Detections
Analytics

CVEs

Tenable maintains a list of Common Vulnerabilities and Exposures (CVEs) and their affected products. Tenable augments the data to include related Tenable Plugins that detect each vulnerability. 326117 CVEs are indexed from NVD.

RSS Feeds

Search

Vulnerability Watch ›

  • CVE-2025-14847
    highVulnerability of Interest

    Exploitation of this MongoDB vulnerability have been reported and exploit code has been publicly released. Immediate patching is recommended.

  • CVE-2025-14733
    criticalVulnerability of Interest

    This RCE flaw affecting WatchGuard Firebox can be exploited in certain configurations. Exploitation has been observed and immediate patching is recommended.

  • CVE-2025-20393
    criticalVulnerability of Interest

    A Cisco Secure Email Gateway And Cisco Secure Email and Web Manager command injection flaw can be exploited in certain configurations, limited exploitation has been observed.

  • CVE-2020-12812
    criticalVulnerability of Interest

    This improper authentication vulnerability affecting Fortinet devices is exploitable in certain configurations. Exploitation has been observed and patching is recommended.

  • CVE-2025-52691
    criticalVulnerability Being Monitored

    While no evidence of exploitation has been observed, this RCE in SmarterMail should be patched as soon as possible. It was assigned the maximum CVSS score of 10

  • CVE-2025-13915
    criticalVulnerability Being Monitored

    This critical authentication bypass vulnerability affecting IBM API Connect should be patched as soon as possible.

  • CVE-2025-68613
    criticalVulnerability Being Monitored

    Code execution is possible in some conditions. Immediate updating of the n8n automation platform is recommended.

  • CVE-2025-37164
    criticalVulnerability Being Monitored

    This HPE OneView RCE was assigned the maximum CVSS score of 10. While no exploitation has been reported, immediate patching is recommended.

Newest ›

  • CVE-2025-13820
    critical

    The Comments WordPress plugin before 7.6.40 does not properly validate user's identity when...

  • CVE-2025-69413
    medium

    In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists.

  • CVE-2025-22203
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22202
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22201
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22200
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22199
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22198
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22197
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22196
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

Updated ›

  • CVE-2025-69413
    medium

    In Gitea before 1.25.2, /api/v1/user has different responses for failed authentication depending on whether a username exists.

  • CVE-2025-69412
    low

    KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing Lookup API (aka phishing API), which might allow spoofing of threat data. NOTE: this Lookup API is not contacted in the messagelib default configuration.

  • CVE-2025-22203
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22202
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22201
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22200
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22199
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22198
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22197
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

  • CVE-2025-22196
    No Score

    Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.