Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-22167 | This High severity Path Traversal (Arbitrary Write) vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 of Jira Software Data Center and Server. This Path Traversal (Arbitrary Write) vulnerability, with a CVSS Score of 8.7, allows an attacker to modify any filesystem path writable by the Jira JVM process. Atlassian recommends that Jira Software Data Center and Server customers upgrade to the latest version; if you are unable to do so, upgrade your instance to on | 8.7 | 0.40% | 2025-10-21 | 2026-06-17 |
| CVE-2025-22166 | This High severity DoS (Denial of Service) vulnerability was introduced in version 2.0 of Confluence Data Center. This DoS (Denial of Service) vulnerability, with a CVSS Score of 8.3, allows an attacker to cause a resource to be unavailable for its intended users by temporarily or indefinitely disrupting services of a host connected to a network. Atlassian recommends that Confluence Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of | 8.3 | 0.46% | 2025-10-21 | 2026-06-17 |
| CVE-2025-22165 | This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8 of Sourcetree for Mac. This ACE (Arbitrary Code Execution) vulnerability, with a CVSS Score of 5.9, allows a locally authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Sourcetree for Mac users upgrade to the latest version. If you are unable to do | 5.9 | 0.05% | 2025-07-24 | 2026-06-17 |
| CVE-2025-22157 | This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Server 5.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server This PrivEsc (Privilege Escalation) vulnerability, with a CVSS Score of 7.2, allows an attacker to perform actions as a higher-privileged user. Atlassian recommends that Jira Core Data Center and Server and Jira Service Management Data Center and | 7.2 | 0.43% | 2025-05-20 | 2026-06-17 |
| CVE-2019-15002 | An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The login form doesn’t require a CSRF token. As a result, an attacker can log a user into the system under an unexpected account. | 4.3 | 0.30% | 2025-02-11 | 2026-06-16 |
| CVE-2024-23438 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23437 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23436 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23435 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23434 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23433 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23432 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23431 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23430 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23429 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23428 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23427 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23426 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23425 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |
| CVE-2024-23424 | Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | N/A | N/A | 2024-12-31 | 2024-12-31 |