| 115296 | Ninja Forms - File Uploads Plugin for WordPress < 3.3.30 Unauthenticated Arbitrary File Read | high |
| 115295 | Adobe ColdFusion Remote Development Service Path Traversal | critical |
| 115294 | Joomla! 6.x < 6.1.2 Multiple Vulnerabilities | high |
| 115293 | Joomla! 5.x < 5.4.7 Multiple Vulnerabilities | high |
| 115292 | Joomla! SP Page Builder < 6.6.2 Arbitrary Files Upload | critical |
| 115291 | PHP 8.5.x < 8.5.8 Multiple Vulnerabilities | medium |
| 115290 | Microsoft SharePoint Server 2016 < 16.0.5552.1002 Insecure Deserialization | high |
| 115289 | Microsoft SharePoint Server 2019 < 16.0.10417.20128 Insecure Deserialization | high |
| 115288 | PHP 8.4.x < 8.4.23 Multiple Vulnerabilities | medium |
| 115287 | PHP 8.3.x < 8.3.32 Multiple Vulnerabilities | medium |
| 115286 | PHP 8.2.x < 8.2.32 Multiple Vulnerabilities | medium |
| 115285 | Nginx < 1.30.3 Multiple Vulnerabilities | critical |
| 115284 | Nginx 1.31.x < 1.31.2 Multiple Vulnerabilities | critical |
| 115283 | Apache Tomcat 9.0.0-M1 < 9.0.119 Multiple Vulnerabilities | critical |
| 115282 | Apache Tomcat 10.1.0-M1 < 10.1.56 Multiple Vulnerabilities | critical |
| 115281 | Apache Tomcat 11.0.0-M1 < 11.0.23 Multiple Vulnerabilities | critical |
| 115280 | Cacti Multiples Vulnerabilities | critical |
| 115274 | Popup Maker Plugin for WordPress < 1.21.0 Stored Cross-Site Scripting | medium |
| 115273 | RequireJS < 2.3.7 Prototype Pollution | critical |
| 115272 | Lodash < 4.17.23 Prototype Pollution | high |
| 115271 | Gravity SMTP Plugin for WordPress < 2.1.5 Sensitive Information Exposure | high |
| 115270 | Joomla! JCE < 2.9.99.5 Unrestricted File Upload | critical |
| 115269 | Product Slider Pro for WooCommerce Plugin for WordPress < 3.5.4 Backdoor | critical |
| 115268 | FortiSandbox 4.4.x < 4.4.9 / 5.0.x < 5.0.6 Path Traversal | critical |
| 115267 | Ivanti Sentry < 10.5.2 / 10.6.x < 10.6.2 / 10.7.x < 10.7.1 Remote Code Execution | critical |
| 115266 | Splunk Enterprise < 10.0.7 / 10.2.x < 10.2.4 Remote Code Execution | critical |
| 115265 | Oracle PeopleSoft 8.61 / 8.62 Remote Code Execution | critical |
| 115264 | UpdraftPlus Backup Plugin for WordPress < 1.26.5 Unauthenticated Authentication Bypass | high |
| 115263 | Apache 2.4.x < 2.4.68 Multiple Vulnerabilities | high |
| 115262 | PHP 8.5.x < 8.5.7 Multiple Vulnerabilities | medium |
| 115261 | Mirasvit Cache Warmer for Magento < 1.11.12 Remote Code Execution | critical |
| 115260 | Palo Alto PAN-OS < 12.1.7 GlobalProtect Authentication Bypass | high |
| 115259 | Roundcube Webmail 1.7.x < 1.7.1 SQL Injection | high |
| 115258 | Roundcube Webmail 1.6.x < 1.6.16 SQL Injection | high |
| 115257 | Joomla! 6.x < 6.1.1 Multiple Vulnerabilities | high |
| 115256 | Joomla! 3.x < 5.4.6 Multiple Vulnerabilities | high |
| 115255 | Nginx < 1.30.2 Buffer Overflow | critical |
| 115254 | Nginx 1.31.0 Buffer Overflow | critical |
| 115251 | Drupal JSONAPI SQL Injection | medium |
| 115250 | Drupal < 10.4.10 SQL Injection | medium |
| 115249 | Drupal 10.5.x < 10.5.10 SQL Injection | medium |
| 115248 | Drupal 10.6.x < 10.6.9 SQL Injection | medium |
| 115247 | Drupal 11.1.x < 11.1.10 SQL Injection | medium |
| 115246 | Drupal 11.2.x < 11.2.12 SQL Injection | medium |
| 115245 | Drupal 11.3.x < 11.3.10 SQL Injection | medium |
| 115244 | Burst Statistics Plugin for WordPress 3.4.x < 3.4.2 Authentication Bypass | critical |
| 115243 | Nginx < 1.30.1 Multiple Vulnerabilities | critical |
| 115242 | Next.js 16.0.x < 16.2.5 Server-Side Request Forgery | high |
| 115241 | Next.js 13.4.13 < 15.5.16 Server-Side Request Forgery | high |
| 115240 | Apache Tomcat 9.0.0-M1 < 9.0.118 Multiple Vulnerabilities | critical |