Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-30807
Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800
CVSS Score
7.1
EPSS Score
0.0
Published
2026-05-12
CVE-2026-30808
Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800
CVSS Score
7.6
EPSS Score
0.0
Published
2026-05-12
CVE-2026-8401
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-05-12
CVE-2026-8111
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.
CVSS Score
8.8
EPSS Score
0.004
Published
2026-05-12
CVE-2026-7432
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM
CVSS Score
7.8
EPSS Score
0.0
Published
2026-05-12
CVE-2026-8043
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks.
CVSS Score
9.6
EPSS Score
0.001
Published
2026-05-12
CVE-2026-8051
OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS Score
7.2
EPSS Score
0.015
Published
2026-05-12
CVE-2026-8109
An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.
CVSS Score
6.5
EPSS Score
0.001
Published
2026-05-12
CVE-2026-8110
Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-05-12
CVE-2026-7431
An incorrect permission assignment for critical resource of Ivanti Secure Access Client   before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section.
CVSS Score
4.4
EPSS Score
0.0
Published
2026-05-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved