๐จ CVE-2026-12116
A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP data that will then be executed.
๐@cveNotify
A vulnerability in the Xerte Online Tools allows for RCE through the antivirus binary path in the tools server settings, which can be changed to a PHP interpreter, allowing an attacker to upload PHP data that will then be executed.
๐@cveNotify
GitHub
Fix #1543 - Handle antivirus configuration in a different way ยท thexerteproject/xerteonlinetoolkits@8ef2062
Xerte Online Toolkits. Contribute to thexerteproject/xerteonlinetoolkits development by creating an account on GitHub.
๐จ CVE-2026-14261
A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control.
๐@cveNotify
A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control.
๐@cveNotify
GitHub
Fixed #1532 - Denial of Service vulnerability ยท thexerteproject/xerteonlinetoolkits@8fec660
Xerte Online Toolkits. Contribute to thexerteproject/xerteonlinetoolkits development by creating an account on GitHub.
๐จ CVE-2026-60108
Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit the NVT_Analyzer component's lack of a maximum line length check, causing it to continuously double its internal buffer without bounds during base64 decoding of an attacker-controlled ADAT token, resulting in denial of service of the Zeek sensor.
๐@cveNotify
Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit the NVT_Analyzer component's lack of a maximum line length check, causing it to continuously double its internal buffer without bounds during base64 decoding of an attacker-controlled ADAT token, resulting in denial of service of the Zeek sensor.
๐@cveNotify
GitHub
contentline: Fix unbounded state growth in lines ยท zeek/zeek@93ff695
Multiple analyzers that used the ContentLine analyzer omitted the check
for max_line_length. This could result in unbounded state growth for
these cases if the line was too long.
One potential fix...
for max_line_length. This could result in unbounded state growth for
these cases if the line was too long.
One potential fix...
๐จ CVE-2026-60109
Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRB_ERROR message with error-code 25 (KDC_ERR_PREAUTH_REQUIRED) containing a PA-DATA element with padata-type 2, 3, 11, or 19. Attackers can exploit a parser and analyzer state mismatch where proc_padata() dereferences an uninitialized pa_data_element field selected by the wrong parsing arm, triggering a crash via a single UDP or TCP packet to port 88 without any credentials or prior authentication.
๐@cveNotify
Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRB_ERROR message with error-code 25 (KDC_ERR_PREAUTH_REQUIRED) containing a PA-DATA element with padata-type 2, 3, 11, or 19. Attackers can exploit a parser and analyzer state mismatch where proc_padata() dereferences an uninitialized pa_data_element field selected by the wrong parsing arm, triggering a crash via a single UDP or TCP packet to port 88 without any credentials or prior authentication.
๐@cveNotify
GitHub
krb: Fix crash with Kerberos error handling ยท zeek/zeek@c82e3c7
An attacker could craft a packet such that Kerberos enters "error" mode
but then forces data to parse from the non-error variable, causing a
nullptr dereference. This fixes that b...
but then forces data to parse from the non-error variable, causing a
nullptr dereference. This fixes that b...
๐จ CVE-2026-59206
n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the default workflow:create permission could pollute Object.prototype through a crafted workflow saved, updated, or imported via the workflow API, allowing unauthenticated requests to be treated as a privileged user and exposing user and project listing endpoints. This issue is fixed in versions 1.123.61, 2.27.4, and 2.28.1.
๐@cveNotify
n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the default workflow:create permission could pollute Object.prototype through a crafted workflow saved, updated, or imported via the workflow API, allowing unauthenticated requests to be treated as a privileged user and exposing user and project listing endpoints. This issue is fixed in versions 1.123.61, 2.27.4, and 2.28.1.
๐@cveNotify
GitHub
Release n8n@2.27.4 ยท n8n-io/n8n
2.27.4 (2026-06-24)
Bug Fixes
core: Let allowlisted Python packages import their own submodules via relative imports (#32832) (62e876c)
Features
core: Fix building incorrect chained nodes (#3285...
Bug Fixes
core: Let allowlisted Python packages import their own submodules via relative imports (#32832) (62e876c)
Features
core: Fix building incorrect chained nodes (#3285...
๐จ CVE-2026-59207
n8n is an open source workflow automation platform. Prior to 2.27.4 and 2.28.1, the AI Agents feature did not enforce the Allowed HTTP Request Domains restriction configured on credentials when an MCP tool was pointed at an arbitrary URL, allowing a member-level user with use-only access to a shared credential to send its secret to an external server they control. This issue is fixed in versions 2.27.4 and 2.28.1.
๐@cveNotify
n8n is an open source workflow automation platform. Prior to 2.27.4 and 2.28.1, the AI Agents feature did not enforce the Allowed HTTP Request Domains restriction configured on credentials when an MCP tool was pointed at an arbitrary URL, allowing a member-level user with use-only access to a shared credential to send its secret to an external server they control. This issue is fixed in versions 2.27.4 and 2.28.1.
๐@cveNotify
GitHub
Release n8n@2.27.4 ยท n8n-io/n8n
2.27.4 (2026-06-24)
Bug Fixes
core: Let allowlisted Python packages import their own submodules via relative imports (#32832) (62e876c)
Features
core: Fix building incorrect chained nodes (#3285...
Bug Fixes
core: Let allowlisted Python packages import their own submodules via relative imports (#32832) (62e876c)
Features
core: Fix building incorrect chained nodes (#3285...
๐จ CVE-2026-59208
n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.28.0 prior to 2.28.1, n8n instances configured with more than one trusted token-exchange issuer resolved external identities to local accounts using only the JWT sub claim and ignored the iss claim, allowing an attacker with a valid token from one trusted issuer and a sub matching a victim under another issuer to authenticate as that victim. This issue is fixed in versions 2.27.4 and 2.28.1.
๐@cveNotify
n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.28.0 prior to 2.28.1, n8n instances configured with more than one trusted token-exchange issuer resolved external identities to local accounts using only the JWT sub claim and ignored the iss claim, allowing an attacker with a valid token from one trusted issuer and a sub matching a victim under another issuer to authenticate as that victim. This issue is fixed in versions 2.27.4 and 2.28.1.
๐@cveNotify
GitHub
Release n8n@2.27.4 ยท n8n-io/n8n
2.27.4 (2026-06-24)
Bug Fixes
core: Let allowlisted Python packages import their own submodules via relative imports (#32832) (62e876c)
Features
core: Fix building incorrect chained nodes (#3285...
Bug Fixes
core: Let allowlisted Python packages import their own submodules via relative imports (#32832) (62e876c)
Features
core: Fix building incorrect chained nodes (#3285...
๐จ CVE-2026-13462
PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends.
๐@cveNotify
PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends.
๐@cveNotify
cwe.mitre.org
CWE -
CWE-295: Improper Certificate Validation (4.20)
CWE-295: Improper Certificate Validation (4.20)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
๐จ CVE-2026-15308
The incremental HTML parser (html.parser.HTMLParser) allows for CPU
denial-of-service through repeated unterminated markup declarations when
processing uncontrolled data.
๐@cveNotify
The incremental HTML parser (html.parser.HTMLParser) allows for CPU
denial-of-service through repeated unterminated markup declarations when
processing uncontrolled data.
๐@cveNotify
GitHub
[3.14] gh-153030: Fix quadratic complexity in incremental parsing in โฆ ยท python/cpython@07efb08
โฆHTMLParser (GH-153031) (GH-153039)
When an unterminated construct (e.g. a tag or comment) spanned many
feed() calls, rescanning the growing buffer and concatenating new data
onto it were both qua...
When an unterminated construct (e.g. a tag or comment) spanned many
feed() calls, rescanning the growing buffer and concatenating new data
onto it were both qua...
๐จ CVE-2026-55420
Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, under certain non-default configurations, processing of PDF uploads could be exploited to obtain RCE on the server. This issue is patched in 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.
๐@cveNotify
Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, under certain non-default configurations, processing of PDF uploads could be exploited to obtain RCE on the server. This issue is patched in 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.
๐@cveNotify
GitHub
SECURITY: Harden imagemagick execution ยท discourse/discourse@ca5a7e0
Add a default-deny ImageMagick security policy at `config/imagemagick/policy.xml`, loaded via `MAGICK_CONFIGURE_PATH` which is set in `config/initializers/003-imagemagick.rb`. Child processes inher...
๐จ CVE-2026-0279
Multiple cross site scripting vulnerabilities in the User-IDโข Authentication Portal (aka Captive Portal) service, GlobalProtectโข gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OSยฎ software enables a malicious unauthenticated user to store or execute malicious JavaScript payload.
The security risk posed by this issue is minimized when the management interface and access to the User-IDโข Authentication Portal is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW is not affected by this vulnerability.
๐@cveNotify
Multiple cross site scripting vulnerabilities in the User-IDโข Authentication Portal (aka Captive Portal) service, GlobalProtectโข gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OSยฎ software enables a malicious unauthenticated user to store or execute malicious JavaScript payload.
The security risk posed by this issue is minimized when the management interface and access to the User-IDโข Authentication Portal is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW is not affected by this vulnerability.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0279 PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities
Multiple cross site scripting vulnerabilities in the User-IDโข Authentication Portal (aka Captive Portal) service, GlobalProtectโข gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS...
๐จ CVE-2026-0280
An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services.
Cloud NGFW and Panorama are not impacted by this vulnerability.
๐@cveNotify
An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network traffic that should be blocked to reach protected services.
Cloud NGFW and Panorama are not impacted by this vulnerability.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0280 PAN-OS: IPv6 Firewall Policy Bypass
An IPv6 packet processing vulnerability in the dataplane of Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker to bypass firewall security policy enforcement, allowing network tra...
๐จ CVE-2026-0281
An information disclosure vulnerability in Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker.
The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
An information disclosure vulnerability in Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker.
The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0281 PAN-OS: Information Disclosure Vulnerability in Management Web Interface
An information disclosure vulnerability in Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. Thi...
๐จ CVE-2026-0282
A file deletion vulnerability in Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory.
The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
A file deletion vulnerability in Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory.
The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0282 PAN-OS: File Deletion Vulnerability in Management Web Interface
A file deletion vulnerability in Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to the management web interface to delete files from a temporary directory....
๐จ CVE-2026-0283
An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.
Panorama, Cloud NGFW, and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.
Panorama, Cloud NGFW, and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0283 PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)
An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establ...
๐จ CVE-2026-0284
An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data.
Panorama, Cloud NGFW, and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data.
Panorama, Cloud NGFW, and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0284 PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)
An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OSยฎ software enables an unauthenticated attacker with network access to inject malicious XML conte...
๐จ CVE-2026-0285
A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services.
The security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
Panorama, Cloud NGFW, and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services.
The security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
Panorama, Cloud NGFW, and Prismaยฎ Access are not impacted by this vulnerability.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0285 PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface
A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized...
๐จ CVE-2026-0286
A command injection vulnerability in the management plane of Palo Alto Networks PAN-OSยฎ software enables an authenticated administrator to execute arbitrary OS commands as root.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prisma Accessยฎ are not impacted by this vulnerability.
๐@cveNotify
A command injection vulnerability in the management plane of Palo Alto Networks PAN-OSยฎ software enables an authenticated administrator to execute arbitrary OS commands as root.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prisma Accessยฎ are not impacted by this vulnerability.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0286 PAN-OS: Authenticated Command Injection in CLI
A command injection vulnerability in the management plane of Palo Alto Networks PAN-OSยฎ software enables an authenticated administrator to execute arbitrary OS commands as root.
The security risk pos...
The security risk pos...
๐จ CVE-2026-0287
Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OSยฎ software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Panorama is not impacted by these vulnerabilities.
๐@cveNotify
Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OSยฎ software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to or through a dataplane interface. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Panorama is not impacted by these vulnerabilities.
๐@cveNotify
Palo Alto Networks Product Security Assurance
CVE-2026-0287 PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing
Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OSยฎ software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending speciall...
๐จ CVE-2026-13373
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936.
This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936.
This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
๐@cveNotify
Watchguard
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path forโฆ
๐จ CVE-2026-13374
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937.
This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937.
This issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.
๐@cveNotify
Watchguard
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack pathโฆ