Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2021-26557 | When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access. | 7.8 | 0.31% | 2021-10-06 | 2026-06-16 |
| CVE-2021-26556 | When Octopus Server is installed using a custom folder location, folder ACLs are not set correctly and could lead to an unprivileged user using DLL side-loading to gain privileged access. | 7.8 | 0.25% | 2021-10-06 | 2026-06-16 |
| CVE-2021-31819 | In Halibut versions prior to 4.4.7 there is a deserialisation vulnerability that could allow remote code execution on systems that already trust each other based on certificate verification. | 9.8 | 2.28% | 2021-09-21 | 2026-06-16 |
| CVE-2021-31820 | In Octopus Server after version 2018.8.2 if the Octopus Server Web Request Proxy is configured with authentication, the password is shown in plaintext in the UI. | 7.5 | 0.61% | 2021-08-18 | 2026-06-16 |
| CVE-2021-31817 | When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. | 7.5 | 0.86% | 2021-07-08 | 2026-06-16 |
| CVE-2021-31816 | When configuring Octopus Server if it is configured with an external SQL database, on initial configuration the database password is written to the OctopusServer.txt log file in plaintext. | 7.5 | 0.86% | 2021-07-08 | 2026-06-16 |
| CVE-2021-31818 | Affected versions of Octopus Server are prone to an authenticated SQL injection vulnerability in the Events REST API because user supplied data in the API request isn’t parameterised correctly. Exploiting this vulnerability could allow unauthorised access to database tables. | 4.3 | 0.62% | 2021-06-17 | 2026-06-16 |