Detections
Analytics
CVEs
Tenable maintains a list of Common Vulnerabilities and Exposures (CVEs) and their affected products. Tenable augments the data to include related Tenable Plugins that detect each vulnerability. 332333 CVEs are indexed from NVD.
RSS Feeds
Search
Vulnerability Watch ›
CVE-2026-1340
criticalVulnerability of Interest
Two Ivanti Endpoint Manager Mobile zero-day flaws were exploited in the wild in limited attacks. Apply the available patches immediately.
CVE-2026-1281
criticalVulnerability of Interest
Two Ivanti Endpoint Manager Mobile zero-day flaws were exploited in the wild in limited attacks. Apply the available patches immediately.
CVE-2025-40551
criticalVulnerability of Interest
This critical vulnerability affecting SolarWinds Web Help Desk has been reportedly exploited in the wild and should be remediated as soon as possible.
CVE-2026-24858
criticalVulnerability of Interest
Fortinet has observed in the wild exploitation of this vulnerability. Customers must upgrade to the latest versions in order to use FortiCloud SSO authentication
CVE-2026-21509
highVulnerability of Interest
Microsoft released this out of band update to address a security feature bypass vulnerability that has been exploited in the wild. Immediate patching is recommended
CVE-2024-37079
criticalVulnerability of Interest
Exploitation has been reported for this VMware vCenter Server vulnerability. Patches are available and should be applied as soon as possible.
CVE-2025-40554
criticalVulnerability Being Monitored
This critical vulnerability affecting SolarWinds Web Help Desk should be remediated as soon as possible. Solar Winds products have been highly targeted in the past
CVE-2025-40553
criticalVulnerability Being Monitored
This critical vulnerability affecting SolarWinds Web Help Desk should be remediated as soon as possible. Solar Winds products have been highly targeted in the past
CVE-2025-40552
criticalVulnerability Being Monitored
This critical vulnerability affecting SolarWinds Web Help Desk should be remediated as soon as possible. Solar Winds products have been highly targeted in the past
CVE-2026-22709
criticalVulnerability Being Monitored
This critical sandbox escape vulnerability affects the Node.js library and can be abused to execute commands. Immediate patching is recommended.
Newest ›
CVE-2026-25845
No Score
Rejected reason: Not used
CVE-2026-2073
critical
A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
CVE-2026-25844
No Score
Rejected reason: Not used
CVE-2026-25843
No Score
Rejected reason: Not used
CVE-2026-25842
No Score
Rejected reason: Not used
CVE-2026-25841
No Score
Rejected reason: Not used
CVE-2026-25840
No Score
Rejected reason: Not used
CVE-2026-25839
No Score
Rejected reason: Not used
CVE-2026-25838
No Score
Rejected reason: Not used
CVE-2026-25837
No Score
Rejected reason: Not used
Updated ›
CVE-2026-25845
No Score
Rejected reason: Not used
CVE-2026-25844
No Score
Rejected reason: Not used
CVE-2026-25843
No Score
Rejected reason: Not used
CVE-2026-25842
No Score
Rejected reason: Not used
CVE-2026-25841
No Score
Rejected reason: Not used
CVE-2026-25840
No Score
Rejected reason: Not used
CVE-2026-25839
No Score
Rejected reason: Not used
CVE-2026-25838
No Score
Rejected reason: Not used
CVE-2026-25837
No Score
Rejected reason: Not used
CVE-2026-2073
critical
A vulnerability was determined in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/user/index.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.