Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-26512 | SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed. | 9.9 | 0.64% | 2025-03-24 | 2026-06-17 |
| CVE-2023-1096 | SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability which could allow a remote unauthenticated attacker to gain access as an admin user. | 9.8 | 0.96% | 2023-05-12 | 2026-06-17 |
| CVE-2021-27007 | NetApp Virtual Desktop Service (VDS) when used with an HTML5 gateway is susceptible to a vulnerability which when successfully exploited could allow an unauthenticated attacker to takeover a Remote Desktop Session. | 9.8 | 1.10% | 2021-12-23 | 2026-06-16 |
| CVE-2021-26987 | Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework. | 9.8 | 2.44% | 2021-03-15 | 2026-06-16 |
| CVE-2020-8584 | Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution. | 9.8 | 4.17% | 2021-01-08 | 2026-06-16 |
| CVE-2019-5509 | ONTAP Select Deploy administration utility versions 2.11.2 through 2.12.2 are susceptible to a code injection vulnerability which when successfully exploited could allow an unauthenticated remote attacker to enable and use a privileged user account. | 9.8 | 2.27% | 2019-11-21 | 2026-06-16 |
| CVE-2019-5505 | ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext. | 9.8 | 0.84% | 2019-09-24 | 2026-06-16 |
| CVE-2019-5504 | ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions. | 9.8 | 1.97% | 2019-09-24 | 2026-06-16 |
| CVE-2019-5497 | NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution. | 9.8 | 2.87% | 2019-07-01 | 2026-06-16 |
| CVE-2019-5490 | Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Any platform listed in the advisory Impact section may be affected and should be upgraded to a fixed version of Service Processor firmware IMMEDIATELY. | 9.8 | 3.49% | 2019-03-21 | 2026-06-16 |
| CVE-2019-17275 | OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arbitrary code execution by remote attackers. | 9.8 | 2.75% | 2020-02-26 | 2026-06-16 |
| CVE-2018-5495 | All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node. | 9.8 | 1.59% | 2018-11-14 | 2026-06-16 |
| CVE-2018-5492 | NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution. | 9.8 | 2.90% | 2018-10-04 | 2026-06-16 |
| CVE-2018-5488 | NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 through 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution. | 9.8 | 3.97% | 2018-06-13 | 2026-06-16 |
| CVE-2018-5487 | NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution. | 9.8 | 2.90% | 2018-05-24 | 2026-06-16 |
| CVE-2021-26990 | Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a remote attacker to overwrite arbitrary system files. | 9.1 | 1.54% | 2021-03-19 | 2026-06-16 |
| CVE-2019-5502 | SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data. | 9.1 | 0.91% | 2019-08-05 | 2026-06-16 |
| CVE-2025-26511 | Systems running the Instaclustr fork of Stratio's Cassandra-Lucene-Index plugin versions 4.0-rc1-1.0.0 through 4.0.16-1.0.0 and 4.1.2-1.0.0 through 4.1.8-1.0.0, installed into Apache Cassandra version 4.x, are susceptible to a vulnerability which when successfully exploited could allow authenticated Cassandra users to remotely bypass RBAC and escalate their privileges. | 8.8 | 0.54% | 2025-02-13 | 2026-06-17 |
| CVE-2023-27316 | SnapCenter versions 4.8 through 4.9 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed. | 8.8 | 0.19% | 2023-10-12 | 2026-06-17 |
| CVE-2021-26995 | E-Series SANtricity OS Controller Software 11.x versions prior to 11.70.1 are susceptible to a vulnerability which when successfully exploited could allow privileged attackers to execute arbitrary code. | 8.8 | 1.21% | 2021-06-11 | 2026-06-16 |