[{"cve": "CVE-2026-56291", "vendor": "Balbooa", "product": "Forms", "name": "Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability", "dateAdded": "2026-07-10", "dueDate": "2026-07-13", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56291"}, {"cve": "CVE-2026-48939", "vendor": "iCagenda", "product": "iCagenda", "name": "iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability", "dateAdded": "2026-07-10", "dueDate": "2026-07-13", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48939"}, {"cve": "CVE-2026-48908", "vendor": "JoomShaper", "product": "SP Page Builder", "name": "JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability", "dateAdded": "2026-07-07", "dueDate": "2026-07-10", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48908"}, {"cve": "CVE-2026-55255", "vendor": "Langflow", "product": "Langflow", "name": "Langflow Authorization Bypass Through User-Controlled Key Vulnerability", "dateAdded": "2026-07-07", "dueDate": "2026-07-10", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-55255"}, {"cve": "CVE-2026-56290", "vendor": "Joomlack", "product": "Page Builder", "name": "Joomlack Page Builder Improper Access Control Vulnerability", "dateAdded": "2026-07-07", "dueDate": "2026-07-10", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-56290"}, {"cve": "CVE-2026-48282", "vendor": "Adobe", "product": "ColdFusion", "name": "Adobe ColdFusion Path Traversal Vulnerability", "dateAdded": "2026-07-07", "dueDate": "2026-07-10", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48282"}, {"cve": "CVE-2026-45659", "vendor": "Microsoft", "product": "SharePoint Server", "name": "Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability", "dateAdded": "2026-07-01", "dueDate": "2026-07-04", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45659"}, {"cve": "CVE-2026-48558", "vendor": "SimpleHelp", "product": "SimpleHelp", "name": "SimpleHelp Authentication Bypass Vulnerability", "dateAdded": "2026-06-29", "dueDate": "2026-07-02", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48558"}, {"cve": "CVE-2026-12569", "vendor": "PTC", "product": "Windchill and FlexPLM", "name": "PTC Windchill and FlexPLM Improper Input Validation Vulnerability", "dateAdded": "2026-06-25", "dueDate": "2026-06-28", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12569"}, {"cve": "CVE-2026-20230", "vendor": "Cisco", "product": "Unified Communications Manager", "name": "Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability", "dateAdded": "2026-06-25", "dueDate": "2026-06-28", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20230"}, {"cve": "CVE-2025-67038", "vendor": "Lantronix", "product": "EDS5000", "name": "Lantronix EDS5000 Code Injection Vulnerability", "dateAdded": "2026-06-23", "dueDate": "2026-06-26", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67038"}, {"cve": "CVE-2026-34910", "vendor": "Ubiquiti", "product": "UniFi OS", "name": "Ubiquiti UniFi OS Improper Input Validation Vulnerability", "dateAdded": "2026-06-23", "dueDate": "2026-06-26", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34910"}, {"cve": "CVE-2026-34909", "vendor": "Ubiquiti", "product": "UniFi OS", "name": "Ubiquiti UniFi OS Path Traversal Vulnerability", "dateAdded": "2026-06-23", "dueDate": "2026-06-26", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34909"}, {"cve": "CVE-2026-34908", "vendor": "Ubiquiti", "product": "UniFi OS", "name": "Ubiquiti UniFi OS Improper Access Control Vulnerability", "dateAdded": "2026-06-23", "dueDate": "2026-06-26", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34908"}, {"cve": "CVE-2026-20253", "vendor": "Splunk", "product": "Enterprise", "name": "Splunk Enterprise Missing Authentication for Critical Function Vulnerability", "dateAdded": "2026-06-18", "dueDate": "2026-06-21", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20253"}, {"cve": "CVE-2026-48907", "vendor": "Widget Factory", "product": "Joomla Content Editor", "name": "Widget Factory Joomla Content Editor Improper Access Control Vulnerability", "dateAdded": "2026-06-16", "dueDate": "2026-06-19", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48907"}, {"cve": "CVE-2026-54420", "vendor": "LiteSpeed", "product": "cPanel Plugin", "name": "LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability", "dateAdded": "2026-06-15", "dueDate": "2026-06-18", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-54420"}, {"cve": "CVE-2026-20262", "vendor": "Cisco", "product": "Catalyst SD-WAN Manager", "name": "Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability", "dateAdded": "2026-06-15", "dueDate": "2026-06-29", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20262"}, {"cve": "CVE-2026-35273", "vendor": "Oracle", "product": "PeopleSoft Enterprise PeopleTools", "name": "Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability", "dateAdded": "2026-06-12", "dueDate": "2026-06-15", "ransomware": true, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35273"}, {"cve": "CVE-2026-10520", "vendor": "Ivanti", "product": "Sentry", "name": "Ivanti Sentry OS Command Injection Vulnerability", "dateAdded": "2026-06-11", "dueDate": "2026-06-14", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10520"}, {"cve": "CVE-2026-11645", "vendor": "Google", "product": "Chromium V8", "name": "Google Chromium V8 Out-of-Bounds Read and Write Vulnerability", "dateAdded": "2026-06-09", "dueDate": "2026-06-23", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11645"}, {"cve": "CVE-2026-7473", "vendor": "Arista", "product": "Extensible Operating System", "name": "Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability", "dateAdded": "2026-06-09", "dueDate": "2026-06-23", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7473"}, {"cve": "CVE-2026-20245", "vendor": "Cisco", "product": "Catalyst SD-WAN Manager", "name": "Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability", "dateAdded": "2026-06-09", "dueDate": "2026-06-23", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20245"}, {"cve": "CVE-2026-42271", "vendor": "BerriAI", "product": "LiteLLM", "name": "BerriAI LiteLLM Command Injection Vulnerability", "dateAdded": "2026-06-08", "dueDate": "2026-06-22", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42271"}, {"cve": "CVE-2026-50751", "vendor": "Check Point", "product": "Security Gateway", "name": "Check Point Security Gateway Improper Authentication Vulnerability", "dateAdded": "2026-06-08", "dueDate": "2026-06-11", "ransomware": true, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50751"}, {"cve": "CVE-2026-28318", "vendor": "SolarWinds", "product": "Serv-U", "name": "SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability", "dateAdded": "2026-06-05", "dueDate": "2026-06-19", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28318"}, {"cve": "CVE-2026-45247", "vendor": "Mirasvit", "product": "Mirasvit Full Page Cache Warmer", "name": "Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability", "dateAdded": "2026-06-03", "dueDate": "2026-06-06", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45247"}, {"cve": "CVE-2022-0492", "vendor": "Linux", "product": "Kernel", "name": "Linux Kernel Improper Authentication Vulnerability", "dateAdded": "2026-06-02", "dueDate": "2026-06-05", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0492"}, {"cve": "CVE-2025-48595", "vendor": "Android", "product": "Framework", "name": "Android Framework Integer Overflow Vulnerability", "dateAdded": "2026-06-02", "dueDate": "2026-06-05", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48595"}, {"cve": "CVE-2024-21182", "vendor": "Oracle", "product": "WebLogic Server", "name": "Oracle WebLogic Server Unspecified Vulnerability", "dateAdded": "2026-06-01", "dueDate": "2026-06-04", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21182"}, {"cve": "CVE-2026-0257", "vendor": "Palo Alto Networks", "product": "PAN-OS", "name": "Palo Alto Networks PAN-OS Authentication Bypass Vulnerability", "dateAdded": "2026-05-29", "dueDate": "2026-06-01", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0257"}, {"cve": "CVE-2026-48027", "vendor": "Nx", "product": "Nx Console", "name": "Nx Console Embedded Malicious Code Vulnerability", "dateAdded": "2026-05-27", "dueDate": "2026-06-10", "ransomware": true, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48027"}, {"cve": "CVE-2026-45321", "vendor": "TanStack", "product": "TanStack", "name": "TanStack Unspecified Vulnerability", "dateAdded": "2026-05-27", "dueDate": "2026-06-10", "ransomware": true, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45321"}, {"cve": "CVE-2026-8398", "vendor": "Daemon", "product": "Daemon Tools Lite", "name": "Daemon Tools Lite Embedded Malicious Code Vulnerability", "dateAdded": "2026-05-27", "dueDate": "2026-05-30", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8398"}, {"cve": "CVE-2026-48172", "vendor": "LiteSpeed", "product": "cPanel Plugin", "name": "LiteSpeed cPanel Plugin Privilege Escalation Vulnerability", "dateAdded": "2026-05-26", "dueDate": "2026-05-29", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48172"}, {"cve": "CVE-2026-9082", "vendor": "Drupal", "product": "Core", "name": "Drupal Core SQL Injection Vulnerability", "dateAdded": "2026-05-22", "dueDate": "2026-05-27", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9082"}, {"cve": "CVE-2025-34291", "vendor": "Langflow", "product": "Langflow", "name": "Langflow Origin Validation Error Vulnerability", "dateAdded": "2026-05-21", "dueDate": "2026-06-04", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34291"}, {"cve": "CVE-2026-34926", "vendor": "Trend Micro", "product": "Apex One", "name": "Trend Micro Apex One (On-Premise) Directory Traversal Vulnerability", "dateAdded": "2026-05-21", "dueDate": "2026-06-04", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34926"}, {"cve": "CVE-2008-4250", "vendor": "Microsoft", "product": "Windows", "name": "Microsoft Windows Buffer Overflow Vulnerability", "dateAdded": "2026-05-20", "dueDate": "2026-06-03", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4250"}, {"cve": "CVE-2009-1537", "vendor": "Microsoft", "product": "DirectX", "name": "Microsoft DirectX NULL Byte Overwrite Vulnerability", "dateAdded": "2026-05-20", "dueDate": "2026-06-03", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1537"}, {"cve": "CVE-2009-3459", "vendor": "Adobe", "product": "Acrobat and Reader", "name": "Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability", "dateAdded": "2026-05-20", "dueDate": "2026-06-03", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3459"}, {"cve": "CVE-2010-0249", "vendor": "Microsoft", "product": "Internet Explorer", "name": "Microsoft Internet Explorer Use-After-Free Vulnerability", "dateAdded": "2026-05-20", "dueDate": "2026-06-03", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0249"}, {"cve": "CVE-2010-0806", "vendor": "Microsoft", "product": "Internet Explorer", "name": "Microsoft Internet Explorer Use-After-Free Vulnerability", "dateAdded": "2026-05-20", "dueDate": "2026-06-03", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0806"}, {"cve": "CVE-2026-41091", "vendor": "Microsoft", "product": "Defender", "name": "Microsoft Defender Link Following Vulnerability", "dateAdded": "2026-05-20", "dueDate": "2026-06-03", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41091"}, {"cve": "CVE-2026-45498", "vendor": "Microsoft", "product": "Defender", "name": "Microsoft Defender Denial of Service Vulnerability", "dateAdded": "2026-05-20", "dueDate": "2026-06-03", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45498"}, {"cve": "CVE-2026-42897", "vendor": "Microsoft", "product": "Microsoft", "name": "Microsoft Exchange Server Cross-Site Scripting Vulnerability", "dateAdded": "2026-05-15", "dueDate": "2026-05-29", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42897"}, {"cve": "CVE-2026-20182", "vendor": "Cisco", "product": "Catalyst SD-WAN", "name": "Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability", "dateAdded": "2026-05-14", "dueDate": "2026-05-17", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20182"}, {"cve": "CVE-2026-42208", "vendor": "BerriAI", "product": "LiteLLM", "name": "BerriAI LiteLLM SQL Injection Vulnerability", "dateAdded": "2026-05-08", "dueDate": "2026-05-11", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42208"}, {"cve": "CVE-2026-6973", "vendor": "Ivanti", "product": "Endpoint Manager Mobile (EPMM)", "name": "Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability", "dateAdded": "2026-05-07", "dueDate": "2026-05-10", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6973"}, {"cve": "CVE-2026-0300", "vendor": "Palo Alto Networks", "product": "PAN-OS", "name": "Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability", "dateAdded": "2026-05-06", "dueDate": "2026-05-09", "ransomware": false, "nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0300"}]