[ { "cveID": "CVE-2026-41940", "euvdID": "EUVD-2026-26246", "vendorProject": "WebPros", "product": "cPanel", "dateReported": "2026/05/08", "patchedSince": "2026/04/28", "originSource": "CERT-PL", "shortDescription": "cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "CWE-306", "notes": "https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026" }, { "cveID": "CVE-2024-42009", "euvdID": "EUVD-2024-39391", "vendorProject": "RoundCube", "product": "Webmail", "dateReported": "2026/04/27", "patchedSince": "2024/08/04", "originSource": "CERT-PL", "shortDescription": "A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in message_body() in program/actions/mail/show.php.", "exploitationType": "APT", "threatActorsExploiting": "UNC1151", "cwes": "CWE-79", "notes": "https://cert.pl/en/posts/2025/06/unc1151-campaign-roundcube/" }, { "cveID": "CVE-2026-20963", "euvdID": "EUVD-2026-2114", "vendorProject": "Microsoft", "product": "Microsoft SharePoint", "vulnerabilityName": "-", "dateReported": "2026/03/12", "patchedSince": "2026/02/13", "originSource": "cnw", "shortDescription": "Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "CWE-502", "notes": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20963" }, { "cveID": "CVE-2026-1281", "euvdID": "EUVD-2026-4940", "vendorProject": "Ivanti", "product": "Endpoint Manager Mobile", "vulnerabilityName": "-", "dateReported": "2026/01/29", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://www.ncsc.nl/alert/casus-kwetsbaarheden-ivanti-epmm-systemen" }, { "cveID": "CVE-2026-1340", "euvdID": "EUVD-2026-4936", "vendorProject": "Ivanti", "product": "Endpoint Manager Mobile", "vulnerabilityName": "-", "dateReported": "2026/01/29", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://www.ncsc.nl/alert/casus-kwetsbaarheden-ivanti-epmm-systemen" }, { "cveID": "CVE-2025-59719", "euvdID": "EUVD-2025-202191", "vendorProject": "Fortinet", "product": "Fortiweb", "vulnerabilityName": "-", "dateReported": "2026/01/27", "patchedSince": "tbc", "originSource": "CERT-AT", "shortDescription": "An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://www.cert.at/en/blog/2026/1/threat-actors-use-forticloud-to-collect-ldap-connection-passwords, https://www.cert.at/en/blog/2026/1/look-at-forticloud-sso-bypass-exploitation" }, { "cveID": "CVE-2025-59718", "euvdID": "EUVD-2025-202198", "vendorProject": "Fortinet", "product": "FortiOS,FortiProxy,FortiSwitchManager", "vulnerabilityName": "-", "dateReported": "2026/01/27", "patchedSince": "tbc", "originSource": "CERT-AT", "shortDescription": "A improper verification of cryptographic signature vulnerability in Fortinet FortiOS, FortiProxy, FortiSwitchManager allows an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://www.cert.at/en/blog/2026/1/threat-actors-use-forticloud-to-collect-ldap-connection-passwords, https://www.cert.at/en/blog/2026/1/look-at-forticloud-sso-bypass-exploitation" }, { "cveID": "CVE-2025-25231", "euvdID": "EUVD-2025-24160", "vendorProject": "Omnissa", "product": "Omnissa Workspace ONE UEM", "vulnerabilityName": "-", "dateReported": "2025/09/09", "patchedSince": "tbc", "originSource": "CERT-PL", "shortDescription": "Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests (read-only) to restricted API endpoints", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://moje.cert.pl/komunikaty/2025/29/aktywnie-wykorzystywana-krytyczna-podatnosc-w-narzedziu-omnissa-workspace-one-uem-airwatch-mdm/" }, { "cveID": "CVE-2025-6543", "euvdID": "EUVD-2025-19085", "vendorProject": "Citrix", "product": "Citrix ADC and Citrix Gateway", "vulnerabilityName": "-", "dateReported": "2025/07/18", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2010-0738", "euvdID": "EUVD-2010-0764", "vendorProject": "Red Hat", "product": "JBoss Application Server", "vulnerabilityName": "-", "dateReported": "2025/07/14", "patchedSince": "tbc", "originSource": "CERT Italia", "shortDescription": "This management interface allows administrative operations to be performed without adequate access controls allowing a remote attacker to interact with the system in an unauthorized manner", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://www.acn.gov.it/portale/w/distribuzione-di-payload-malevoli-tramite-vulnerabilita-note" }, { "cveID": "CVE-2011-4085", "euvdID": "EUVD-2011-4036", "vendorProject": "Red Hat", "product": "JBoss Application Server", "vulnerabilityName": "-", "dateReported": "2025/07/14", "patchedSince": "tbc", "originSource": "CERT Italia", "shortDescription": "Some management interfaces remain accessible and lack effective access control mechanisms", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://www.acn.gov.it/portale/w/distribuzione-di-payload-malevoli-tramite-vulnerabilita-note" }, { "cveID": "CVE-2015-7501", "euvdID": "EUVD-2022-3799", "vendorProject": "Apache", "product": "Commons Collections library", "vulnerabilityName": "-", "dateReported": "2025/07/14", "patchedSince": "tbc", "originSource": "CERT Italia", "shortDescription": "the system accepts serialized objects without verifying their origin or reliability allowing an attacker to send specially crafted payloads that are then deserialized and executed", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://www.acn.gov.it/portale/w/distribuzione-di-payload-malevoli-tramite-vulnerabilita-note" }, { "cveID": "CVE-2017-12149", "euvdID": "EUVD-2017-3733", "vendorProject": "Red Hat", "product": "JBoss Application Server", "vulnerabilityName": "-", "dateReported": "2025/07/14", "patchedSince": "tbc", "originSource": "CERT Italia", "shortDescription": "the servlet exposes an endpoint that allows you to invoke Java Management Extensions (JMX) operations without any authentication or access control", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "https://www.acn.gov.it/portale/w/distribuzione-di-payload-malevoli-tramite-vulnerabilita-note" }, { "cveID": "CVE-2024-55591", "euvdID": "EUVD-2024-52819", "vendorProject": "Fortinet", "product": "FortiOS/FortiProxy", "vulnerabilityName": "-", "dateReported": "2025/02/13", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "authentication bypass using an alternate path or channel vulnerability", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "CWE-288", "notes": "-" }, { "cveID": "CVE-2023-3519", "euvdID": "EUVD-2023-44176", "vendorProject": "Citrix", "product": "Citrix ADC and Citrix Gateway", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2023-27997", "euvdID": "EUVD-2023-31722", "vendorProject": "Fortinet", "product": "FortiOS and FortiProxy", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2023-46604", "euvdID": "EUVD-2023-2719", "vendorProject": "Apache", "product": "ActiveMQ", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2023-22515", "euvdID": "EUVD-2023-26655", "vendorProject": "Atlassian", "product": "Confluence Server and Data Server", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2023-46747", "euvdID": "EUVD-2023-50916", "vendorProject": "F5", "product": "BIG-IP", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2023-48788", "euvdID": "EUVD-2023-52821", "vendorProject": "Fortinet", "product": "FortiClientEMS", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2020-1472", "euvdID": "EUVD-2020-12346", "vendorProject": "Microsoft", "product": "Netlogon (ZeroLogon)", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2020-0787", "euvdID": "EUVD-2020-2274", "vendorProject": "Microsoft", "product": "Windows BITS26", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2017-0144", "euvdID": "EUVD-2017-0511", "vendorProject": "Microsoft", "product": "Windows (SMBv1 - EternalBlue)", "vulnerabilityName": "-", "dateReported": "2025/01/23", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "ransomware", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2024-8963", "euvdID": "EUVD-2024-49510", "vendorProject": "Ivanti", "product": "CSA (Cloud Services Appliance)", "vulnerabilityName": "-", "dateReported": "2025/01/17", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2024-8190", "euvdID": "EUVD-2024-49004", "vendorProject": "Ivanti", "product": "CSA (Cloud Services Appliance)", "vulnerabilityName": "-", "dateReported": "2025/01/17", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" }, { "cveID": "CVE-2024-9380", "euvdID": "EUVD-2024-49898", "vendorProject": "Ivanti", "product": "CSA (Cloud Services Appliance)", "vulnerabilityName": "-", "dateReported": "2025/01/17", "patchedSince": "tbc", "originSource": "cnw", "shortDescription": "-", "exploitationType": "-", "threatActorsExploiting": "-", "cwes": "-", "notes": "-" } ]