Overview
- Microsoft
- Microsoft SharePoint Enterprise Server 2016
22 May 2026
Published
09 Jun 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
1.14%
KEV
Description
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Statistics
- 1 Post
Last activity: 22 hours ago
Overview
- ivanti
- Sentry
09 Jun 2026
Published
10 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.9)
EPSS
9.06%
KEV
Description
An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access
Statistics
- 1 Post
Last activity: 22 hours ago
Overview
Description
An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution
Statistics
- 1 Post
Last activity: 22 hours ago
Overview
- arraytics
- Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)
14 Apr 2026
Published
14 Apr 2026
Updated
CVSS v3.1
MEDIUM (4.3)
EPSS
0.03%
KEV
Description
The Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the get_item_permissions_check() function in all versions up to, and including, 4.1.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary order data including customer PII (name, email, phone) by iterating order IDs.
Statistics
- 1 Post
Last activity: 18 hours ago