VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
Vulnerability Resolved in Veeam Backup & Replication 12.3.2.4854 KB ID: 4869 Product: Veeam Backup & Replication | 12 | 12.1 | 12.2 | 12.3 | 12.3.1 | 12.3.2 Published: 2026-06-09 Last Modified: 2026-06-09 All vulnerabilities documented in this article were resolved in Veeam Backup & Replication 12.3.2.4854.
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. Affected products named by the advisory: Microsoft SharePoint Enterprise Server 2016; Microsoft SharePoint Server 2019; Microsoft SharePoint Server Subscription Edition.
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. Affected products named by the advisory: Microsoft SharePoint Enterprise Server 2016; Microsoft SharePoint Server 2019; Microsoft SharePoint Server Subscription Edition.
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. Affected products named by the advisory: Microsoft SharePoint Enterprise Server 2016; Microsoft SharePoint Server 2019; Microsoft SharePoint Server Subscription Edition.
An OS command injection vulnerability in Ivanti EPMM before 12.9.0.1, 12.8.0.3 and 12.7.0.2 versions allows a remote authenticated attacker to execute arbitrary commands as root
Ivanti releases standard security patches on the second Tuesday of every month. In today’s rapidly evolving technology and threat landscape, we believe responsible transparency should be a cornerstone of any product security program. AI is compressing the time-to-exploit, and Ivanti uses leading technologies to proactively find and fix issues ––including integrating advanced LLMs into our Engineering and product security to enhance the capabilities of our teams. Our philosophy is simple: discovering and communicating vulnerabilities, and sharing that information with defenders, is not an indication of weakness; rather it is evidence of rigorous scrutiny and a proactive vulnerability management program. By aggressively seeking to identify and address vulnerabilities, our aim is to get ahead of threat actors to ensure our customers can take the steps needed to protect their environments. To that end, today Ivanti is disclosing vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) and Ivanti Sentry. It is important for customers to know: We have no evidence of these vulnerabilities being exploited in the wild. These vulnerabilities do not impact any other Ivanti solutions.
Windows DNS Client Elevation of Privilege Vulnerability Affected products named by the advisory: Windows Server 2019; Windows Server 2022; Windows Server 2025; Windows Server 2016; and 2 more. Affected products named by the advisory: Windows Server 2012 R2.
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability Affected products named by the advisory: Windows Server 2022; Windows Server 2019; Windows Server 2025; Windows Server 2016; and 2 more. Affected products named by the advisory: Windows Server 2012 R2.
Windows Device Health Attestation (DHA) Elevation of Privilege Vulnerability Affected products named by the advisory: Windows Server 2019; Windows Server 2022; Windows Server 2025; Windows Server 2016.
Windows Program Compatibility Assistant Service Elevation of Privilege Vulnerability Affected products named by the advisory: Windows Server 2022; Windows Server 2025.
Microsoft Exchange Server Information Disclosure Vulnerability Affected products named by the advisory: Microsoft Exchange Server 2016 Cumulative Update 23; Microsoft Exchange Server Subscription Edition RTM; Microsoft Exchange Server 2019 Cumulative Update 15; Microsoft Exchange Server 2019 Cumulative Update 14.
Microsoft Exchange Server Elevation of Privilege Vulnerability Affected products named by the advisory: Microsoft Exchange Server Subscription Edition RTM; Microsoft Exchange Server 2019 Cumulative Update 15; Microsoft Exchange Server 2016 Cumulative Update 23; Microsoft Exchange Server 2019 Cumulative Update 14.
Microsoft Exchange Server Remote Code Execution Vulnerability Affected products named by the advisory: Microsoft Exchange Server 2016 Cumulative Update 23; Microsoft Exchange Server 2019 Cumulative Update 14; Microsoft Exchange Server 2019 Cumulative Update 15; Microsoft Exchange Server Subscription Edition RTM.
Windows Bluetooth Service Elevation of Privilege Vulnerability Affected products named by the advisory: Windows Server 2019; Windows Server 2022; Windows Server 2025; Windows Server 2016.
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Affected products named by the advisory: Windows Server 2019; Windows Server 2022; Windows Server 2025; Windows Server 2016; and 2 more. Affected products named by the advisory: Windows Server 2012 R2.
Windows Bluetooth Port Driver Elevation of Privilege Vulnerability Affected products named by the advisory: Windows Server 2022; Windows Server 2025.
Windows Hyper-V Remote Code Execution Vulnerability Affected products named by the advisory: Windows Server 2019; Windows Server 2022; Windows Server 2025; Windows Server 2016.
Windows Hyper-V Remote Code Execution Vulnerability Affected products named by the advisory: Windows Server 2022; Windows Server 2025.
Windows Active Directory Domain Services Remote Code Execution Vulnerability Affected products named by the advisory: Windows Server 2022; Windows Server 2025.