Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-22716 | Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes. | 5.0 | 0.16% | 2026-02-27 | 2026-06-17 |
| CVE-2026-41847 | Spring WebFlux applications may be vulnerable to a security bypass when using the Kotlin Router DSL. Affected versions: Spring Framework 5.3.0 through 5.3.48. | 4.8 | 0.16% | 2026-06-09 | 2026-06-17 |
| CVE-2026-40971 | When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected: Spring Boot 4.0.0–4.0.5 (fix 4.0.6), 3.5.0–3.5.13 (fix 3.5.14) per vendor advisory. | 5.0 | 0.16% | 2026-04-27 | 2026-06-17 |
| CVE-2025-22237 | An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process. | 6.7 | 0.16% | 2025-06-13 | 2026-06-17 |
| CVE-2025-41231 | VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information. | 7.3 | 0.16% | 2025-05-20 | 2026-06-17 |
| CVE-2025-22239 | Arbitrary event injection on Salt Master. The master's "_minion_event" method can be used by and authorized minion to send arbitrary events onto the master's event bus. | 8.1 | 0.16% | 2025-06-13 | 2026-06-17 |
| CVE-2026-41845 | Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape() may lead to JavaScript code injection in the browser, potentially resulting in a cross-site scripting (XSS) vulnerability. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48. | 7.1 | 0.16% | 2026-06-09 | 2026-06-27 |
| CVE-2024-22273 | The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues. | 8.1 | 0.16% | 2024-05-21 | 2026-06-17 |
| CVE-2023-34045 | VMware Fusion(13.x prior to 13.5) contains a local privilege escalation vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time. | 6.6 | 0.16% | 2023-10-20 | 2026-06-17 |
| CVE-2025-22245 | VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation. | 5.9 | 0.16% | 2025-06-04 | 2026-06-17 |
| CVE-2025-22241 | File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location and is present in the default configuration. | 5.6 | 0.17% | 2025-06-13 | 2026-06-17 |
| CVE-2026-22717 | Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware Workstation is installed. | 2.7 | 0.17% | 2026-02-27 | 2026-06-17 |
| CVE-2026-41004 | When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrade to 3.1.14 or greater (Enterprise Support Only). Spring Cloud Config 4.1.x: affected from 4.1.0 through 4.1.9 (inclusive); upgrade to 4.1.10 or greater (Enterprise Support Only). Spring Cloud Config 4.2.x: affected from 4.2.0 through 4.2.6 (inclusive); upgrade to 4.2.7 or greater (Enterprise Support | 4.4 | 0.17% | 2026-05-07 | 2026-06-17 |
| CVE-2026-40985 | Applications that configure the WebFlowELExpressionParser are vulnerable to the use of malicious Unified EL expressions. Affected versions: Spring Web Flow 4.0.0; 3.0.0 through 3.0.1; 2.5.0 through 2.5.1. | 6.4 | 0.17% | 2026-06-11 | 2026-06-23 |
| CVE-2026-41701 | Correlation IDs for replies in the RabbitTemplate.sendAndReceive() with the fixed reply queue are predictable due to internal simple counter. Affected versions: Spring AMQP 4.0.0 through 4.0.3; 3.2.0 through 3.2.10; 3.1.0 through 3.1.15; 2.4.0 through 2.4.17. | 4.4 | 0.17% | 2026-06-09 | 2026-06-23 |
| CVE-2026-41838 | IDs for WebSocket sessions in the spring-websocket module are not cryptographically unpredictable, which may be possible to exploit in combination with inadequate authorization rules. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48. | 4.8 | 0.17% | 2026-06-09 | 2026-06-27 |
| CVE-2026-40968 | When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can be inherited by a subsequent unauthenticated request on the same thread. This may allow the subsequent user to gain escalated permissions. Affected versions: Spring gRPC: 1.0.0 - 1.0.2 (fixed in 1.0.3). Older, unsupported versions are also affected. | 4.2 | 0.17% | 2026-04-28 | 2026-06-17 |
| CVE-2026-41715 | In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51; 1.1.0 through 1.1.35; 1.2.0 through 1.2.17; 1.3.0 through 1.3.5. | 6.1 | 0.17% | 2026-06-09 | 2026-06-23 |
| CVE-2026-41008 | Spring Security Authorization Server's authorization endpoint performs insufficient validation of the request_uri parameter. An attacker can craft a malicious authorization request containing an invalid request_uri and an arbitrary, unvalidated redirect_uri, which can lead to an Open Redirect vulnerability. Affected versions: Spring Security 7.0.0 through 7.0.5. Spring Authorization Server 1.5.0 through 1.5.7. | 6.1 | 0.17% | 2026-06-09 | 2026-06-27 |
| CVE-2023-34043 | VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. | 6.7 | 0.17% | 2023-09-27 | 2026-06-17 |