Vulnerabilities

Total Vulns

Critical

High

Open

In Progress

Patched (30d)

7days

Avg Remediation

Known Exploits

Last scan: 2026-04-11 11:31 Next scan: 2026-04-13 03:38

20 vulnerabilities found

External (10) Internal (9)

CVE	Vulnerability	Scope	Severity	CVSS	Affected Asset	Hosts	Status	Exploitability	Discovered	Last Scan
`CVE-2025-44891`	Apache Log4j Deserialization RCE	External	Critical	10	Application Server	4	In Progress	Theoretical	2026-04-03	2026-04-11
Remediation Patch immediately — vendor update available. SOC team notified. Affected Hosts SW-CORE-01 WS-LAP-011 WS-LAP-010 SRV-MAIL-01
`CVE-2026-21413`	Microsoft Exchange Server Remote Code Execution	External	Critical	9.8	Exchange Server	3	Open	Known	2026-02-12	2026-04-10
Remediation Patch immediately — vendor update available. SOC team notified. Affected Hosts WS-PC-001 SRV-WEB-01 AP-WIFI-03
`CVE-2026-0217`	OpenSSL Buffer Overflow in TLS Handshake	External	Critical	9.1	Web Server	2	Patched	Known	2026-02-26	2026-04-10
Remediation Patch immediately — vendor update available. SOC team notified. Affected Hosts WS-PC-001 AP-WIFI-03
`CVE-2026-1052`	Windows Print Spooler Privilege Escalation	Internal	High	8.4	Windows Workstations	1	Patched	Known	2026-03-19	2026-04-09
Remediation Schedule patching within 7 days. Workaround available. Affected Hosts WS-LAP-010
`CVE-2025-38221`	Cisco ASA VPN Authentication Bypass	External	High	8.1	VPN Gateway	1	Accepted Risk	Known	2026-04-04	2026-04-11
Remediation Schedule patching within 7 days. Workaround available. Affected Hosts SRV-DC-01
`CVE-2026-0089`	SMB Relay Attack (NTLM)	Internal	High	7.8	Domain Controller	1	Open	Known	2026-03-20	2026-04-10
Remediation Schedule patching within 7 days. Workaround available. Affected Hosts VM-DEV-01
`CVE-2025-52103`	WordPress Plugin SQL Injection	External	High	7.5	Web Server	4	Open	Known	2026-03-04	2026-04-10
Remediation Schedule patching within 7 days. Workaround available. Affected Hosts SRV-WEB-01 WS-PC-001 WS-PC-004 SRV-DC-01
`CVE-2026-3301`	Microsoft Office Macro RCE	Internal	Medium	6.8	Workstations	6	Accepted Risk	Theoretical	2026-03-08	2026-04-09
Remediation Plan remediation within 30 days. Monitor for exploitation. Affected Hosts WS-PC-006 WS-LAP-012 SRV-BACKUP-01 SRV-DC-01 SRV-FILE-01 AP-WIFI-03
`CVE-2026-1187`	Windows Credential Guard Bypass	Internal	Medium	6.5	Domain Controller	4	Patched	Known	2026-04-10	2026-04-11
Remediation Plan remediation within 30 days. Monitor for exploitation. Affected Hosts VM-DEV-01 SRV-SQL-01 SRV-BACKUP-01 WS-PC-006
`CVE-2025-49007`	jQuery XSS in Selector Parsing	External	Medium	6.1	Web Application	3	Patched	Known	2026-03-28	2026-04-10
Remediation Plan remediation within 30 days. Monitor for exploitation. Affected Hosts WS-PC-001 SRV-SQL-01 SW-CORE-01
`CVE-2026-2215`	SSH Weak Key Exchange Algorithm	External	Medium	5.9	Linux Servers	4	Patched	Known	2026-04-06	2026-04-11
Remediation Plan remediation within 30 days. Monitor for exploitation. Affected Hosts AP-WIFI-03 SRV-FILE-01 SW-CORE-01 WS-LAP-010
`CVE-2026-0671`	IIS HTTP/2 Rapid Reset DoS	External	Medium	5.9	Web Server	5	Open	Theoretical	2026-03-23	2026-04-11
Remediation Plan remediation within 30 days. Monitor for exploitation. Affected Hosts SW-CORE-01 SRV-FILE-01 WS-PC-004 WS-PC-003 FW-EDGE-01
`CVE-2026-0443`	TLS 1.0/1.1 Deprecated Protocol	External	Medium	5.3	Mail Server	3	Open	Theoretical	2026-03-19	2026-04-09
Remediation Plan remediation within 30 days. Monitor for exploitation. Affected Hosts WS-PC-002 WS-LAP-012 WS-PC-004
`CVE-2025-61028`	DNS Zone Transfer Allowed	External	Medium	5.3	DNS Server	3	Open	Theoretical	2026-02-14	2026-04-09
Remediation Plan remediation within 30 days. Monitor for exploitation. Affected Hosts SRV-SQL-01 SRV-DC-01 SRV-APP-01
`CVE-2025-55014`	SNMP Community String Exposure	Internal	Low	4.3	Network Switches	3	Open	Theoretical	2026-04-03	2026-04-09
Remediation Address during next maintenance window. Low risk. Affected Hosts SRV-MAIL-01 SRV-BACKUP-01 SRV-FILE-01
`CVE-2025-70021`	Default SNMP v2c Community String	Internal	Low	4.3	Network Devices	5	Open	Theoretical	2026-02-28	2026-04-10
Remediation Address during next maintenance window. Low risk. Affected Hosts WS-LAP-010 SRV-BACKUP-01 SRV-APP-01 WS-PC-003 FW-EDGE-01
`CVE-2026-1550`	Outdated PHP Version (8.1)	External	Low	4	Web Server	3	Open	Theoretical	2026-02-22	2026-04-10
Remediation Address during next maintenance window. Low risk. Affected Hosts SRV-FILE-01 SRV-MAIL-01 FW-EDGE-01
`CVE-2026-0102`	SSL Certificate Expiry Warning	External	Low	3.7	Load Balancer	2	Open	Theoretical	2026-04-03	2026-04-11
Remediation Address during next maintenance window. Low risk. Affected Hosts FW-EDGE-01 SRV-SQL-01
`CVE-2025-48332`	HTTP TRACE Method Enabled	External	Low	3.1	Web Server	4	Accepted Risk	Theoretical	2026-02-12	2026-04-10
Remediation Address during next maintenance window. Low risk. Affected Hosts SRV-BACKUP-01 WS-MAC-005 WS-LAP-012 WS-PC-006
`CVE-2026-0890`	Missing X-Frame-Options Header	External	Low	3	Web Application	3	In Progress	Theoretical	2026-03-15	2026-04-11
Remediation Address during next maintenance window. Low risk. Affected Hosts WS-PC-006 WS-LAP-011 SRV-DC-01

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

Remediation

Affected Hosts

By Severity

By Status