Vulnerabilities
20
Total Vulns
3
Critical
5
High
8
Open
4
In Progress
8
Patched (30d)
10days
Avg Remediation
5
Known Exploits
Last scan: 2026-07-10 05:01
Next scan: 2026-07-12 02:33
20 vulnerabilities found
| CVE | Vulnerability | Scope | Severity | CVSS | Affected Asset | Hosts | Status | Exploitability | Discovered | Last Scan |
|---|---|---|---|---|---|---|---|---|---|---|
CVE-2025-44891 |
Apache Log4j Deserialization RCE | External | Critical | 10 | Application Server | 6 | In Progress | Theoretical | 2026-07-09 | 2026-07-10 |
CVE-2026-21413 |
Microsoft Exchange Server Remote Code Execution | External | Critical | 9.8 | Exchange Server | 4 | In Progress | Known | 2026-06-21 | 2026-07-08 |
CVE-2026-0217 |
OpenSSL Buffer Overflow in TLS Handshake | External | Critical | 9.1 | Web Server | 3 | Patched | Theoretical | 2026-07-03 | 2026-07-09 |
CVE-2026-1052 |
Windows Print Spooler Privilege Escalation | Internal | High | 8.4 | Windows Workstations | 7 | In Progress | Known | 2026-07-07 | 2026-07-10 |
CVE-2025-38221 |
Cisco ASA VPN Authentication Bypass | External | High | 8.1 | VPN Gateway | 5 | Accepted Risk | Known | 2026-07-08 | 2026-07-11 |
CVE-2026-0089 |
SMB Relay Attack (NTLM) | Internal | High | 7.8 | Domain Controller | 5 | Patched | Known | 2026-06-20 | 2026-07-11 |
CVE-2025-52103 |
WordPress Plugin SQL Injection | External | High | 7.5 | Web Server | 3 | Open | Theoretical | 2026-07-01 | 2026-07-09 |
CVE-2026-3301 |
Microsoft Office Macro RCE | Internal | Medium | 6.8 | Workstations | 6 | Accepted Risk | Theoretical | 2026-06-30 | 2026-07-08 |
CVE-2026-1187 |
Windows Credential Guard Bypass | Internal | Medium | 6.5 | Domain Controller | 5 | Open | Known | 2026-05-15 | 2026-07-10 |
CVE-2025-49007 |
jQuery XSS in Selector Parsing | External | Medium | 6.1 | Web Application | 1 | In Progress | Known | 2026-06-17 | 2026-07-11 |
CVE-2026-2215 |
SSH Weak Key Exchange Algorithm | External | Medium | 5.9 | Linux Servers | 4 | Accepted Risk | Known | 2026-06-12 | 2026-07-11 |
CVE-2026-0671 |
IIS HTTP/2 Rapid Reset DoS | External | Medium | 5.9 | Web Server | 3 | Patched | Theoretical | 2026-07-05 | 2026-07-11 |
CVE-2026-0443 |
TLS 1.0/1.1 Deprecated Protocol | External | Medium | 5.3 | Mail Server | 3 | In Progress | Theoretical | 2026-07-10 | 2026-07-10 |
CVE-2025-61028 |
DNS Zone Transfer Allowed | External | Medium | 5.3 | DNS Server | 4 | In Progress | Theoretical | 2026-05-26 | 2026-07-09 |
CVE-2025-55014 |
SNMP Community String Exposure | Internal | Low | 4.3 | Network Switches | 5 | Open | Theoretical | 2026-06-15 | 2026-07-10 |
CVE-2025-70021 |
Default SNMP v2c Community String | Internal | Low | 4.3 | Network Devices | 1 | Patched | Theoretical | 2026-06-24 | 2026-07-09 |
CVE-2026-1550 |
Outdated PHP Version (8.1) | External | Low | 4 | Web Server | 6 | Open | Theoretical | 2026-07-06 | 2026-07-09 |
CVE-2026-0102 |
SSL Certificate Expiry Warning | External | Low | 3.7 | Load Balancer | 3 | Accepted Risk | Theoretical | 2026-06-20 | 2026-07-09 |
CVE-2025-48332 |
HTTP TRACE Method Enabled | External | Low | 3.1 | Web Server | 4 | In Progress | Theoretical | 2026-06-16 | 2026-07-11 |
CVE-2026-0890 |
Missing X-Frame-Options Header | External | Low | 3 | Web Application | 1 | Patched | Theoretical | 2026-06-30 | 2026-07-09 |