Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-30805
Insecure Default Initialization of Resource vulnerability allows Authentication Bypass via API access. This issue affects Pandora FMS: from 777 through 800
CVSS Score
9.1
EPSS Score
0.003
Published
2026-05-12
CVE-2026-30807
Cross-Site Request Forgery vulnerability allows an attacker to perform unauthorized actions via crafted web page. This issue affects Pandora FMS: from 777 through 800
CVSS Score
7.1
EPSS Score
0.001
Published
2026-05-12
CVE-2026-30808
Session Fixation vulnerability allows Session Hijacking via crafted session ID. This issue affects Pandora FMS: from 777 through 800
CVSS Score
7.6
EPSS Score
0.003
Published
2026-05-12
CVE-2026-8401
Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11.
CVSS Score
9.8
EPSS Score
0.003
Published
2026-05-12
CVE-2026-8111
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.
CVSS Score
8.8
EPSS Score
0.009
Published
2026-05-12
CVE-2026-7432
A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM
CVSS Score
7.8
EPSS Score
0.003
Published
2026-05-12
CVE-2026-8043
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks.
CVSS Score
9.6
EPSS Score
0.009
Published
2026-05-12
CVE-2026-8051
OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution.
CVSS Score
7.2
EPSS Score
0.019
Published
2026-05-12
CVE-2026-8109
An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.
CVSS Score
6.5
EPSS Score
0.007
Published
2026-05-12
CVE-2026-8110
Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2026-05-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved