VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
Critical/high still unreviewed, or CISA KEV listed
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed.
Multiple NetApp products incorporate Libcurl. Libcurl versions 7.71.0 through 8.19.0 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS). Successful exploitation of this vulnerability could lead to Denial of Service (DoS). Affected products: NetApp HCI Baseboard Management Controller (BMC) - H610S. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Libcurl. Libcurl versions 7.40.0 through 8.19.0 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. Successful exploitation of this vulnerability could lead to disclosure of sensitive information. Affected products: NetApp HCI Baseboard Management Controller (BMC) - H610S. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple NetApp products incorporate Libcurl. Libcurl versions 7.14.0 through 8.19.0 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information. Successful exploitation of this vulnerability could lead to disclosure of sensitive information. Affected products: NetApp HCI Baseboard Management Controller (BMC) - H610S. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R <br/>Security Impact Rating: Critical <br/>CVE: CVE-2026-20209,CVE-2026-20210,CVE-2026-20224
Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network Services Orchestrator (NSO), additional information has been made available to the Cisco Product Security Incident Response Team (PSIRT). Upon further analysis, the Cisco PSIRT has reclassified this issue as a customer-configurable, resource management issue rather than a security vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nso-dos-7Egqyc <br/>Security Impact Rating: Informational <br/>CVE: CVE-2026-20188
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Affected products named by the advisory: Red Hat Enterprise Linux 10.0 Extended Update Support; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; and 3 more.
A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet.
An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle (MitM) attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can capture sensitive device information. The Prisma Access Agent on macOS, Windows, Linux and iOS are not affected.
An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle (MitM) attacker to impersonate the controller.
An information disclosure vulnerability in Trust Protection Foundation enables an authenticated attacker to obtain sensitive information from the server's vault. Successful exploitation of this issue allows the attacker to impersonate any user within the environment and arbitrarily modify configuration settings.
A vulnerability exists in the ngx_http_scgi_module and ngx_http_uwsgi_module modules that may result in excessive memory allocation or an over-read of data. When scgi_pass or uwsgi_pass is configured, an unauthenticated attacker with man-in-the-middle (MITM) ability to control responses from an upstream server may be able to read the memory of the NGINX worker process or restart it. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Incorrect permission assignment vulnerabilities exist in BIG-IP and BIG-IQ TMOS Shell (tmsh) arp and ndp commands, and in BIG-IP iControl REST. These vulnerabilities may allow an authenticated attacker to view adjacent network information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Affected product named by the advisory: F5. Affected product named by the advisory: F5.
When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Affected product named by the advisory: F5. Affected product named by the advisory: F5.
A vulnerability exists in BIG-IP systems that may allow an authenticated attacker with administrative access to escalate their privileges. A successful exploit may allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
When embedded Packet Velocity Acceleration (ePVA) acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel (TMM) resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Affected product named by the advisory: F5. Affected product named by the advisory: F5.
When an HTTP/2 profile and an iRule containing the HTTP::redirect or HTTP::respond command are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. Affected product named by the advisory: F5. Affected product named by the advisory: F5.
A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.