8
CVEs
1
Critical
6
High
0
KEV
1
PoC
4
Unpatched C/H
37.5%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
1
HIGH
6
MEDIUM
1
LOW
0
Monthly CVE Trend
Affected Products (22)
Vault
11
Windows
3
Android
2
Coder
1
Clearml Enterprise Server
1
Juju
1
Teamcity
1
Kubernetes
1
Command Injection
1
Openbao
1
Terraform Provider
1
Go Getter
1
Go Slug
1
Deserialization
1
Docker
1
Atlantis
1
Gallery Vault
1
Terraform
1
iOS
1
Privileged Access Manager
1
Java
1
Remote Desktop Manager
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-33722 | Authenticated users in n8n versions prior to 1.123.23 and 2.6.4 can bypass external secrets permission checks to retrieve plaintext secret values from configured vaults by referencing secrets by name in credentials, even without list permissions. This allows unauthorized access to sensitive vault-stored credentials without requiring admin or owner privileges, provided the attacker knows or can guess the target secret name. Public exploit code exists for this vulnerability. | HIGH | 7.3 | 0.0% | 57 |
PoC
|
| CVE-2026-34976 | Unauthenticated remote attackers can trigger complete database overwrites, server-side file reads, and SSRF attacks against Dgraph graph database servers (v24.x, v25.x prior to v25.3.1) via the admin API's restoreTenant mutation. The mutation bypasses all authentication middleware due to missing authorization configuration, allowing attackers to provide arbitrary backup source URLs (including file:// schemes for local filesystem access), S3/MinIO credentials, Vault configuration paths, and encryption key file paths. Live exploitation confirmed in Docker deployments. Vendor-released patch available in v25.3.1 (commit b15c87e9). | CRITICAL | 10.0 | 0.0% | 50 |
|
| CVE-2026-32309 | Cryptomator's Hub-based unlock flow contains a protocol downgrade vulnerability that allows the application to communicate with Hub endpoints over plaintext HTTP instead of enforcing HTTPS. Cryptomator versions prior to 1.19.1 are affected, exposing OAuth bearer tokens, key-loading traffic, and endpoint-level trust decisions to network interception and tampering by active attackers. This is a verified GitHub security advisory with patches available in version 1.19.1, though no EPSS score or KEV listing indicates limited evidence of active exploitation. | HIGH | 8.7 | 0.0% | 44 |
No patch
|
| CVE-2026-32692 | An authorization bypass vulnerability exists in the Vault secrets back-end implementation of Canonical's Juju orchestration tool, allowing authenticated unit agents to perform unauthorized updates to secret revisions beyond their intended scope. Juju versions 3.1.6 through 3.6.18 are affected, and attackers with sufficient information can poison any existing secret revision within the Vault secret back-end scope. With a CVSS score of 7.6 (High severity) featuring network attack vector, low complexity, and high integrity impact, this represents a significant security concern for Juju deployments using Vault as their secrets back-end, though no active exploitation (KEV) status or EPSS score was provided in available data. | HIGH | 7.6 | 0.0% | 38 |
|
| CVE-2026-32303 | Cryptomator versions prior to 1.19.1 contain an integrity check vulnerability that allows attackers to tamper with the vault.cryptomator configuration file, enabling man-in-the-middle attacks during Hub key loading. Attackers can mix legitimate authentication endpoints with malicious API endpoints to exfiltrate access tokens from users unlocking Hub-backed vaults in environments where vault configuration files can be modified. The CVSS score of 7.6 indicates high severity with network attack vector requiring low privileges and user interaction, though no active exploitation (KEV) or public POC has been reported at this time. | HIGH | 7.6 | 0.0% | 38 |
No patch
|
| CVE-2026-32317 | An integrity check vulnerability in Cryptomator for Android prior to version 1.12.3 allows attackers to tamper with the vault configuration file, enabling a man-in-the-middle attack against the Hub key loading mechanism. Attackers who can modify the vault.cryptomator file can mix legitimate authentication endpoints with malicious API endpoints to exfiltrate tokens from users unlocking Hub-backed vaults. With a CVSS score of 7.6 and requiring low attack complexity with user interaction, this vulnerability poses a moderate risk to affected users in environments where vault configuration files can be altered. | HIGH | 7.6 | 0.0% | 38 |
No patch
|
| CVE-2026-32318 | A man-in-the-middle vulnerability in Cryptomator for iOS versions prior to 2.8.3 allows attackers who can modify the vault.cryptomator configuration file to intercept authentication tokens by substituting malicious API endpoints while maintaining legitimate authentication endpoints. This affects users unlocking Hub-backed vaults in environments where attackers have write access to vault configuration files. No evidence of active exploitation (not in CISA KEV) has been reported, and patches are available. | HIGH | 7.6 | 0.0% | 38 |
No patch
|
| CVE-2026-32310 | Cryptomator versions 1.6.0 through 1.19.0 contain a path traversal vulnerability in vault configuration parsing where the masterkeyfile loader resolves an unverified keyId parameter as a filesystem path before integrity checks are performed. An attacker with the ability to supply a malicious vault configuration can exploit this to trigger arbitrary file existence checks, including UNC paths on Windows that can initiate outbound SMB connections before the user even enters a passphrase, potentially leading to information disclosure about local file structure and network exposure. The vulnerability has been patched in version 1.19.1, and while no active KEV exploitation has been reported, the low attack complexity and the ability to chain this with social engineering (malicious vault sharing) makes it a moderate practical risk. | MEDIUM | 4.1 | 0.0% | 21 |
No patch
|