| 114473 | Mastodon 4.2.x < 4.2.10 Multiples Vulnerabilities | high |
| 114472 | Mastodon < 4.1.18 Multiples Vulnerabilities | high |
| 114471 | Mastodon 4.2.x < 4.2.13 Regular Expression Denial of Service | high |
| 114470 | Mastodon < 4.1.20 Regular Expression Denial of Service | high |
| 114467 | Danswer < 0.10.0-beta.1 Insecure Direct Object Reference | medium |
| 114462 | SuiteCRM < 7.14.4 / 8.x < 8.6.1 SQL Injection | critical |
| 114461 | Clockwork Unrestricted Access | critical |
| 114460 | Clockwork Detected | info |
| 114459 | Gradio < 4.37.1 Open Redirect | medium |
| 114458 | GiveWP Plugin for WordPress < 3.16.4 Remote Code Execution | critical |
| 114457 | Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties | critical |
| 114456 | Drupal 10.2.x < 10.2.10 Improper Error Handling | medium |
| 114455 | Atlassian Confluence 8.6.x < 8.9.3 Cross-Site Scripting | high |
| 114454 | Atlassian Confluence 7.20.x < 8.5.11 Cross-Site Scripting | high |
| 114453 | Atlassian Confluence < 7.19.25 Cross-Site Scripting | high |
| 114452 | SEOPress Plugin for WordPress < 7.9 PHP Object Injection | critical |
| 114451 | XWiki Platform 7.0 < 14.4.8 / 14.5 < 14.10.4 Remote Code Execution | high |
| 114450 | Mura/Masa CMS SQL Injection | critical |
| 114449 | Dolibarr 16.x < 16.0.5 Database Download | high |
| 114448 | Apache Tapestry Arbitrary File Read | critical |
| 114447 | PHP 8.1.x < 8.1.30 Multiple Vulnerabilities | critical |
| 114446 | PHP 8.2.x < 8.2.24 Multiple Vulnerabilities | critical |
| 114445 | PHP 8.3.x < 8.3.12 Multiple Vulnerabilities | critical |
| 114444 | Apache OFBiz < 18.12.16 Remote Code Execution | high |
| 114443 | Social Warfare Plugin for WordPress 4.4.6.4 < 4.4.7.3 Injected Backdoor | critical |
| 114442 | Pods Plugin for WordPress 3.2.3 Injected Backdoor | critical |
| 114441 | PowerPress Podcasting Plugin for WordPress 11.9.3 / 11.9.4 Injected Backdoor | critical |
| 114440 | LiteSpeed Cache Plugin for WordPress < 6.5.0.1 Sensitive Information Exposure | critical |
| 114433 | Ivanti EPM RecordGoodApp SQL Injection | high |
| 114431 | Next.js < 14.1.1 Server Actions Server-Side Request Forgery | high |
| 114430 | Next.js Remote Patterns Server-Side Request Forgery | medium |
| 114427 | Gutenberg Forms Plugin for WordPress <= 2.2.9 Arbitrary File Upload | critical |
| 114426 | CKEditor < 4.24.0-LTS Multiples Cross-Site Scripting | medium |
| 114425 | CKEditor < 4.25.0-LTS Multiples Cross-Site Scripting | medium |
| 114424 | CKEditor < 5.35.0.1 Cross-Site Scripting | medium |
| 114423 | Nginx 1.25.x < 1.26.1 Multiple Vulnerabilities | medium |
| 114422 | Nginx 1.5.13 < 1.26.2 Buffer Over-read | medium |
| 114421 | Nginx 1.27.0 Buffer Over-read | medium |
| 114420 | Atlassian Confluence 9.0.x < 9.0.1 Multiple Vulnerabilities | high |
| 114419 | Atlassian Confluence 8.6.x < 8.9.5 Multiple Vulnerabilities | high |
| 114418 | Atlassian Confluence 7.20.x < 8.5.14 Multiple Vulnerabilities | high |
| 114417 | Atlassian Confluence < 7.19.26 Multiple Vulnerabilities | high |
| 114416 | Joomla! 3.x < 3.10.17 Multiple Vulnerabilities | critical |
| 114415 | Joomla! 4.x < 4.4.7 Multiple Vulnerabilities | critical |
| 114414 | Joomla! 5.x < 5.1.3 Multiple Vulnerabilities | critical |
| 114413 | Flowise < 2.0.6 Authentication Bypass | high |
| 114411 | Ivanti Virtual Traffic Manager Authentication Bypass | critical |
| 114410 | FCKEditor Unsupported Version | critical |
| 114409 | Gradio 4.3 < 4.13 Local File Read | high |
| 114408 | Gradio Unauthenticated Access | critical |
