CVE Prioritization
Triage CVEs by EPSS, CISA KEV, PoC availability, attack complexity, and in-feed incidents.
50
Total CVEs
2
Critical
0
KEV / Exploited
0
PoC Exists
0
Zero Day
0
Patch Available
| CVE ID | Published | Severity | EPSS Score | Complexity | Status | PoC | Patch | Due Date | Feed Hits | Description | |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/cco | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Vim is an open source, command line text editor. Prior to 9.2.0725, the single-byte branch of spell_soundfold_sal() in s | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Vim is an open source, command line text editor. Prior to 9.2.0736, the PHP omni-completion script in runtime/autoload/p | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, Asset.render in app/src/asset/index.ts in | Details | |
| 09 Jul 2026 | MEDIUM 4.9 |
0.0%
|
LOW |
—
|
— | — | — | 0 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts at | Details | |
| 09 Jul 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint ret | Details | |
| 09 Jul 2026 | HIGH 7.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the block search endpoint POST /api/searc | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content t | Details | |
| 09 Jul 2026 | HIGH 7.7 |
0.0%
|
LOW |
—
|
— | — | — | 0 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /snippets/*filepath route handler ser | Details | |
| 09 Jul 2026 | MEDIUM 4.4 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | GitHub CLI (gh) is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace | Details | |
| 09 Jul 2026 | NONE |
0.0%
|
LOW |
—
|
— | — | — | 0 | Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance | Details | |
| 09 Jul 2026 | MEDIUM 5.3 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0 | Details | |
| 09 Jul 2026 | HIGH 7.7 |
0.0%
|
LOW |
—
|
— | — | — | 0 | New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0 | Details | |
| 09 Jul 2026 | MEDIUM 5.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions tha | Details | |
| 09 Jul 2026 | MEDIUM 5.4 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users wi | Details | |
| 09 Jul 2026 | HIGH 8.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attacke | Details | |
| 09 Jul 2026 | CRITICAL 9.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remote attacker | Details | |
| 09 Jul 2026 | CRITICAL 9.1 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attacker | Details | |
| 09 Jul 2026 | MEDIUM 5.8 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A Use of Incorrectly-Resolved Name or Reference vulnerability in the URL filtering plugin of Juniper Networks Junos OS o | Details | |
| 09 Jul 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine (pfe) of Juniper Networks Jun | Details | |
| 09 Jul 2026 | MEDIUM 4.7 |
0.0%
|
LOW |
—
|
— | — | — | 0 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (PFE) of Juniper N | Details | |
| 09 Jul 2026 | MEDIUM 5.9 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in the packe | Details | |
| 09 Jul 2026 | MEDIUM 5.3 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | A Missing Synchronization vulnerability in the flow collector handler of Juniper Networks Junos OS Evolved on QFX Series | Details | |
| 09 Jul 2026 | HIGH 7.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper Networks Junos OS Evolve | Details | |
| 09 Jul 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (pfe) of Juniper Netw | Details | |
| 09 Jul 2026 | HIGH 7.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | An Improper Validation of Syntactic Correctness of Input vulnerability in the SIP plugin of Juniper Networks Junos OS on | Details | |
| 09 Jul 2026 | MEDIUM 5.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A Return of Pointer Value Outside of Expected Range vulnerability in the fileio library of Juniper Networks Junos OS and | Details | |
| 09 Jul 2026 | MEDIUM 5.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | A Use of Multiple Resources with Duplicate Identifier vulnerability in the IKE daemon (iked) of Juniper Networks Junos O | Details | |
| 09 Jul 2026 | HIGH 7.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of Juniper Networks Junos OS | Details | |
| 09 Jul 2026 | MEDIUM 5.9 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper N | Details | |
| 09 Jul 2026 | MEDIUM 5.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | An Out-of-bounds Write vulnerability in the http-gatekeeper (http-gk) of Juniper Networks Junos OS on SRX Series allows | Details | |
| 09 Jul 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine (pfe) of Juniper N | Details | |
| 09 Jul 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine (pfe) of Juniper Net | Details | |
| 09 Jul 2026 | MEDIUM 6.8 |
0.0%
|
HIGH |
—
|
— | — | — | 0 | OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA's OIDC authenticator skippe | Details | |
| 09 Jul 2026 | MEDIUM 5.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hos | Details | |
| 09 Jul 2026 | HIGH 8.6 |
0.0%
|
LOW |
—
|
— | — | — | 0 | DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process- | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a topic "featured | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, when MySQL is being used as the dat | Details | |
| 09 Jul 2026 | HIGH 7.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a malicious second | Details | |
| 09 Jul 2026 | MEDIUM 5.4 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, insufficient SVG s | Details | |
| 09 Jul 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the AWS SES bounce | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, restricted tag and | Details | |
| 09 Jul 2026 | MEDIUM 6.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, regular users coul | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, secure uploads cou | Details | |
| 09 Jul 2026 | MEDIUM 5.3 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, EventSerializer co | Details | |
| 09 Jul 2026 | HIGH 8.2 |
0.0%
|
LOW |
—
|
— | — | — | 0 | Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the signup flow co | Details | |
| 09 Jul 2026 | — |
0.0%
|
— |
—
|
— | — | — | 0 | decompress before 4.2.2 allows arbitrary symlink creation during archive extraction. When processing symlink entries (ty | Details | |
| 09 Jul 2026 | MEDIUM 6.2 |
0.0%
|
LOW |
—
|
— | — | — | 0 | decompress before 4.2.2 contains an improper path containment check that enables directory traversal and arbitrary file | Details | |
| 09 Jul 2026 | MEDIUM 5.5 |
0.0%
|
LOW |
—
|
— | — | — | 0 | decompress before 4.2.2 allows arbitrary hardlink creation during archive extraction, enabling file read disclosure and | Details | |
| 09 Jul 2026 | — |
0.2%
|
— |
—
|
— | — | — | 0 | An integer overflow in the jbig2_arith_iaid_ctx_new() function of Artifex commit cc37d0 allows attackers to cause a Deni | Details |