CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

CVE-2026-25624

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS0.00029EPSS

Exploits0References1

NVD•added 6 days ago•10 views

CVE-2026-25623

An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions...

7CVSS0.00073EPSS

Exploits0References1

NVD•added 6 days ago•8 views

CVE-2026-25621

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS0.00044EPSS

Exploits0References1

NVD•added 6 days ago•10 views

CVE-2026-25622

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...

7CVSS0.0014EPSS

Exploits0References1

EUVD•added 6 days ago•9 views

EUVD-2026-34911

5.8CVSS5.2AI score0.00029EPSS

Exploits0References1

CVE•added 6 days ago•15 views

CVE-2026-25624

CVE-2026-25624 is an administrative cross-site scripting vulnerability in the web UI dashboard layout of Arista Edge Threat Management NGFW. The issue involves unvalidated user-supplied variables echoed back to administrative profiles, enabling XSS when an attacker has administrative UI access. A...

5.8CVSS5.2AI score0.00029EPSS

Exploits0References1Affected Software1

Cvelist•added 6 days ago•23 views

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

5.8CVSS0.00029EPSS

Exploits0References1

Vulnrichment•added 6 days ago•6 views

CVE-2026-25623 Arista Edge Threat Management NGFW UI Arbitrary Command Execution

7CVSS5.8AI score0.00073EPSS

Exploits0References1

Cvelist•added 6 days ago•24 views

CVE-2026-25623 Arista Edge Threat Management NGFW UI Arbitrary Command Execution

7CVSS0.00073EPSS

Exploits0References1

EUVD•added 6 days ago•9 views

EUVD-2026-34909

7CVSS5.8AI score0.00073EPSS

Exploits0References1

CVE•added 6 days ago•21 views

CVE-2026-25623

CVE-2026-25623 describes a command execution vulnerability in the browser management pipeline of Arista Edge Threat Management NGFW. The issue requires an authenticated administrative user with UI access and affects NGFW versions up to 17.4.0. The advisory indicates the vulnerability allows an ad...

7CVSS5.8AI score0.00073EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 6 days ago•6 views

CVE-2026-25623

7CVSS5.8AI score0.00073EPSS

Exploits0References2

EUVD•added 6 days ago•8 views

EUVD-2026-34907

7CVSS5.8AI score0.0014EPSS

Exploits0References1

EUVD•added 6 days ago•8 views

EUVD-2026-34905

7CVSS5.4AI score0.00044EPSS

Exploits0References1

CVE•added 6 days ago•8 views

CVE-2026-25621

Arista NGFW (Arista Edge Threat Management) Reports application is affected by insecure input validation in version 17.4.0. The vulnerability affects the Reports component (Import/Restore Data Backup Files field) and requires administrative UI access. No exploitation details are provided in the d...

7CVSS5.5AI score0.00044EPSS

Exploits0References1Affected Software1

Cvelist•added 6 days ago•23 views

CVE-2026-25621 Arista Edge Threat Management NGFW Reports Application Insecure Input Validation

7CVSS0.00044EPSS

Exploits0References1

ATTACKERKB•added 6 days ago•5 views

CVE-2026-25621

7CVSS5.4AI score0.00044EPSS

Exploits0References2Affected Software1

Cvelist•added 6 days ago•23 views

CVE-2026-25620 Arista Edge Threat Management NGFW Captive Portal Encrypted Password Command Injection

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS0.00163EPSS

Exploits0References1

ATTACKERKB•added 6 days ago•6 views

CVE-2026-25620

7CVSS5.5AI score0.00163EPSS

Exploits0References2Affected Software1

Positive Technologies•added 6 days ago•7 views

PT-2026-47048

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW affected versions not specified Description An input validation issue in the browser management pipeline allows authenticated administrators to execute terminal script code o...

7CVSS5.8AI score0.00073EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by