Security Bulletins

Active threat advisories and known exploited vulnerabilities.

Pulled daily from the CISA Known Exploited Vulnerabilities catalog. Every entry has confirmed active exploitation in the wild. Last synced Jun 12, 2026.

1,619 total bulletins 1,619 critical or high severity Source: CISA KEV + NVD
All 1,619 Critical 1,619 High 0 Medium 0 Low 0 1,619 critical entries
Critical CVE-2024-41710 Mitel · SIP Phones Added Feb 12, 2025

Mitel SIP Phones Argument Injection Vulnerability

Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, contain an argument injection vulnerability due to insufficient parameter sanitization during the boot process. Successful exploitation may allow an attacker to execute arbitrary commands within the context of the system.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2024-40891 Zyxel · DSL CPE Devices Added Feb 11, 2025

Zyxel DSL CPE OS Command Injection Vulnerability

Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the management commands that could allow an authenticated attacker to execute OS commands via Telnet.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2024-40890 Zyxel · DSL CPE Devices Added Feb 11, 2025

Zyxel DSL CPE OS Command Injection Vulnerability

Multiple Zyxel DSL CPE devices contain a post-authentication command injection vulnerability in the CGI program that could allow an authenticated attacker to execute OS commands via a crafted HTTP request.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-21418 Microsoft · Windows Added Feb 11, 2025

Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability

Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-21391 Microsoft · Windows Added Feb 11, 2025

Microsoft Windows Storage Link Following Vulnerability

Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-0994 Trimble · Cityworks Added Feb 7, 2025

Trimble Cityworks Deserialization Vulnerability

Trimble Cityworks contains a deserialization vulnerability. This could allow an authenticated user to perform a remote code execution attack against a customer's Microsoft Internet Information Services (IIS) web server.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2020-15069 Sophos · XG Firewall Added Feb 6, 2025

Sophos XG Firewall Buffer Overflow Vulnerability

Sophos XG Firewall contains a buffer overflow vulnerability that allows for remote code execution via the "HTTP/S bookmark" feature.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2020-29574 Sophos · CyberoamOS Added Feb 6, 2025

CyberoamOS (CROS) SQL Injection Vulnerability

CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2024-21413 Microsoft · Office Outlook Added Feb 6, 2025

Microsoft Outlook Improper Input Validation Vulnerability

Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2022-23748 Audinate · Dante Discovery Added Feb 6, 2025

Dante Discovery Process Control Vulnerability

Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading attack. A local attacker can leverage this vulnerability in the Dante Application Library to execute arbitrary code.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-0411 7-Zip · 7-Zip Added Feb 6, 2025

7-Zip Mark of the Web Bypass Vulnerability

7-Zip contains a protection mechanism failure vulnerability that allows remote attackers to bypass the Mark-of-the-Web security feature to execute arbitrary code in the context of the current user.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2024-53104 Linux · Kernel Added Feb 5, 2025

Linux Kernel Out-of-Bounds Write Vulnerability

Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2018-19410 Paessler · PRTG Network Monitor Added Feb 4, 2025

Paessler PRTG Network Monitor Local File Inclusion Vulnerability

Paessler PRTG Network Monitor contains a local file inclusion vulnerability that allows a remote, unauthenticated attacker to create users with read-write privileges (including administrator).

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2018-9276 Paessler · PRTG Network Monitor Added Feb 4, 2025

Paessler PRTG Network Monitor OS Command Injection Vulnerability

Paessler PRTG Network Monitor contains an OS command injection vulnerability that allows an attacker with administrative privileges to execute commands via the PRTG System Administrator web console.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2024-29059 Microsoft · .NET Framework Added Feb 4, 2025

Microsoft .NET Framework Information Disclosure Vulnerability

Microsoft .NET Framework contains an information disclosure vulnerability that exposes the ObjRef URI to an attacker, ultimately enabling remote code execution.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2024-45195 Apache · OFBiz Added Feb 4, 2025

Apache OFBiz Forced Browsing Vulnerability

Apache OFBiz contains a forced browsing vulnerability that allows a remote attacker to obtain unauthorized access.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-24085 Apple · Multiple Products Added Jan 29, 2025

Apple Multiple Products Use-After-Free Vulnerability

Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-23006 SonicWall · SMA1000 Appliances Added Jan 24, 2025

SonicWall SMA1000 Appliances Deserialization Vulnerability

SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2020-11023 JQuery · JQuery Added Jan 23, 2025

JQuery Cross-Site Scripting (XSS) Vulnerability

JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's browser.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2024-50603 Aviatrix · Controllers Added Jan 16, 2025

Aviatrix Controllers OS Command Injection Vulnerability

Aviatrix Controllers contain an OS command injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_destination_instances, or src_cloud_type for flightpath_connection_test.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-21335 Microsoft · Windows Added Jan 14, 2025

Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-21334 Microsoft · Windows Added Jan 14, 2025

Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability

Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2025-21333 Microsoft · Windows Added Jan 14, 2025

Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability

Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2024-55591 Fortinet · FortiOS and FortiProxy Added Jan 14, 2025

Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability

Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed
Critical CVE-2023-48365 Qlik · Sense Added Jan 13, 2025

Qlik Sense HTTP Tunneling Vulnerability

Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

NVD Detail ↗ CISA KEV ↗ Patch deadline passed

Need help prioritizing these vulnerabilities?

ThreatGrid can assess your environment and map active CVEs to your monitored assets.