CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/03/25 4:7 p.m.•18 views

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

6.5CVSS0.00035EPSS

CVE•added 2026/03/25 4:4 p.m.•63 views

CVE-2026-20125

CVE-2026-20125 affects the HTTP Server feature in Cisco IOS Software and Cisco IOS XE Software Release 3E . The root cause is improper validation of user-supplied input, which can be exploited by sending malformed HTTP requests to an affected device. A successful exploit would cause the device to...

7.7CVSS5.9AI score0.00202EPSS

CVE•added 2026/03/25 4:3 p.m.•70 views

CVE-2026-20012

The CVE-2026-20012 entry describes a memory-leak DoS in the IKEv2 handling of Cisco IOS, IOS XE, ASA, and FTDS (Threat Defense). Root cause: improper parsing of IKEv2 packets leading to conditions where devices reload (IOS/IOS XE) or exhaust memory to the point of instability (ASA/FTD). Affected ...

8.6CVSS5.8AI score0.00148EPSS

Vulnrichment•added 2026/03/25 4:3 p.m.•0 views

CVE-2026-20012

A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a...

8.6CVSS5.8AI score0.00148EPSS

Cisco•added 2026/03/25 4:0 p.m.•6 views

Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability

7.7CVSS5.9AI score0.00202EPSS

Positive Technologies•added 2026/03/25 12:0 a.m.•4 views

PT-2026-27787

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software affected versions not specified Description A flaw exists in the TLS library of Cisco IOS XE Software that may allow a nearby, unauthenticated attacker to deplete the memory of a vulnerable device. This is caused by...

7.4CVSS5.9AI score0.00075EPSS

EUVD•added 2026/03/11 3:31 a.m.•2 views

EUVD-2026-11034

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.2.7. This is due to missing or incorrect nonce validation on the reloadpreview function. This makes it possible for...

EUVD•added 2026/03/11 1:22 a.m.•1 views

EUVD-2026-11033

ATTACKERKB•added 2026/03/11 1:22 a.m.•1 views

Exploits0References2

CVE-2026-2324

Positive Technologies•added 2026/03/11 12:0 a.m.•4 views

PT-2026-24547

Chainguard•added 2026/03/10 1:17 p.m.•4 views

CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: cilium-envoy-fips, flux-helm-controller, crossplane-function-environment-configs-fips, logstash, gitlab-kas-fips, kong-ingress-controller, neuvector-dbgen, node-problem-detector-fips, nats-top, trivy-fips, certificate-transparency-fips, kubernetes-csi-driver-nfs,...

7.5CVSS7.6AI score0.00044EPSS

Exploits0

6.8CVSS6AI score0.00048EPSS

CVE-2026-20025

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF...

6.8CVSS6AI score0.00048EPSS

CVE-2026-20050

A vulnerability in the Do Not Decrypt exclusion feature of the SSL decryption feature of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper memory...

RedhatCVE•added 2026/03/05 7:31 p.m.•1 views

CVE-2026-20064

A vulnerability in of Cisco Secure Firewall Threat Defense FTD Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service DoS condition. This vulnerability is due to improper validation of user-supplied input. An attacker with a...

6.5CVSS6AI score0.00035EPSS

5.8CVSS6AI score0.00137EPSS

CVE-2026-20015

A vulnerability in the IKEv2 feature of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device that may impact the availability of services to devices elsewhere in the network. This...

6.8CVSS6AI score0.00011EPSS

CVE-2026-20024

6.1CVSS5.9AI score0.00006EPSS

CVE-2026-20022

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...

RedhatCVE•added 2026/03/05 7:30 p.m.•1 views

CVE-2026-20100

A vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an authenticated, remote attacker with a valid VPN connection to cause the device to reload...

7.7CVSS6AI score0.00117EPSS