Recent CVE briefs
Direct links to the 100 most recently published RORA Threat Watch briefs — plain-English explanations of who is at risk, attacker behaviour and what to do.
- CVE-2026-10134 IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to read every secret available to the Langflow process, read and modify every flow, conversation, message, file upload, and saved component in…
- CVE-2026-48286 Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current…
- CVE-2026-48283 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the cu…
- CVE-2026-48282 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execu…
- CVE-2026-48281 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitati…
- CVE-2026-48277 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitati…
- CVE-2026-48276 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the cu…
- CVE-2026-54350 Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB…
- CVE-2025-71338 Flowise contains a path traversal vulnerability in the /api/v1/document-store/loader/process endpoint that allows unauthenticated attackers to write arbitrary files to the filesystem. Attackers can e…
- CVE-2026-54917 SeaweedFS is a distributed storage system for object storage (S3), file systems, and Iceberg tables. Prior to 4.30, the S3 API gateway and the Iceberg REST catalog gateway construct their routers wit…
- CVE-2026-53622 Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QUIC) TLS configuration selection that allows unauthenticated clients to byp…
- CVE-2026-48491 Traefik is an HTTP reverse proxy and load balancer. From 3.7.0 until 3.7.3, there is a high severity vulnerability in Traefik's domain-fronting protection (SNICheck) that allows an unauthenticated cl…
- CVE-2026-48020 Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.48, 3.6.19, and 3.7.3, there is a high severity vulnerability in Traefik's StripPrefix middleware that allows an unauthenticated atta…
- CVE-2026-54309 n8n is an open source workflow automation platform. Prior to 2.25.7 and 2.26.2, when @n8n/mcp-browser is run in HTTP transport mode, the MCP endpoint accepts session initialization and tool invocatio…
- CVE-2026-10561 IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute ar…
- CVE-2026-50242 In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was p…
- CVE-2026-12569 PTC Windchill and FlexPLM Improper Input Validation Vulnerability
- CVE-2026-20262 Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability
- CVE-2026-54420 LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability
- CVE-2026-48558 SimpleHelp Authentication Bypass Vulnerability
- CVE-2026-49261 MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with `wsrep_notify_…
- CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
- CVE-2026-20253 Splunk Enterprise Missing Authentication for Critical Function Vulnerability
- CVE-2026-48303 Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current…
- CVE-2026-47938 Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could result in arbitrary code execution in the context of t…
- CVE-2026-10520 Ivanti Sentry OS Command Injection Vulnerability
- CVE-2026-11645 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
- CVE-2026-50751 Check Point Security Gateway Improper Authentication Vulnerability
- CVE-2026-7473 Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability
- CVE-2026-48907 Widget Factory Joomla Content Editor Improper Access Control Vulnerability
- CVE-2026-48567 Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.
- CVE-2026-20245 Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability
- CVE-2026-28318 SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability
- CVE-2026-20230 Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
- CVE-2025-48595 Android Framework Integer Overflow Vulnerability
- CVE-2026-0257 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
- CVE-2026-48027 Nx Console Embedded Malicious Code Vulnerability
- CVE-2026-45247 Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability
- CVE-2026-47280 Improper authentication in Azure Resource Manager (ARM) allows an unauthorized attacker to elevate privileges over a network.
- CVE-2026-42901 Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network.
- CVE-2026-40412 Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.
- CVE-2026-23652 Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code over a network.
- CVE-2026-34910 Ubiquiti UniFi OS Improper Input Validation Vulnerability
- CVE-2026-34909 Ubiquiti UniFi OS Path Traversal Vulnerability
- CVE-2026-34908 Ubiquiti UniFi OS Improper Access Control Vulnerability
- CVE-2026-34926 Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability
- CVE-2026-48172 LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
- CVE-2026-9082 Drupal Core SQL Injection Vulnerability
- CVE-2026-20223 A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the S…
- CVE-2026-45498 Microsoft Defender Denial of Service Vulnerability
- CVE-2026-41091 Microsoft Defender Link Following Vulnerability
- CVE-2026-42960 NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to poisoning via promiscuous records for the authority section. Promiscuous RRSets that complement DNS replies in the authority sec…
- CVE-2026-43633 HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch between PHP and Node.js that allows unauthenticated rem…
- CVE-2026-8398 Daemon Tools Lite Embedded Malicious Code Vulnerability
- CVE-2026-42897 Microsoft Exchange Server Cross-Site Scripting Vulnerability
- CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
- CVE-2026-45321 TanStack Unspecified Vulnerability
- CVE-2026-42271 BerriAI LiteLLM Command Injection Vulnerability
- CVE-2026-42208 BerriAI LiteLLM SQL Injection Vulnerability
- CVE-2026-6973 Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability
- CVE-2026-0300 Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
- CVE-2026-35616 Fortinet FortiClient EMS access control flaw is listed in CISA KEV
- CVE-2026-1340 Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
- CVE-2026-34621 Adobe Acrobat and Reader Prototype Pollution Vulnerability
- CVE-2026-21643 Fortinet FortiClient EMS SQL Injection Vulnerability
- CVE-2020-9715 Adobe Acrobat Use-After-Free Vulnerability
- CVE-2023-36424 Microsoft Windows out-of-bounds read flaw listed in CISA KEV
- CVE-2025-60710 Microsoft Windows link following vulnerability is listed by CISA as known exploited
- CVE-2012-1854 Microsoft Visual Basic for Applications (VBA) insecure library loading flaw is listed in CISA KEV
- CVE-2026-32201 Microsoft SharePoint Server vulnerability listed in CISA KEV
- CVE-2009-0238 Microsoft Office flaw CVE-2009-0238 is listed by CISA as actively important
- CVE-2026-34197 Apache ActiveMQ input validation flaw listed by CISA KEV; affected organisations should review urgently
- CVE-2026-41940 Critical authentication bypass in cpanel, whm and wp_squared could allow unauthorised control panel access
- CVE-2026-31431 High-severity Linux kernel flaw in linux_kernel is listed in CISA KEV
- CVE-2026-33825 High-severity Microsoft Defender access control flaw affecting defender_antimalware_platform
- CVE-2026-32202 Microsoft Windows spoofing flaw affects several Windows 10 and 11 versions
- CVE-2026-39987 coreweave marimo critical flaw could allow unauthorised remote command execution
- CVE-2025-67038 Lantronix EDS5000 Code Injection Vulnerability
- CVE-2026-20133 Cisco Catalyst SD-WAN Manager sensitive information exposure added to CISA KEV
- CVE-2026-20128 Cisco Catalyst SD-WAN Manager password storage flaw is listed in CISA KEV
- CVE-2026-20122 Cisco Catalyst SD-WAN Manger privileged API vulnerability is listed in CISA KEV
- CVE-2025-34291 Langflow Origin Validation Error Vulnerability
- CVE-2025-32975 Quest KACE Systems Management Appliance (SMA) authentication flaw listed in CISA KEV
- CVE-2025-48700 Synacor Zimbra Collaboration Suite (ZCS) XSS flaw is listed in CISA KEV
- CVE-2025-29635 High-severity command injection flaw affects dlink dir-823x_firmware 240126 and 240802
- CVE-2025-2749 Kentico Xperience path traversal issue added to CISA KEV list
- CVE-2024-57728 SimpleHelp path traversal flaw could let an admin place files and run code on the server
- CVE-2024-57726 Critical SimpleHelp flaw could let low-privilege technicians gain server admin access
- CVE-2024-7399 Samsung MagicINFO 9 Server flaw could let an attacker write files with system-level access
- CVE-2024-21182 Oracle WebLogic Server Unspecified Vulnerability
- CVE-2024-27199 JetBrains TeamCity vulnerability with known ransomware use and KEV listing
- CVE-2024-1708 connectwise screenconnect path traversal flaw poses high risk to affected systems
- CVE-2023-27351 PaperCut NG/MF authentication flaw is high priority due to active criminal interest
- CVE-2023-21529 Microsoft Exchange Server flaw listed by CISA KEV with known ransomware use
- CVE-2022-0492 Linux Kernel Improper Authentication Vulnerability
- CVE-2010-0806 Microsoft Internet Explorer Use-After-Free Vulnerability
- CVE-2010-0249 Microsoft Internet Explorer Use-After-Free Vulnerability
- CVE-2009-3459 Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability
- CVE-2009-1537 Microsoft DirectX NULL Byte Overwrite Vulnerability
- CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability