tag
Rce
Critical
Redis Vector Set Duplicate HNSW Node ID RCE
None assigned as of 2026-07-03·
Redis server, Vector Set module (modules/vector-sets)
unpatched
Critical
PHP 8.5.7 StreamBucket-to-SOAP Numeric Cookie Remote Code Execution
None assigned as of 2026-07-03·
PHP CLI (Zend Engine) — ArrayIterator, StreamBucket, SoapClient internals
unpatched
Critical
Lunar Client Modrinth Explore Raw-HTML to Local Launcher Execution Chain
None assigned as of 2026-07-03·
Lunar Client (Electron desktop application), Modrinth Explore integration
unpatched
Critical
libssh2 Unchecked SSH packet_length Integer Wrap to RCE (CVE-2026-55200)
CVE-2026-55200·
libssh2, ssh2_transport_read() in src/transport.c
patched
Critical
libssh2 Publickey Subsystem List Parser Heap Corruption to Code Execution
None assigned as of 2026-07-03·
libssh2, publickey subsystem list parser (src/publickey.c)
unpatched
Critical
Langflow Missing-Authentication Remote Code Execution (CVE-2025-3248)
CVE-2025-3248·
Langflow (open-source AI/LLM workflow builder)
patched
Critical
Ladybird Browser WebAssembly ESM Host-Function Use-After-Free RCE
None assigned as of 2026-07-03·
Ladybird web browser (WebContent process, LibWeb / LibWasm)
unpatched
Critical
Gogs Admin User Edit CSRF to Git Hook RCE
None assigned as of 2026-07-03·
Gogs (self-hosted Git service)
unpatched
High
Flowise Custom MCP Environment Variable Case Bypass
None assigned as of 2026-07-03·
Flowise / flowise-components
unpatched
Critical
Floci API Gateway VTL RCE + IAM Scope Bypass
None assigned as of 2026-07-03·
Floci (AWS-compatible local cloud emulator)
unpatched
Critical
Unauthenticated RCE in Mirasvit Full Page Cache Warmer for Magento 2 (CVE-2026-45247)
CVE-2026-45247·
Mirasvit Full Page Cache Warmer extension for Magento 2
unpatched
Critical
Unauthenticated RCE in Joomla Content Editor (JCE) Profile Import (CVE-2026-48907)
CVE-2026-48907·
Joomla Content Editor (JCE) extension by Widget Factory
unpatched
Critical
Cisco Unified CM WebDialer SSRF to Arbitrary File Write / RCE (CVE-2026-20230)
CVE-2026-20230·
Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME)
unpatched
Critical
SP Page Builder (Joomla) Unauthenticated File Upload RCE (CVE-2026-48908)
CVE-2026-48908·
SP Page Builder extension for Joomla (joomshaper.net)
patched
Critical
libssh2 SSH Packet Length OOB Heap Write / Unauthenticated RCE (CVE-2026-55200)
CVE-2026-55200·
libssh2 (SSH client library)
patched
Critical
GNU Inetutils telnetd Unauthenticated Root RCE via NEW-ENVIRON (CVE-2026-24061)
CVE-2026-24061·
GNU Inetutils telnetd
patched
Critical
GeoVision GV-I/O Box 4E DVRSearch Unauthenticated Stack Buffer Overflow RCE (CVE-2026-12485)
CVE-2026-12485·
GeoVision GV-I/O Box 4E (Linux-based smart embedded I/O device)
patched
High
FFmpeg MagicYUV Decoder Out-of-Bounds Write / RCE — PixelSmash (CVE-2026-8461)
CVE-2026-8461·
FFmpeg libavcodec — MagicYUV video decoder
patched
Critical
Splunk Enterprise Pre-Auth RCE via PostgreSQL Sidecar (CVE-2026-20253)
CVE-2026-20253·
Splunk Enterprise
patched
Critical
Ivanti Sentry Pre-Auth RCE + Auth Bypass (CVE-2026-10520 / CVE-2026-10523)
CVE-2026-10520, CVE-2026-10523·
Ivanti Sentry (formerly MobileIron Sentry)
patched
Critical
TossUp — TerraMaster TOS Unauthenticated Redis Root RCE + NFS LPE
N/A (vendor confirmed TOS4 is EOL; no fix planned)·
TerraMaster TOS3_A1.0 4.2.41, Redis 4.0.10
unpatched
High
Windows MMC MSC EvilTwin - CVE-2025-26633
CVE-2025-26633·
Microsoft Management Console (MMC), Windows
patched
Critical
ToolShell - SharePoint Unauthenticated RCE Chain
CVE-2025-53770, CVE-2025-53771, CVE-2025-49704, CVE-2025-49706·
Microsoft SharePoint Server
patched
Critical
React2Shell - Next.js RSC Unauthenticated RCE
CVE-2025-55182·
Next.js (App Router with React Server Components), React
patched
Critical
Palo Alto PAN-OS GlobalProtect Unauthenticated RCE (CVE-2024-3400)
CVE-2024-3400·
Palo Alto Networks PAN-OS GlobalProtect gateway
patched
Critical
Jenkins CLI Arbitrary File Read to RCE (CVE-2024-23897)
CVE-2024-23897·
Jenkins controller (CLI endpoint)
unpatched
Critical
Ivanti Connect Secure Pre-Auth RCE (Stack Overflow)
CVE-2025-0282·
Ivanti Connect Secure, Ivanti Policy Secure, Ivanti ZTA Gateways
unpatched
Critical
IngressNightmare - Kubernetes Ingress-NGINX Unauthenticated RCE
CVE-2025-1974 (primary); also CVE-2025-1097, CVE-2025-1098, CVE-2025-24514·
Kubernetes Ingress-NGINX Controller (ingress-nginx)
unpatched
Critical
Fortinet FortiManager FortiJump Unauthenticated RCE (CVE-2024-47575)
CVE-2024-47575·
Fortinet FortiManager / FortiManager Cloud (fgfmd daemon)
unpatched
Critical
Erlang/OTP SSH Pre-Auth RCE - CVE-2025-32433
CVE-2025-32433·
Erlang/OTP SSH server daemon
patched
Critical
Confluence SSTI RCE - CVE-2023-22527
CVE-2023-22527·
Atlassian Confluence Data Center and Confluence Server
patched
High
Confluence Post-Auth RCE - CVE-2024-21683
CVE-2024-21683·
Atlassian Confluence Data Center and Server
unpatched
Critical
Apache httpd mod_http2 Double-Free Pre-Auth RCE - CVE-2026-23918
CVE-2026-23918·
Apache HTTP Server (httpd) with mod_http2
patched
Critical
Windows OLE Zero-Click RCE via Outlook RTF (CVE-2025-21298)
CVE-2025-21298·
Microsoft Windows OLE (ole32.dll) as reached by Outlook/Word RTF parsing
patched
Critical
VMware vCenter Server DCE/RPC Heap Overflow RCE (CVE-2024-37079)
CVE-2024-37079·
VMware vCenter Server
patched
High
OpenSSH regreSSHion Signal-Handler Race Unauthenticated RCE (CVE-2024-6387)
CVE-2024-6387·
OpenSSH server daemon (sshd) on glibc-based Linux
patched
Critical
Fortinet FortiOS SSL VPN Unauthenticated RCE (CVE-2024-21762)
CVE-2024-21762·
Fortinet FortiOS SSL VPN (sslvpnd)
patched
Critical
Apache Parquet Java Unsafe Deserialization RCE (CVE-2025-30065)
CVE-2025-30065·
Apache Parquet Java (parquet-avro) schema parsing consumers
unpatched
Critical
Adobe Acrobat/Reader Prototype Pollution Sandbox Escape (CVE-2026-34621)
CVE-2026-34621·
Adobe Acrobat DC / Adobe Acrobat Reader DC / Adobe Acrobat 2024 JavaScript engine sandbox boundary
unpatched
Critical
HTTP Protocol Stack Remote Code Execution Vulnerability (CVE-2021-31166)
CVE-2021-31166·
Microsoft Windows HTTP Protocol Stack (http.sys)
patched
Critical
NGINX Rift — Heap Buffer Overflow RCE (CVE-2026-42945)
CVE-2026-42945·
NGINX Open Source / NGINX Plus
unpatched