10.012Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2023-21529"},{"cve_id":"CVE-2020-9715","title":"Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an...","vendor":"Adobe","product":"Adobe Acrobat and Reader","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":false,"low_complexity":true},"epss_score":0.79189,"epss_percentile":0.9909,"used_in_malware":"unknown","added_date":"2026-06-01T13:07:09.997Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2020-9715"},{"cve_id":"CVE-2026-1340","title":"A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.","vendor":"Ivanti","product":"Endpoint Manager Mobile","cvss_score":9.8,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.73873,"epss_percentile":0.98841,"used_in_malware":"unknown","added_date":"2026-06-01T13:06:56.355Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-1340"},{"cve_id":"CVE-2026-3502","title":"TrueConf Client Update Integrity Verification Bypass","vendor":"TrueConf","product":"TrueConf Client","cvss_score":7.8,"cvss_severity":"HIGH","cvss_highlights":{"network":false,"no_user_interaction":false,"low_complexity":true},"epss_score":0.03135,"epss_percentile":0.87163,"used_in_malware":"unknown","added_date":"2026-06-01T12:42:57.616Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-3502"},{"cve_id":"CVE-2026-5281","title":"Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute...","vendor":"Google","product":"Chrome","cvss_score":8.8,"cvss_severity":"HIGH","cvss_highlights":{"network":true,"no_user_interaction":false,"low_complexity":true},"epss_score":0.00915,"epss_percentile":0.76358,"used_in_malware":"unknown","added_date":"2026-06-01T12:42:47.145Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-5281"},{"cve_id":"CVE-2025-53521","title":"BigIP APM Vulnerability","vendor":"F5","product":"BIG-IP","cvss_score":9.3,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.08766,"epss_percentile":0.92693,"used_in_malware":"unknown","added_date":"2026-06-01T12:26:16.067Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-53521"},{"cve_id":"CVE-2026-33634","title":"Trivy ecosystem supply chain briefly compromised","vendor":"aquasecurity, BerriAI, team-telnyx","product":"setup-trivy, trivy-action, trivy, LiteLLM, telnyx","cvss_score":9.4,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.23896,"epss_percentile":0.96144,"used_in_malware":"unknown","added_date":"2026-06-01T12:26:13.195Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-33634"},{"cve_id":"CVE-2026-33017","title":"Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint","vendor":"langflow-ai","product":"langflow","cvss_score":9.3,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":true},"epss_score":0.24652,"epss_percentile":0.96255,"used_in_malware":"unknown","added_date":"2026-06-01T12:26:07.241Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2026-33017"},{"cve_id":"CVE-2025-54068","title":"Livewire vulnerable to remote command execution during property update hydration","vendor":"livewire","product":"livewire","cvss_score":9.2,"cvss_severity":"CRITICAL","cvss_highlights":{"network":true,"no_user_interaction":true,"low_complexity":false},"epss_score":0.58885,"epss_percentile":0.98257,"used_in_malware":"unknown","added_date":"2026-06-01T12:25:49.925Z","primary_source":"CVE","all_sources":["CISA","Daily CyberSecurity","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-54068"},{"cve_id":"CVE-2025-43520","title":"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS...","vendor":"Apple","product":"iOS and iPadOS, macOS, tvOS, visionOS, watchOS","cvss_score":5.5,"cvss_severity":"MEDIUM","cvss_highlights":{"network":false,"no_user_interaction":true,"low_complexity":true},"epss_score":0.00265,"epss_percentile":0.50269,"used_in_malware":"unknown","added_date":"2026-06-01T12:25:49.913Z","primary_source":"CVE","all_sources":["CISA","CVE"],"ahead_of_cisa_kev":{"unit":"day","count":1},"source_url":"https://www.cve.org/CVERecord?id=CVE-2025-43520"}],"pagination":{"current_page":1,"total_pages":26,"total_count":2555,"per_page":100,"next_page":2,"prev_page":null,"first_page":1,"last_page":26}}