CISA KEV — Last 30 Days  ·  Stack-filtered  ·  Newest first Catalog total: 1,631
CVE-2026-45659 KNOWN EXPLOITED
Product SharePoint Server Vendor Microsoft Added to KEV 2026-07-01 FCEB Deadline 2026-07-04
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network.
Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-54420 KNOWN EXPLOITED
Product cPanel Plugin Vendor LiteSpeed Added to KEV 2026-06-15 FCEB Deadline 2026-06-18
LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability
LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.
Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
CVE-2026-11645 KNOWN EXPLOITED
Product Chromium V8 Vendor Google Added to KEV 2026-06-09 FCEB Deadline 2026-06-23
Google Chromium V8 Out-of-Bounds Read and Write Vulnerability
Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
NVD HIGH / CRITICAL — Last 14 Days  ·  Stack-filtered  ·  Score descending  ·  Max 20
CVE-2026-53753 9.8 CRITICAL
Published 2026-06-23
Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, the _safe_eval_expression() function in the computed fields feature uses an AST validator that only blocks attributes sta…
CVE-2026-56121 9.8 CRITICAL
Published 2026-06-24
Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request to the reg…
CVE-2026-48930 9.8 CRITICAL
Published 2026-06-26
A flaw in Node.js TLS hostname handling can cause Embedded-nul hostnames can lead to silent authority rebinding due to c-string truncation in resolver bindings. This vulnerability affects all suppo…
CVE-2026-58116 9.8 CRITICAL
Published 2026-06-30
LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or T…
CVE-2026-45405 9.0 CRITICAL
Published 2026-06-26
Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preven…
CVE-2026-47645 8.8 HIGH
Published 2026-06-19
Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network.
CVE-2026-49241 8.8 HIGH
Published 2026-06-22
The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom Ty…
CVE-2026-55602 8.6 HIGH
Published 2026-06-22
http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, bu…
CVE-2026-54762 8.6 HIGH
Published 2026-06-23
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to …
CVE-2026-54312 8.5 HIGH
Published 2026-06-23
n8n is an open source workflow automation platform. Prior to 2.24.0, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the Microsoft SQL …
CVE-2026-49444 8.5 HIGH
Published 2026-06-23
n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authenticated user with permission to create or modify workflows containing a Python Code Node could escap…
CVE-2026-50574 8.3 HIGH
Published 2026-06-23
yt-dlp is a command-line audio/video downloader. Prior to 2026.06.09, if aria2c is used as an external downloader for a fragmented manifest format (such as an HLS/DASH stream), yt-dlp passes insuffici…
CVE-2026-56351 8.2 HIGH
Published 2026-06-24
n8n before version 2.4.0 contains a sql injection vulnerability in MySQL, PostgreSQL, and Microsoft SQL nodes that allows authenticated users to inject arbitrary SQL through unescaped identifier value…
CVE-2026-49402 8.1 HIGH
Published 2026-06-23
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:child_process implementation provided an escapeShellArg() helper used when callers passed shell: true to spawn /…
CVE-2026-57456 7.8 HIGH
Published 2026-06-25
Vim is an open source, command line text editor. Prior to 9.2.0699, Vim's Python omni-completion (runtime/autoload/python3complete.vim and the legacy pythoncomplete.vim) executes reconstructed functio…
CVE-2026-8592 7.7 HIGH
Published 2026-06-25
OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression paramet…
References: cve@rapid7.com
CVE-2026-8660 7.7 HIGH
Published 2026-06-25
OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host parameter due to insufficient …
References: cve@rapid7.com
CVE-2026-8665 7.7 HIGH
Published 2026-06-25
OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters du…
References: cve@rapid7.com
CVE-2026-8666 7.7 HIGH
Published 2026-06-25
OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host, port, max_ttl, co…
References: cve@rapid7.com
CVE-2026-50269 7.5 HIGH
Published 2026-06-22
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.0, attacker-controlled input included into multipart/payload headers can be used to modify a request to in…
Monitored Stack

Infrastructure

Proxmox VE (NUC-Lab)NUC-Lab · 192.168.1.100
Debian 12Pi-Primary (.192), Pi-Secondary (.218)
Linux kernel6.1.21-v7+
Windows 11NUC desktop

Network / DNS

AdGuard Homev0.107.77 · current
Tailscale1.98.4 · 1.98.5 pending
WireGuardall nodes

Services

nginxreverse proxy
OpenSSHall nodes
Cloudflare PagesWorkers / ZT
Python 3.xautomation / build
Node.jstooling
Known Pending Patches

Action Required on Return Home

CVE-2026-31431 Kernel LPE — pending on Pi-Primary (.192) and Pi-Secondary (.218) · patch on return home
Tailscale 1.98.5 One patch ahead on both Pis · update on return home
Notable CVEs (Out-of-Stack, Situational Awareness)
Splunk CVE-2026-20253 9.8 CRITICAL NOT IN STACK
Not in stack — tracking for situational awareness.
Joomla CVE-2026-48907 10.0 CRITICAL CISA KEV NOT IN STACK
CISA KEV — FCEB deadline pending. Not in stack but CVSSv3 10.0 warrants awareness.