Actively exploited CVEs with matching Yasna coverage.

Oracle PeopleSoft Enterprise PeopleTools - Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability
Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthenticated attacker to obtain takeover of PeopleSoft Enterprise PeopleTools.

Check Point Security Gateway - Check Point Security Gateway Improper Authentication Vulnerability
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

TanStack TanStack - TanStack Unspecified Vulnerability
TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a trusted identity.

Nx Nx Console - Nx Console Embedded Malicious Code Vulnerability
Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfuscated payload that could harvested credentials from multiple sources on disk and in memory.

WebPros cPanel & WHM and WP2 (WordPress Squared) - WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability
WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

ConnectWise ScreenConnect - ConnectWise ScreenConnect Path Traversal Vulnerability
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.

SimpleHelp SimpleHelp - SimpleHelp Missing Authorization Vulnerability
SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privileges to the server admin role.

SimpleHelp SimpleHelp - SimpleHelp Path Traversal Vulnerability
SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user.

PaperCut NG/MF - PaperCut NG/MF Improper Authentication Vulnerability
PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the SecurityRequestFilter class.

JetBrains TeamCity - JetBrains TeamCity Relative Path Traversal Vulnerability
JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.

Microsoft Exchange Server - Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability
Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.

Cisco Secure Firewall Management Center (FMC) - Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device.

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) - BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability
BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user. Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption.

SmarterTools SmarterMail - SmarterTools SmarterMail Missing Authentication for Critical Function Vulnerability
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.

SmarterTools SmarterMail - SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability
SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution.

SmarterTools SmarterMail - SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability
SmarterTools SmarterMail contains an authentication bypass using an alternate path or channel vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. This could allow an unauthenticated attacker to supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance.

Meta React Server Components - Meta React Server Components Remote Code Execution Vulnerability
Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw in how React decodes payloads sent to React Server Function endpoints. Please note CVE-2025-66478 has been rejected, but it is associated with CVE-2025- 55182.

Oracle E-Business Suite - Oracle E-Business Suite Server-Side Request Forgery (SSRF) Vulnerability
Oracle E-Business Suite contains a server-side request forgery (SSRF) vulnerability in the Runtime component of Oracle Configurator. This vulnerability is remotely exploitable without authentication.

Oracle E-Business Suite - Oracle E-Business Suite Unspecified Vulnerability
Oracle E-Business Suite contains an unspecified vulnerability in the BI Publisher Integration component. The vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Concurrent Processing. Successful attacks can result in takeover of Oracle Concurrent Processing.

Fortra GoAnywhere MFT - Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability
Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection.

Microsoft SharePoint - Microsoft SharePoint Code Injection Vulnerability
Microsoft SharePoint contains a code injection vulnerability that could allow an authorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-49706. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those for CVE-2025-49704.

Microsoft SharePoint - Microsoft SharePoint Improper Authentication Vulnerability
Microsoft SharePoint contains an improper authentication vulnerability that allows an authorized attacker to perform spoofing over a network. Successfully exploitation could allow an attacker to view sensitive information and make some changes to disclosed information. This vulnerability could be chained with CVE-2025-49704. CVE-2025-53771 is a patch bypass for CVE-2025-49706, and the updates for CVE-2025-53771 include more robust protection than those for CVE-2025-49706.

Microsoft SharePoint - Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server on-premises contains a deserialization of untrusted data vulnerability that could allow an unauthorized attacker to execute code over a network. This vulnerability could be chained with CVE-2025-53771. CVE-2025-53770 is a patch bypass for CVE-2025-49704, and the updates for CVE-2025-53770 include more robust protection than those for CVE-2025-49704.

Citrix NetScaler ADC and Gateway - Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC and Gateway contain an out-of-bounds read vulnerability due to insufficient input validation. This vulnerability can lead to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server.

Fortinet FortiOS - Fortinet FortiOS Use of Hard-Coded Credentials Vulnerability
Fortinet FortiOS contains a use of hard-coded credentials vulnerability that could allow an attacker to cipher sensitive data in FortiOS configuration backup file via knowledge of the hard-coded key.

SAP NetWeaver - SAP NetWeaver Unrestricted File Upload Vulnerability
SAP NetWeaver Visual Composer Metadata Uploader contains an unrestricted file upload vulnerability that allows an unauthenticated agent to upload potentially malicious executable binaries.

Microsoft Windows - Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.

CrushFTP CrushFTP - CrushFTP Authentication Bypass Vulnerability
CrushFTP contains an authentication bypass vulnerability in the HTTP authorization header that allows a remote unauthenticated attacker to authenticate to any known or guessable user account (e.g., crushadmin), potentially leading to a full compromise.

Ivanti Connect Secure, Policy Secure, and ZTA Gateways - Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contains a stack-based buffer overflow vulnerability that allows a remote unauthenticated attacker to achieve remote code execution.

Fortinet FortiOS and FortiProxy - Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.

Microsoft Windows - Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to bypass a security feature locally.

VMware ESXi - VMware ESXi Arbitrary Write Vulnerability
VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.

Microsoft Windows - Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
Microsoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authenticated privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

SonicWall SonicOS - SonicWall SonicOS SSLVPN Improper Authentication Vulnerability
SonicWall SonicOS contains an improper authentication vulnerability in the SSLVPN authentication mechanism that allows a remote attacker to bypass authentication.

SimpleHelp SimpleHelp - SimpleHelp Path Traversal Vulnerability
SimpleHelp remote support software contains multiple path traversal vulnerabilities that allow unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files may include server configuration files and hashed user passwords.

SonicWall SMA1000 Appliances - SonicWall SMA1000 Appliances Deserialization Vulnerability
SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC) contain a deserialization of untrusted data vulnerability, which can enable a remote, unauthenticated attacker to execute arbitrary OS commands.

Fortinet FortiOS and FortiProxy - Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability
Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that may allow an unauthenticated, remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module.

Qlik Sense - Qlik Sense HTTP Tunneling Vulnerability
Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software.

Ivanti Connect Secure, Policy Secure, and ZTA Gateways - Ivanti Connect Secure, Policy Secure, and ZTA Gateways Stack-Based Buffer Overflow Vulnerability
Ivanti Connect Secure, Policy Secure, and ZTA Gateways contain a stack-based buffer overflow which can lead to unauthenticated remote code execution.

Mitel MiCollab - Mitel MiCollab Path Traversal Vulnerability
Mitel MiCollab contains a path traversal vulnerability that could allow an attacker to gain unauthorized and unauthenticated access. This vulnerability can be chained with CVE-2024-55550, which allows an unauthenticated, remote attacker to read arbitrary files on the server.

Mitel MiCollab - Mitel MiCollab Path Traversal Vulnerability
Mitel MiCollab contains a path traversal vulnerability that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization. This vulnerability can be chained with CVE-2024-41713, which allows an unauthenticated, remote attacker to read arbitrary files on the server.

Cleo Multiple Products - Cleo Multiple Products Unauthenticated File Upload Vulnerability
Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload vulnerability that could allow an unauthenticated user to import and execute arbitrary bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory.

Cleo Multiple Products - Cleo Multiple Products Unrestricted File Upload Vulnerability
Cleo Harmony, VLTrader, and LexiCom, which are managed file transfer products, contain an unrestricted file upload and download vulnerability that can lead to remote code execution with elevated privileges.

CyberPersons CyberPanel - CyberPanel Incorrect Default Permissions Vulnerability
CyberPanel contains an incorrect default permissions vulnerability that allows for authentication bypass and the execution of arbitrary commands using shell metacharacters in the statusfile property.

Zyxel Multiple Firewalls - Zyxel Multiple Firewalls Path Traversal Vulnerability
Multiple Zyxel firewalls contain a path traversal vulnerability in the web management interface that could allow an attacker to download or upload files via a crafted URL.

Array Networks AG/vxAG ArrayOS - Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability
Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway.

Palo Alto Networks PAN-OS - Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in the web-based management interface for several PAN-OS products, including firewalls and VPN concentrators.

Palo Alto Networks PAN-OS - Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability
Palo Alto Networks PAN-OS contains an OS command injection vulnerability that allows for privilege escalation through the web-based management interface for several PAN products, including firewalls and VPN concentrators.

Microsoft Windows - Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.

CyberPersons CyberPanel - CyberPanel Incorrect Default Permissions Vulnerability
CyberPanel contains an incorrect default permissions vulnerability that allows a remote, unauthenticated attacker to execute commands as root.