Vulnerabilities
20
Total Vulns
2
Critical
6
High
9
Open
6
In Progress
8
Patched (30d)
10days
Avg Remediation
4
Known Exploits
Last scan: 2026-05-26 21:53
Next scan: 2026-05-28 04:40
20 vulnerabilities found
| CVE | Vulnerability | Scope | Severity | CVSS | Affected Asset | Hosts | Status | Exploitability | Discovered | Last Scan |
|---|---|---|---|---|---|---|---|---|---|---|
CVE-2025-44891 |
Apache Log4j Deserialization RCE | External | Critical | 10 | Application Server | 1 | Open | Theoretical | 2026-04-09 | 2026-05-24 |
CVE-2026-21413 |
Microsoft Exchange Server Remote Code Execution | External | Critical | 9.8 | Exchange Server | 5 | Patched | Known | 2026-04-04 | 2026-05-25 |
CVE-2026-0217 |
OpenSSL Buffer Overflow in TLS Handshake | External | Critical | 9.1 | Web Server | 8 | Accepted Risk | Theoretical | 2026-03-28 | 2026-05-27 |
CVE-2026-1052 |
Windows Print Spooler Privilege Escalation | Internal | High | 8.4 | Windows Workstations | 5 | Patched | Known | 2026-05-04 | 2026-05-25 |
CVE-2025-38221 |
Cisco ASA VPN Authentication Bypass | External | High | 8.1 | VPN Gateway | 3 | Open | Known | 2026-05-08 | 2026-05-25 |
CVE-2026-0089 |
SMB Relay Attack (NTLM) | Internal | High | 7.8 | Domain Controller | 3 | Accepted Risk | Theoretical | 2026-04-08 | 2026-05-25 |
CVE-2025-52103 |
WordPress Plugin SQL Injection | External | High | 7.5 | Web Server | 4 | Open | Known | 2026-04-01 | 2026-05-25 |
CVE-2026-3301 |
Microsoft Office Macro RCE | Internal | Medium | 6.8 | Workstations | 1 | Open | Known | 2026-05-25 | 2026-05-25 |
CVE-2026-1187 |
Windows Credential Guard Bypass | Internal | Medium | 6.5 | Domain Controller | 7 | Open | Theoretical | 2026-05-11 | 2026-05-27 |
CVE-2025-49007 |
jQuery XSS in Selector Parsing | External | Medium | 6.1 | Web Application | 3 | Accepted Risk | Theoretical | 2026-05-17 | 2026-05-26 |
CVE-2026-2215 |
SSH Weak Key Exchange Algorithm | External | Medium | 5.9 | Linux Servers | 3 | Open | Theoretical | 2026-05-24 | 2026-05-25 |
CVE-2026-0671 |
IIS HTTP/2 Rapid Reset DoS | External | Medium | 5.9 | Web Server | 6 | Open | Known | 2026-04-02 | 2026-05-24 |
CVE-2026-0443 |
TLS 1.0/1.1 Deprecated Protocol | External | Medium | 5.3 | Mail Server | 4 | Open | Theoretical | 2026-04-14 | 2026-05-25 |
CVE-2025-61028 |
DNS Zone Transfer Allowed | External | Medium | 5.3 | DNS Server | 6 | In Progress | Theoretical | 2026-05-06 | 2026-05-27 |
CVE-2025-55014 |
SNMP Community String Exposure | Internal | Low | 4.3 | Network Switches | 3 | Open | Theoretical | 2026-05-06 | 2026-05-26 |
CVE-2025-70021 |
Default SNMP v2c Community String | Internal | Low | 4.3 | Network Devices | 5 | In Progress | Known | 2026-04-30 | 2026-05-24 |
CVE-2026-1550 |
Outdated PHP Version (8.1) | External | Low | 4 | Web Server | 5 | Patched | Theoretical | 2026-04-10 | 2026-05-25 |
CVE-2026-0102 |
SSL Certificate Expiry Warning | External | Low | 3.7 | Load Balancer | 5 | Accepted Risk | Theoretical | 2026-04-23 | 2026-05-27 |
CVE-2025-48332 |
HTTP TRACE Method Enabled | External | Low | 3.1 | Web Server | 4 | Accepted Risk | Theoretical | 2026-04-28 | 2026-05-26 |
CVE-2026-0890 |
Missing X-Frame-Options Header | External | Low | 3 | Web Application | 6 | Open | Theoretical | 2026-04-26 | 2026-05-24 |