Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-21571 | This Critical severity OS Command Injection vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 9.4 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H allows an authenticated attacker to execute commands on the remote system, which has high impact to confidentiality, high impact to integrity, high impact to ava | 9.4 | 1.27% | 2026-04-21 | 2026-06-17 |
| CVE-2026-21570 | This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 9.6.0, 10.0.0, 10.1.0, 10.2.0, 11.0.0, 11.1.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.6, allows an authenticated attacker to execute malicious code on the remote system. Atlassian recommends that Bamboo Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified suppo | 8.6 | 0.51% | 2026-03-17 | 2026-06-17 |
| CVE-2026-21569 | This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE (XML External Entity Injection) vulnerability, with a CVSS Score of 7.9, allows an authenticated attacker to access local and remote content which has high impact to confidentiality, low impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Crowd Data Center and Server customers upgrade to la | 7.9 | 0.30% | 2026-01-27 | 2026-06-17 |
| CVE-2025-22203 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22202 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22201 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22200 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22199 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22198 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22197 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22196 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22195 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22194 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22193 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22192 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22191 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22190 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22189 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22188 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |
| CVE-2025-22187 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2025-12-31 | 2025-12-31 |