3
CVEs
2
Critical
1
High
0
KEV
0
PoC
0
Unpatched C/H
100.0%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
2
HIGH
1
MEDIUM
0
LOW
0
Monthly CVE Trend
Affected Products (14)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-41103 | Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate priv | CRITICAL | 9.1 | 0.1% | 51 |
|
| CVE-2026-42864 | Server-side request forgery combined with missing authentication in firefighter-incident Python package allows unauthenticated remote attackers to exfiltrate AWS IAM credentials from cloud metadata endpoints. The `/api/v2/firefighter/raid/jira_bot` endpoint accepts arbitrary URLs in the `attachments` parameter, fetches them server-side without validation, and uploads responses as Jira attachments — enabling SSRF against internal services including `http://169.254.169.254/` (AWS EC2 Instance Metadata Service). Vendor-released patch (version 0.0.54) enforces authentication and validates attachment URLs to block private/link-local/loopback addresses. No public exploit identified at time of analysis, but exploitation is trivial given detailed advisory with exact vulnerable code paths. | CRITICAL | 9.9 | 0.1% | 50 |
|
| CVE-2026-48048 | Information disclosure in XWiki Platform's LiveTableResults macro allows unauthenticated remote attackers to reconstruct user password hashes and salts one bit at a time by sending approximately 768 crafted requests with manipulated class-per-property parameters. This is a bypass of the prior fix for GHSA-5cf8-vrr8-8hjm, which failed to account for an alternate parameter path. No public exploit is identified at time of analysis, but the technique is fully described in the vendor advisory. | HIGH | 7.5 | – | 38 |
|