CISA KEV — Last 30 Days · Stack-filtered · Newest first
Catalog total: 1,635
Product SharePoint Server
Vendor Microsoft
Added to KEV 2026-07-01
FCEB Deadline 2026-07-04
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network.
Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
Product cPanel Plugin
Vendor LiteSpeed
Added to KEV 2026-06-15
FCEB Deadline 2026-06-18
LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability
LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.
Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
NVD HIGH / CRITICAL — Last 14 Days · Stack-filtered · Score descending · Max 20
Published 2026-07-02
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.
Published 2026-06-30
LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or T…
Published 2026-07-06
Esri ArcGIS Server contains a directory traversal vulnerability. ArcGIS Enterprise on Kubernetes is not impacted. An unauthenticated attacker could exploit this issue by sending crafted path parameter…
Published 2026-07-10
PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agents_file parameter is directly interpolated into an f-string without sanitization. Attackers can i…
Published 2026-06-26
Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preven…
Published 2026-07-03
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
Published 2026-07-03
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
Published 2026-07-07
A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes. A remote, unauthorized attacker may assume owners…
Published 2026-07-03
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
Published 2026-06-26
In the Linux kernel, the following vulnerability has been resolved:
idpf: fix double free and use-after-free in aux device error paths
When auxiliary_device_add() fails in idpf_plug_vport_aux_dev() …
Published 2026-06-26
In the Linux kernel, the following vulnerability has been resolved:
mailbox: mailbox-test: don't free the reused channel
The RX channel can be aliased to the TX channel if it has a different
MMIO. T…
Published 2026-06-26
In the Linux kernel, the following vulnerability has been resolved:
mailbox: mailbox-test: free channels on probe error
On probe error, free the previously obtained channels. This not only
prevents …
Published 2026-07-03
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client for Windows allows a local attacker to escalate their privileges to NT AUTHORITY\SYSTEM on the machine where the…
Published 2026-07-10
PraisonAI (pip package praisonaiagents) before 1.6.78 contains an unsafe dynamic module loading vulnerability in AgentFlow._resolve_pydantic_class (src/praisonai-agents/praisonaiagents/workflows/workf…
Published 2026-07-08
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
Published 2026-06-27
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to vulnerabilities due to .NET Framework 4.5 being out of service. Since .NET Framework 4.5 has reached end-of-life and no longer receives sec…
Published 2026-07-03
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
Published 2026-07-03
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
Published 2026-07-08
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering…
Published 2026-07-08
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCII…
Monitored Stack
Infrastructure
Proxmox VE (NUC-Lab)NUC-Lab · 192.168.1.100
Debian 12Pi-Primary (.192), Pi-Secondary (.218)
Linux kernel6.1.21-v7+
Windows 11NUC desktop
Network / DNS
AdGuard Homev0.107.77 · current
Tailscale1.98.4 · 1.98.5 pending
WireGuardall nodes
Services
nginxreverse proxy
OpenSSHall nodes
Cloudflare PagesWorkers / ZT
Python 3.xautomation / build
Node.jstooling
Known Pending Patches
Action Required on Return Home
CVE-2026-31431
Kernel LPE — pending on Pi-Primary (.192) and Pi-Secondary (.218) · patch on return home
Tailscale 1.98.5
One patch ahead on both Pis · update on return home
Notable CVEs (Out-of-Stack, Situational Awareness)
Not in stack — tracking for situational awareness.
CISA KEV — FCEB deadline pending. Not in stack but CVSSv3 10.0 warrants awareness.