| 298853 | GitLab 13.7 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-6195) | medium |
| 298852 | GitLab 17.9 < 18.3.6 / 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-7736) | medium |
| 298851 | GitLab 6.3 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-14157) | medium |
| 298844 | GitLab 11.9 < 18.6.4 / 18.7 < 18.7.2 / 18.8 < 18.8.2 (CVE-2025-13927) | high |
| 298843 | GitLab 15.6 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12734) | low |
| 298842 | GitLab 18.4 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12716) | high |
| 298841 | GitLab 13.2 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-11247) | medium |
| 298840 | GitLab 15.4 < 18.5.5 / 18.6 < 18.6.3 / 18.7 < 18.7.1 (CVE-2025-11246) | medium |
| 298839 | GitLab 17.1 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-14560) | medium |
| 298838 | GitLab 8.3 < 18.5.5 / 18.6 < 18.6.3 / 18.7 < 18.7.1 (CVE-2025-10569) | medium |
| 298837 | GitLab 13.1 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-11984) | medium |
| 298836 | GitLab 18.0 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-12575) | medium |
| 298835 | GitLab 17.1 < 18.6.4 / 18.7 < 18.7.2 / 18.8 < 18.8.2 (CVE-2025-13335) | medium |
| 298834 | GitLab 15.11 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12029) | high |
| 298833 | GitLab 17.11 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-14594) | low |
| 298832 | GitLab 18.1 < 18.3.6 / 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-11865) | medium |
| 298831 | GitLab 11.10 < 18.4.6 / 18.5 < 18.5.4 / 18.6 < 18.6.2 (CVE-2025-12562) | high |
| 298830 | GitLab 18.5 < 18.5.5 / 18.6 < 18.6.3 / 18.7 < 18.7.1 (CVE-2025-13781) | medium |
| 298829 | GitLab 18.6 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-14592) | medium |
| 298828 | GitLab 15.10 < 18.3.6 / 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-11224) | medium |
| 298827 | GitLab 18.0 < 18.6.6 / 18.7 < 18.7.4 / 18.8 < 18.8.4 (CVE-2025-12073) | medium |
| 298826 | GitLab 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-11990) | low |
| 298825 | GitLab 18.6 < 18.6.3 / 18.7 < 18.7.1 (CVE-2025-13761) | critical |
| 298824 | GitLab 16.9 < 18.3.6 / 18.4 < 18.4.4 / 18.5 < 18.5.2 (CVE-2025-12983) | medium |
| 298823 | GitLab 13.2 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-13611) | medium |
| 298822 | GitLab 18.3 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-12653) | medium |
| 298821 | GitLab 17.10 < 18.4.5 / 18.5 < 18.5.3 / 18.6 < 18.6.1 (CVE-2025-12571) | high |
| 298770 | Roundcube Webmail 1.5.x < 1.5.13 / 1.6.x < 1.6.13 Multiple Vulnerabilities | medium |
| 298511 | BeyondTrust Privileged Remote Access (PRA) <= 24.3.4 Pre-Authentication RCE (BT26-02) | critical |
| 298510 | BeyondTrust Remote Support (RS) < 25.3.2 Pre-Authentication RCE (BT26-02) | critical |
| 298255 | Atlassian Confluence 7.19 < 8.5.31 / 8.6.x < 9.2.13 / 9.3.x < 10.2.2 (CONFSERVER-101872) | critical |
| 298241 | SmarterMail < 100.0.9511 Unauthenticated RCE via ConnectToHub API (CVE-2026-24423) | critical |
| 298175 | Atlassian Confluence 7.7.x < 8.5.31 / 8.6.x < 9.2.13 / 9.3.1 < 10.2.2 (CONFSERVER-101878) | critical |
| 298174 | Atlassian Confluence 7.13 < 9.2.11 / 9.3.1 < 10.1.0 (CONFSERVER-101827) | high |
| 298043 | Atlassian Confluence 9.2.8 < 9.2.11 (CONFSERVER-101842) | medium |
| 298040 | FreePBX 13.x < 13.0.197.14 / 14.x < 14.0.13.12 / 15.x < 15.0.16.27 Remote Admin Authentication Bypass | critical |
| 298039 | FreePBX 17.0.2.36 < 17.0.3 Command Injection (GHSA-vm9p-46mv-5xvw) | high |
| 297849 | ManageEngine OpManager Stored XSS in Subnet Details (CVE-2025-9226) | medium |
| 297831 | Dotnetnuke 9.0.x < 9.13.10 / 10.0.x < 10.2.0 Stored XSS in Module Deletion Confirmation Modal (CVE-2026-24837) | medium |
| 297830 | Dotnetnuke 9.0.x < 9.13.10 / 10.0.x < 10.02.00 Potential XSS vulnerability in modules' header and footer (CVE-2026-24784) | medium |
| 297829 | Dotnetnuke < 9.13.10 / 10.0.x < 10.02.00 Stored XSS in Module Description (CVE-2026-24833) | medium |
| 297828 | Dotnetnuke 9.0.x < 9.13.10 / 10.0.x < 10.02.00 Stored XSS in Scheduler LogNotes (CVE-2026-24836) | medium |
| 297827 | Dotnetnuke < 9.13.10 / 10.0.x < 10.02.00 Stored XSS via Module Title (CVE-2026-24838) | medium |
| 297224 | SmarterMail < 100.0.9511 Auth Bypass (CVE-2026-23760) | critical |
| 297222 | SmarterMail < 100.0.9413 Unrestricted File Upload Remote Code Execution (CVE-2025-52691) | critical |
| 297134 | Zimbra Collaboration Server 10.0.x < 10.0.18, 10.1.x < 10.1.13 Local File Inclusion | high |
| 297129 | Splunk Enterprise 9.2.0 < 9.2.12, 9.3.0 < 9.3.9, 9.4.0 < 9.4.8, 10.0.0 < 10.0.3 (SVD-2026-0101) | high |
| 296366 | Oracle Primavera Gateway (January 2026 CPU) | medium |
| 295029 | Oracle Primavera Unifier (January 2026 CPU) | critical |
| 294995 | Oracle Primavera P6 Enterprise Project Portfolio Management (January 2026 CPU) | medium |
