Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2023-5309 | Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations. | 6.8 | 0.50% | 2023-11-07 | 2026-06-17 |
| CVE-2021-27018 | The mechanism which performs certificate validation was discovered to have a flaw that resulted in certificates signed by an internal certificate authority to not be properly validated. This issue only affects clients that are configured to utilize Tenable.sc as the vulnerability data source. | 7.5 | 0.52% | 2021-08-30 | 2026-06-16 |
| CVE-2018-6510 | A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6. | 5.4 | 0.53% | 2018-05-08 | 2026-06-16 |
| CVE-2021-27017 | Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release. | 6.6 | 0.53% | 2025-02-07 | 2026-06-16 |
| CVE-2018-11751 | Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0. | 5.4 | 0.61% | 2019-12-16 | 2026-06-16 |
| CVE-2024-3995 | In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by Bryan Riggins. | 2.0 | 0.61% | 2024-06-28 | 2026-06-17 |
| CVE-2017-2297 | Puppet Enterprise versions prior to 2016.4.5 and 2017.2.1 did not correctly authenticate users before returning labeled RBAC access tokens. This issue has been fixed in Puppet Enterprise 2016.4.5 and 2017.2.1. This only affects users with labeled tokens, which is not the default for tokens. | 7.5 | 0.65% | 2018-02-01 | 2026-06-16 |
| CVE-2018-6511 | A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Puppet Enterprise Console. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6. | 5.4 | 0.65% | 2018-05-08 | 2026-06-16 |
| CVE-2017-2293 | Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 shipped with an MCollective configuration that allowed the package plugin to install or remove arbitrary packages on all managed agents. This release adds default configuration to not allow these actions. Customers who rely on this functionality can change this policy. | 4.9 | 0.70% | 2018-02-01 | 2026-06-16 |
| CVE-2021-27019 | PuppetDB logging included potentially sensitive system information. | 4.3 | 0.71% | 2021-08-30 | 2026-06-16 |
| CVE-2018-11747 | Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx container. In version 1.4.0, a unique certificate will be generated on installation or the user will be able to provide their own TLS certificate for ingress. | 9.8 | 0.72% | 2019-03-21 | 2026-06-16 |
| CVE-2024-6726 | Versions of Delphix Engine prior to Release 25.0.0.0 contain a flaw which results in Remote Code Execution (RCE). | 8.8 | 0.74% | 2024-07-29 | 2026-06-17 |
| CVE-2024-0325 | In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan Riggins. | 3.6 | 0.75% | 2024-02-01 | 2026-06-17 |
| CVE-2018-11749 | When users are configured to use startTLS with RBAC LDAP, at login time, the user's credentials are sent via plaintext to the LDAP server. This affects Puppet Enterprise 2018.1.3, 2017.3.9, and 2016.4.14, and is fixed in Puppet Enterprise 2018.1.4, 2017.3.10, and 2016.4.15. It scored an 8.5 CVSS score. | 9.8 | 0.76% | 2018-08-24 | 2026-06-16 |
| CVE-2021-27024 | A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user with lower privileges being able to access a Puppet Enterprise API token. This issue is resolved in CD4PE 4.10.0 | 8.1 | 0.79% | 2021-11-18 | 2026-06-16 |
| CVE-2020-7942 | Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes | 6.5 | 0.82% | 2020-02-19 | 2026-06-16 |
| CVE-2018-6516 | On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools (aka pe-client-tools) 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation. | 7.8 | 0.85% | 2018-06-14 | 2026-06-16 |
| CVE-2018-6515 | Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation. | 7.8 | 0.85% | 2018-06-11 | 2026-06-16 |
| CVE-2018-6514 | In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation. | 7.8 | 0.85% | 2018-06-11 | 2026-06-16 |
| CVE-2017-2299 | Versions of the puppetlabs-apache module prior to 1.11.1 and 2.1.0 make it very easy to accidentally misconfigure TLS trust. If you specify the `ssl_ca` parameter but do not specify the `ssl_certs_dir` parameter, a default will be provided for the `ssl_certs_dir` that will trust certificates from any of the system-trusted certificate authorities. This did not affect FreeBSD. | 7.5 | 0.85% | 2017-09-15 | 2026-06-16 |