51 CISA Known Exploited Vulnerabilities from 2026
Cisco Catalyst SD-WAN — Unauthenticated Remote Auth Bypass via vdaemon DTLS vHub Device-Type Confusion
CVSS 10BerriAI LiteLLM — Pre-Auth SQL Injection via Unsanitized Bearer Token in Authentication Path
CVSS 9.8Palo Alto Networks PAN-OS — Unauthenticated RCE via Out-of-bounds Write in Authentication Portal
CVSS 9.3WebPros cPanel & WHM — Pre-Auth CRLF Injection Grants Unauthenticated Root WHM Access
CVSS 9.8Marimo — Pre-Auth RCE via Unauthenticated Terminal WebSocket
CVSS 9.8Fortinet FortiClient EMS — Pre-Auth SQL Injection via Site HTTP Header
CVSS 9.8Ivanti Endpoint Manager Mobile (EPMM) — Pre-Auth Remote Code Execution via Android File Transfer URL Injection
CVSS 9.8Fortinet FortiClient EMS — Pre-Authentication Remote Code Execution
CVSS 9.8Cisco Secure Firewall Management Center (FMC) — Unauthenticated Remote Code Execution via Java Deserialization
CVSS 10Citrix NetScaler ADC & Gateway — Memory Overread via Insufficient Input Validation (SAML IDP)
CVSS 9.8Langflow — Unauthenticated Remote Code Execution via Public Flow Build Endpoint
CVSS 9.8Microsoft SharePoint Server — Remote Code Execution via Deserialization of Untrusted Data
CVSS 9.8Cisco Catalyst SD-WAN — CVSS 10.0 Peering Authentication Bypass Enabling Fabric-Wide NETCONF Access, Exploited by UAT-8616 Since 2023
CVSS 10Dell RecoverPoint for Virtual Machines (RP4VMs) — Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability
CVSS 10BeyondTrust RS/PRA — Unauthenticated Remote Code Execution via WebSocket Bash Arithmetic Injection
CVSS 9.8SmarterTools SmarterMail — SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability
CVSS 9.8Ivanti EPMM — Pre-Auth Remote Code Execution via App Store URL Bash Injection
CVSS 9.8Fortinet Multiple Products — Fortinet Multiple Products Authentication Bypass Using an Alternate Path or Channel Vulnerability
CVSS 9.8SmarterTools SmarterMail — SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability
CVSS 9.8GNU InetUtils — GNU InetUtils Argument Injection Vulnerability
CVSS 9.8Microsoft Exchange Server OWA — Stored XSS via Crafted Email Enables Session Hijacking and Account Takeover
CVSS 8.1Linux Kernel 'Copy Fail' — algif_aead Page Cache Write for Local Privilege Escalation
CVSS 7.8Ivanti EPMM — Authenticated Admin RCE Chained from CVE-2026-1340 Credential Theft
CVSS 7.2Apache ActiveMQ Classic — Authenticated RCE via Jolokia JMX-HTTP Bridge (13-Year-Old Flaw, AI-Discovered)
CVSS 8.8Google Dawn — Use-After-Free Vulnerability in Graphics Rendering
CVSS 8.8Adobe Acrobat & Reader — Zero-Day JavaScript Prototype Pollution Leading to Arbitrary Code Execution
CVSS 8.6Microsoft Defender — BlueHammer TOCTOU Race Condition Enabling Local Privilege Escalation to SYSTEM
CVSS 7.8TrueConf Client — Arbitrary Code Execution via Insecure Update Mechanism ("TrueChaos")
CVSS 7.8Cisco Catalyst SD-WAN Manager — DCA Credential Exposure via Accessible Filesystem Enabling Privilege Escalation
CVSS 7.5Aquasecurity Trivy — Supply Chain Compromise via Embedded Malicious Code
CVSS 8.8Google Skia — Out-of-Bounds Write via Crafted HTML Page
CVSS 8.8Google Chromium V8 — Arbitrary Code Execution via Inappropriate Implementation
CVSS 8.8Ivanti EPM — Unauthenticated Credential Vault Access via Magic Number Header Bypass
CVSS 8.6Broadcom VMware Aria Operations — Broadcom VMware Aria Operations Command Injection Vulnerability
CVSS 8.1Qualcomm Multiple Chipsets — Memory Corruption via Integer Overflow in Memory Allocation
CVSS 7.8Soliton Systems K.K FileZen — Soliton Systems K.K FileZen OS Command Injection Vulnerability
CVSS 8.8Google Chromium — Google Chromium CSS Use-After-Free Vulnerability
CVSS 8.8Microsoft Windows — Microsoft Windows Shell Protection Mechanism Failure Vulnerability
CVSS 8.8Microsoft Windows — Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
CVSS 8.8Apple Multiple Products — Apple Multiple Buffer Overflow Vulnerability
CVSS 7.8Microsoft Office — Microsoft Office Word Reliance on Untrusted Inputs in a Security Decision Vulnerability
CVSS 7.8Microsoft Windows — Microsoft Windows Type Confusion Vulnerability
CVSS 7.8Microsoft Windows — Microsoft Windows Improper Privilege Management Vulnerability
CVSS 7.8Cisco Catalyst SD-WAN Manager — Unauthenticated API Information Disclosure as First Step in SD-WAN Attack Chain
CVSS 6.5Microsoft SharePoint Server — Network Spoofing via Improper Input Validation (April 2026 Zero-Day)
CVSS 6.5Cisco Catalyst SD-WAN Manager — Authenticated API File Overwrite Enabling vManage Privilege Escalation
CVSS 5.4Microsoft Windows Shell — NTLM Credential Coercion via Malicious LNK Files (Incomplete APT28 Patch)
CVSS 4.3Microsoft Windows — Microsoft Windows NULL Pointer Dereference Vulnerability
CVSS 6.2