| 298836 | GitLab 18.0 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-12575) | medium |
| 298835 | GitLab 17.1 < 18.6.4 / 18.7 < 18.7.2 / 18.8 < 18.8.2 (CVE-2025-13335) | medium |
| 298834 | GitLab 15.11 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12029) | high |
| 298833 | GitLab 17.11 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-14594) | low |
| 298832 | GitLab 18.1 < 18.3.6 / 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-11865) | medium |
| 298831 | GitLab 11.10 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12562) | high |
| 298830 | GitLab 18.5 < 18.5.5 / 18.6 < 18.6.3 / 18.7 < 18.7.1 (CVE-2025-13781) | medium |
| 298829 | GitLab 18.6 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-14592) | medium |
| 298828 | GitLab 15.10 < 18.3.6 / 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-11224) | medium |
| 298827 | GitLab 18.0 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-12073) | medium |
| 298826 | GitLab 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-11990) | low |
| 298825 | GitLab 18.6 < 18.6.3 / 18.7 < 18.7.1 (CVE-2025-13761) | critical |
| 298824 | GitLab 16.9 < 18.3.6 / 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-12983) | medium |
| 298823 | GitLab 13.2 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-13611) | medium |
| 298822 | GitLab 18.3 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-12653) | medium |
| 298821 | GitLab 17.10 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-12571) | high |
| 298770 | Roundcube Webmail 1.5.x < 1.5.13 / 1.6.x < 1.6.13 Multiple Vulnerabilities | medium |
| 298511 | BeyondTrust Privileged Remote Access (PRA) <= 24.3.4 Pre-Authentication RCE (BT26-02) | critical |
| 298510 | BeyondTrust Remote Support (RS) < 25.3.2 Pre-Authentication RCE (BT26-02) | critical |
| 298255 | Atlassian Confluence 7.19 < 8.5.31 / 8.6.x < 9.2.13 / 9.3.x < 10.2.2 (CONFSERVER-101872) | critical |
| 298241 | SmarterMail < 100.0.9511 Unauthenticated RCE via ConnectToHub API (CVE-2026-24423) | critical |
| 298175 | Atlassian Confluence 7.7.x < 8.5.31 / 8.6.x < 9.2.13 / 9.3.1 < 10.2.2 (CONFSERVER-101878) | critical |
| 298174 | Atlassian Confluence 7.13 < 9.2.11 / 9.3.1 < 10.1.0 (CONFSERVER-101827) | high |
| 298043 | Atlassian Confluence 9.2.8 < 9.2.11 (CONFSERVER-101842) | medium |
| 298040 | FreePBX 13.x < 13.0.197.14 / 14.x < 14.0.13.12 / 15.x < 15.0.16.27 Remote Admin Authentication Bypass | critical |
| 298039 | FreePBX 17.0.2.36 < 17.0.3 Command Injection (GHSA-vm9p-46mv-5xvw) | high |
| 297849 | ManageEngine OpManager Stored XSS in Subnet Details (CVE-2025-9226) | medium |
| 297831 | Dotnetnuke 9.0.x < 9.13.10 / 10.0.x < 10.2.0 Stored XSS in Module Deletion Confirmation Modal (CVE-2026-24837) | medium |
| 297830 | Dotnetnuke 9.0.x < 9.13.10 / 10.0.x < 10.02.00 Potential XSS vulnerability in modules' header and footer (CVE-2026-24784) | medium |
| 297829 | Dotnetnuke < 9.13.10 / 10.0.x < 10.02.00 Stored XSS in Module Description (CVE-2026-24833) | medium |
| 297828 | Dotnetnuke 9.0.x < 9.13.10 / 10.0.x < 10.02.00 Stored XSS in Scheduler LogNotes (CVE-2026-24836) | medium |
| 297827 | Dotnetnuke < 9.13.10 / 10.0.x < 10.02.00 Stored XSS via Module Title (CVE-2026-24838) | medium |
| 297224 | SmarterMail < 100.0.9511 Auth Bypass (CVE-2026-23760) | critical |
| 297222 | SmarterMail < 100.0.9413 Unrestricted File Upload Remote Code Execution (CVE-2025-52691) | critical |
| 297134 | Zimbra Collaboration Server 10.0.x < 10.0.18, 10.1.x < 10.1.13 Local File Inclusion | high |
| 297129 | Splunk Enterprise 9.2.0 < 9.2.12, 9.3.0 < 9.3.9, 9.4.0 < 9.4.8, 10.0.0 < 10.0.3 (SVD-2026-0101) | high |
| 296366 | Oracle Primavera Gateway (January 2026 CPU) | medium |
| 295029 | Oracle Primavera Unifier (January 2026 CPU) | critical |
| 294995 | Oracle Primavera P6 Enterprise Project Portfolio Management (January 2026 CPU) | medium |
| 292785 | Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101575) | high |
| 292784 | Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.x < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101573) | high |
| 286274 | Kibana 7.x / 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_08) | medium |
| 286273 | Kibana 7.10.x < 7.17.30 / 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_04) | medium |
| 286272 | Kibana 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_05) | high |
| 286271 | Kibana 7.10.x < 7.17.30 / 8.x < 8.19.10 / 9.1.x < 9.1.10 / 9.2.x < 9.2.4 (ESA_2026_03) | medium |
| 286265 | ServiceNow Platform Jelly Template Injection (CVE-2024-4879) | critical |
| 283727 | Atlassian Confluence 9.0.1 < 9.2.1 / 9.3.1 < 9.4.0 / 9.5.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101574) | critical |
| 282639 | Atlassian Confluence 7.19.0 < 8.5.10 / 8.6.x < 9.2.5 / 9.3.x < 9.3.1 / 9.4.x < 9.5.1 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101478) | high |
| 282638 | Atlassian Confluence 7.19.0 < 8.5.20 / 8.6.x < 9.2.6 / 9.3.x < 9.3.1 / 9.4.0 / 9.5.x < 9.5.2 / 10.0.x < 10.0.2 / 10.1.0 / 10.2.0 (CONFSERVER-101489) | high |
| 282478 | MongoDB Unauthenicated Uninitialized Heap Memory Leak (MongoBleed) (CVE-2025-14847) (Direct Check) | high |
