{ "meta": { "generated": "2026-06-10T22:17:38.665Z", "schemaVersion": "1.0", "source": "https://defend.network", "docs": "https://defend.network/api/", "license": "CC BY 4.0", "licenseUrl": "https://creativecommons.org/licenses/by/4.0/", "attribution": "Data by defend.network (https://defend.network), licensed CC BY 4.0. Underlying CVE facts from NVD (NIST), the CISA KEV catalog, and FIRST.org EPSS.", "count": 23, "window": "CVEs with dated activity on or after 2026-06-03 (last 7 days, UTC): CISA KEV dateAdded, a daily briefing covering the CVE, or a weekly report publication listing it." }, "cves": [ { "id": "CVE-2022-0492", "product": "Linux Kernel", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2022-0492.html", "kevDateAdded": "2026-06-02", "kevDueDate": "2026-06-05", "cvss": { "score": 7.8, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.33721, "percentile": 0.97051, "date": "2026-06-09" }, "references": [ "https://bugzilla.redhat.com/show_bug.cgi?id=2051505", "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af" ], "lastUpdated": "2026-06-02T21:16:24.997" }, { "id": "CVE-2024-21182", "product": "Oracle WebLogic Server", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2024-21182.html", "kevDateAdded": "2026-06-01", "kevDueDate": "2026-06-04", "cvss": { "score": 7.5, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, "epss": { "score": 0.89742, "percentile": 0.99587, "date": "2026-06-09" }, "references": [ "https://www.oracle.com/security-alerts/cpujul2024.html", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21182" ], "lastUpdated": "2026-06-01T19:32:02.173" }, { "id": "CVE-2025-48595", "product": "Android Framework", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2025-48595.html", "kevDateAdded": "2026-06-02", "kevDueDate": "2026-06-05", "cvss": { "score": 8.4, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.00528, "percentile": 0.67523, "date": "2026-06-09" }, "references": [ "https://source.android.com/docs/security/bulletin/2026/2026-06-01", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-48595" ], "lastUpdated": "2026-06-02T20:19:29.653" }, { "id": "CVE-2025-8088", "product": "RARLAB WinRAR", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2025-8088.html", "kevDateAdded": "2025-08-12", "kevDueDate": "2025-09-02", "cvss": { "score": 8.8, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.11605, "percentile": 0.93798, "date": "2026-06-09" }, "references": [ "https://support.dtsearch.com/faq/dts0245.htm", "https://www.vicarius.io/vsociety/posts/cve-2025-8088-detect-winrar-zero-day", "https://www.vicarius.io/vsociety/posts/cve-2025-8088-mitigate-winrar-zero-day-using-srp-and-ifeo" ], "lastUpdated": "2025-10-30T15:50:59.680" }, { "id": "CVE-2026-0257", "product": "Palo Alto Networks PAN-OS", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-0257.html", "kevDateAdded": "2026-05-29", "kevDueDate": "2026-06-01", "cvss": { "score": 9.1, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, "epss": { "score": 0.58788, "percentile": 0.98253, "date": "2026-06-09" }, "references": [ "https://security.paloaltonetworks.com/CVE-2026-0257", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0257" ], "lastUpdated": "2026-05-29T20:16:21.803" }, { "id": "CVE-2026-11645", "product": "Google Chromium V8", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-11645.html", "kevDateAdded": "2026-06-09", "kevDueDate": "2026-06-23", "cvss": { "score": 8.8, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.0008, "percentile": 0.2358, "date": "2026-06-09" }, "references": [ "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html", "https://issues.chromium.org/issues/506689381", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-11645" ], "lastUpdated": "2026-06-09T19:41:08.533" }, { "id": "CVE-2026-20230", "product": "Cisco Unified Communications Manager", "exploitation": "poc-published", "status": "poc", "verification": "verified", "kev": false, "permalink": "https://defend.network/cve/CVE-2026-20230.html", "cvss": { "score": 8.6, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N" }, "epss": { "score": 0.00018, "percentile": 0.04962, "date": "2026-06-04" }, "references": [ "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW" ], "lastUpdated": "2026-06-04T13:54:40.593" }, { "id": "CVE-2026-20245", "product": "Cisco Catalyst SD-WAN Manager", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-20245.html", "kevDateAdded": "2026-06-09", "kevDueDate": "2026-06-23", "cvss": { "score": 7.8, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.00083, "percentile": 0.2419, "date": "2026-06-09" }, "references": [ "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx", "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW" ], "lastUpdated": "2026-06-05T15:03:20.990" }, { "id": "CVE-2026-23111", "product": "Linux Kernel", "exploitation": "none", "status": "none", "verification": "verified", "kev": false, "permalink": "https://defend.network/cve/CVE-2026-23111.html", "cvss": { "score": 7.8, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.00013, "percentile": 0.0219, "date": "2026-06-09" }, "references": [ "https://git.kernel.org/stable/c/1444ff890b4653add12f734ffeffc173d42862dd", "https://git.kernel.org/stable/c/42c574c1504aa089a0a142e4c13859327570473d", "https://git.kernel.org/stable/c/8b68a45f9722f2babe9e7bad00aa74638addf081" ], "lastUpdated": "2026-06-02T14:16:47.120" }, { "id": "CVE-2026-23479", "product": "Redis", "exploitation": "none", "status": "none", "verification": "verified", "kev": false, "permalink": "https://defend.network/cve/CVE-2026-23479.html", "cvss": { "score": 8.8, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.00103, "percentile": 0.27792, "date": "2026-06-04" }, "references": [ "https://github.com/redis/redis/security/advisories/GHSA-93m2-935m-8rj3", "https://github.com/redis/redis/releases/tag/8.6.3" ], "lastUpdated": "2026-05-06T15:53:38.033" }, { "id": "CVE-2026-28318", "product": "SolarWinds Serv-U", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-28318.html", "kevDateAdded": "2026-06-05", "kevDueDate": "2026-06-19", "cvss": { "score": 7.5, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, "epss": { "score": 0.06678, "percentile": 0.91418, "date": "2026-06-09" }, "references": [ "https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28318", "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-28318" ], "lastUpdated": "2026-06-05T19:32:38.510" }, { "id": "CVE-2026-3300", "product": "WordPress Everest Forms Pro", "exploitation": "none", "status": "none", "verification": "verified", "kev": false, "permalink": "https://defend.network/cve/CVE-2026-3300.html", "cvss": { "score": 9.8, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.00327, "percentile": 0.55935, "date": "2026-06-09" }, "references": [ "https://everestforms.net/changelog/", "https://plugins.trac.wordpress.org/browser/everest-forms/tags/3.4.3/includes/class-evf-form-task.php#L584", "https://www.wordfence.com/threat-intel/vulnerabilities/id/389c0b89-e408-4ad5-9723-a16b745771f0?source=cve" ], "lastUpdated": "2026-04-24T18:11:16.583" }, { "id": "CVE-2026-39987", "product": "Marimo", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-39987.html", "kevDateAdded": "2026-04-23", "kevDueDate": "2026-05-07", "cvss": { "score": 9.8, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.8071, "percentile": 0.99161, "date": "2026-06-04" }, "lastUpdated": "2026-05-29T16:55:07.839Z" }, { "id": "CVE-2026-41089", "product": "Microsoft Windows Server 2012", "exploitation": "none", "status": "none", "verification": "verified", "kev": false, "permalink": "https://defend.network/cve/CVE-2026-41089.html", "cvss": { "score": 9.8, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.00095, "percentile": 0.26388, "date": "2026-06-04" }, "references": [ "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089" ], "lastUpdated": "2026-05-15T15:42:17.907" }, { "id": "CVE-2026-42271", "product": "BerriAI LiteLLM", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-42271.html", "kevDateAdded": "2026-06-08", "kevDueDate": "2026-06-22", "cvss": { "score": 8.8, "severity": "HIGH", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.60784, "percentile": 0.98324, "date": "2026-06-09" }, "references": [ "https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g", "https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-42271" ], "lastUpdated": "2026-06-09T01:22:09.190" }, { "id": "CVE-2026-44963", "product": "Veeam Backup & Replication", "exploitation": "none", "status": "review", "verification": "partial", "kev": false, "permalink": "https://defend.network/cve/CVE-2026-44963.html", "references": [ "https://www.veeam.com/kb4869" ], "lastUpdated": "2026-06-09T23:16:52.617" }, { "id": "CVE-2026-45247", "product": "Mirasvit Full Page Cache Warmer", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-45247.html", "kevDateAdded": "2026-06-03", "kevDueDate": "2026-06-06", "cvss": { "score": 9.8, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.06149, "percentile": 0.90998, "date": "2026-06-09" }, "references": [ "https://sansec.io/research/mirasvit-cache-warmer-object-injection", "https://www.vulncheck.com/advisories/mirasvit-cache-warmer-for-magento-php-object-injection", "https://www.imperva.com/blog/imperva-customers-protected-against-cve-2026-45247-in-mirasvit-full-page-cache-warmer-for-magento/" ], "lastUpdated": "2026-06-03T19:55:00.583" }, { "id": "CVE-2026-48172", "product": "LiteSpeed CPanel Plugin", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-48172.html", "kevDateAdded": "2026-05-26", "kevDueDate": "2026-05-29", "cvss": { "score": 9.8, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.07956, "percentile": 0.92232, "date": "2026-06-09" }, "references": [ "https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/", "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/cpanel", "https://www.litespeedtech.com/products/litespeed-web-server/control-panel-support/release-log" ], "lastUpdated": "2026-05-26T20:19:13.460" }, { "id": "CVE-2026-50751", "product": "Check Point Security Gateway", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-50751.html", "kevDateAdded": "2026-06-08", "kevDueDate": "2026-06-11", "cvss": { "score": 9.3, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N" }, "epss": { "score": 0.17688, "percentile": 0.95248, "date": "2026-06-09" }, "references": [ "https://support.checkpoint.com/results/sk/sk185033", "https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-50751" ], "lastUpdated": "2026-06-08T21:16:49.373" }, { "id": "CVE-2026-7473", "product": "Arista Extensible Operating System", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-7473.html", "kevDateAdded": "2026-06-09", "kevDueDate": "2026-06-23", "cvss": { "score": 5.8, "severity": "MEDIUM", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, "epss": { "score": 0.00029, "percentile": 0.08687, "date": "2026-06-09" }, "references": [ "https://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137", "https://www.arista.com/en/support/advisories-notices/security-advisory/22872-security-advisory-0137", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-7473" ], "lastUpdated": "2026-06-09T20:48:49.580" }, { "id": "CVE-2026-8206", "product": "WordPress Kirki Plugin", "exploitation": "none", "status": "none", "verification": "verified", "kev": false, "permalink": "https://defend.network/cve/CVE-2026-8206.html", "cvss": { "score": 9.8, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.00119, "percentile": 0.30403, "date": "2026-06-04" }, "references": [ "https://plugins.trac.wordpress.org/browser/kirki/tags/6.0.4/ComponentLibrary/controller/CompLibFormHandler.php#L330", "https://plugins.trac.wordpress.org/browser/kirki/tags/6.0.4/ComponentLibrary/controller/CompLibFormHandler.php#L48", "https://plugins.trac.wordpress.org/browser/kirki/tags/6.0.4/ComponentLibrary/controller/ElementGenerator.php#L227" ], "lastUpdated": "2026-06-02T13:03:31.153" }, { "id": "CVE-2026-8732", "product": "WP Maps Pro (WordPress plugin)", "exploitation": "none", "status": "none", "verification": "verified", "kev": false, "permalink": "https://defend.network/cve/CVE-2026-8732.html", "cvss": { "score": 9.8, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.00097, "percentile": 0.26691, "date": "2026-06-04" }, "references": [ "https://codecanyon.net/item/advanced-google-maps-plugin-for-wordpress/5211638", "https://www.wordfence.com/threat-intel/vulnerabilities/id/65988550-d39d-40be-8d25-647e7237062d?source=cve" ], "lastUpdated": "2026-05-29T13:09:05.450" }, { "id": "CVE-2026-9082", "product": "Drupal Core", "exploitation": "kev-confirmed", "status": "active", "verification": "verified", "kev": true, "permalink": "https://defend.network/cve/CVE-2026-9082.html", "kevDateAdded": "2026-05-22", "kevDueDate": "2026-05-27", "cvss": { "score": 9.8, "severity": "CRITICAL", "source": "NVD CVSS 3.1", "version": "3.1", "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, "epss": { "score": 0.10403, "percentile": 0.93366, "date": "2026-06-09" }, "references": [ "https://www.drupal.org/sa-core-2026-004", "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-9082" ], "lastUpdated": "2026-05-22T19:38:04.930" } ] }