| Vendure Core - SQL Injection | Network Scanner | | Critical(9.1This represents the CVSSV3 score of this vulnerability) | N/A | N/A | No |
| Retool Self-Hosted - postMessage XSS via Custom Component Collections | Network Scanner | | | N/A | N/A | No |
| esm.sh <= v136 - Arbitrary File Write via Path Traversal | Network Scanner | | Medium(5.3This represents the CVSSV3 score of this vulnerability) | 0.02This represents the EPSS score of this vulnerability | 0.81This represents the EPSS percentile of this vulnerability | No |
| Arcane <= 1.17.2 - Server-Side Request Forgery | Network Scanner | | High(7.2This represents the CVSSV3 score of this vulnerability) | 0.01This represents the EPSS score of this vulnerability | 0.06This represents the EPSS percentile of this vulnerability | No |
| OpenAM <= 16.0.5 - Pre-Auth RCE via jato.clientSession Deserialization | Network Scanner | | Critical(9.8This represents the CVSSV3 score of this vulnerability) | 0.01This represents the EPSS score of this vulnerability | 0.65This represents the EPSS percentile of this vulnerability | No |
 SmarterMail - Remote Code Execution | Network Scanner | | Critical(9.8This represents the CVSSV3 score of this vulnerability) | 0.67This represents the EPSS score of this vulnerability | 0.99This represents the EPSS percentile of this vulnerability | No |
| AnythingLLM - Username Enumeration via Password Recovery | Network Scanner | | Medium(5.3This represents the CVSSV3 score of this vulnerability) | 0.01This represents the EPSS score of this vulnerability | 0.17This represents the EPSS percentile of this vulnerability | No |
| Vite Dev Server - Arbitrary File Read | Network Scanner | | High(8.2This represents the CVSSV3 score of this vulnerability) | 0.01This represents the EPSS score of this vulnerability | 0.21This represents the EPSS percentile of this vulnerability | No |
| Chainlit - Unauthenticated Access | Network Scanner | | | N/A | N/A | No |
| WordPress Madara Theme < 2.2.2.1 - Local File Inclusion | Network Scanner | | Critical(9.1This represents the CVSSV3 score of this vulnerability) | 0.02This represents the EPSS score of this vulnerability | 0.79This represents the EPSS percentile of this vulnerability | No |
| ChromaDB - Unauthenticated API Exposure | Network Scanner | | | N/A | N/A | No |
| Nginx UI - Broken Access Control | Network Scanner | | Critical(9.8This represents the CVSSV3 score of this vulnerability) | 0.05This represents the EPSS score of this vulnerability | 0.9This represents the EPSS percentile of this vulnerability | No |
| Reflected Odoo - Open Redirect | Network Scanner | | | N/A | N/A | No |
| Cockpit Web Console < 360 - Remote Code Execution | Network Scanner | | Critical(9.8This represents the CVSSV3 score of this vulnerability) | 0.02This represents the EPSS score of this vulnerability | 0.83This represents the EPSS percentile of this vulnerability | No |
| DbGate Anonymous Access | Network Scanner | | | N/A | N/A | No |
| Flowise - NVIDIA NIM Endpoints Missing Authentication | Network Scanner | | High(8.6This represents the CVSSV3 score of this vulnerability) | 0.04This represents the EPSS score of this vulnerability | 0.88This represents the EPSS percentile of this vulnerability | No |
| WCAPF WooCommerce Ajax Product Filter - SQL Injection | Network Scanner | | High(7.5This represents the CVSSV3 score of this vulnerability) | 0.19This represents the EPSS score of this vulnerability | 0.96This represents the EPSS percentile of this vulnerability | No |
| User Registration & Membership WordPress plugin - Open Redirect | Network Scanner | | Medium(6.1This represents the CVSSV3 score of this vulnerability) | 0.02This represents the EPSS score of this vulnerability | 0.79This represents the EPSS percentile of this vulnerability | No |
| Team WordPress Plugin (TLP Team) <= 5.0.9 - SQL Injection | Network Scanner | | High(8.6This represents the CVSSV3 score of this vulnerability) | 0.07This represents the EPSS score of this vulnerability | 0.92This represents the EPSS percentile of this vulnerability | No |
| LoLLMs WEBUI - Server-Side Request Forgery | Network Scanner | | Critical(9.1This represents the CVSSV3 score of this vulnerability) | 0.17This represents the EPSS score of this vulnerability | 0.95This represents the EPSS percentile of this vulnerability | No |
| AstrBot <= 4.22.1 - Command Injection | Network Scanner | | High(8.8This represents the CVSSV3 score of this vulnerability) | 0.04This represents the EPSS score of this vulnerability | 0.88This represents the EPSS percentile of this vulnerability | No |
| Cisco Secure Firewall Management Center - Authentication Bypass | Network Scanner | | Critical(10This represents the CVSSV3 score of this vulnerability) | 0.12This represents the EPSS score of this vulnerability | 0.94This represents the EPSS percentile of this vulnerability | No |
| HT Mega < 3.0.7 - Sensitive Information Disclosure | Network Scanner | | High(7.5This represents the CVSSV3 score of this vulnerability) | N/A | N/A | No |
| AstrBot - Default Login | Network Scanner | | | N/A | N/A | No |
| Geo Mashup <= 1.13.17 - SQL Injection | Network Scanner | | High(7.5This represents the CVSSV3 score of this vulnerability) | 0.27This represents the EPSS score of this vulnerability | 0.97This represents the EPSS percentile of this vulnerability | No |
