13
CVEs
2
Critical
3
High
0
KEV
0
PoC
5
Unpatched C/H
0.0%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
2
HIGH
3
MEDIUM
2
LOW
2
Monthly CVE Trend
Affected Products (7)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-23008 | An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low privileged attacker to modify configurations. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available. | HIGH | 7.2 | 0.1% | 36 |
No patch
|
| CVE-2025-23010 | An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to manipulate file paths. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available. | HIGH | 7.2 | 0.1% | 36 |
No patch
|
| CVE-2025-23009 | A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attacker to trigger an arbitrary file deletion. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available. | HIGH | 7.2 | 0.0% | 36 |
No patch
|
| CVE-2025-32817 | A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this results in unauthorized file overwrite, potentially leading to denial of service. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available. | MEDIUM | 6.1 | 0.1% | 31 |
No patch
|
| CVE-2026-3468 | Stored Cross-Site Scripting (XSS) in SonicWall Email Security allows authenticated admin users to inject and execute arbitrary JavaScript code through improper input sanitization during web page generation. The vulnerability affects all versions of SonicWall Email Security appliance and requires admin-level authentication to exploit, limiting immediate exposure but posing significant risk to organizations where admin accounts are compromised or insider threats exist. | MEDIUM | 4.8 | 0.0% | 24 |
No patch
|
| CVE-2026-3470 | Database corruption in SonicWall Email Security appliance via improper input sanitization allows authenticated admin users to corrupt the application database by submitting crafted input. The vulnerability requires valid administrative credentials and affects all versions of SonicWall Email Security as indicated by the CPE wildcard matching. No CVSS scoring, public exploit code, or CISA KEV status is available at this time, limiting precise risk quantification. | LOW | 3.8 | 0.1% | 19 |
No patch
|
| CVE-2026-3469 | SonicWall Email Security appliance becomes unresponsive due to improper input validation when an authenticated administrator submits malformed input, causing a denial of service. The vulnerability affects all versions of SonicWall Email Security and requires valid admin credentials to exploit. While CVSS scoring is unavailable, the attack vector is remote and authenticated, limiting exposure to insider threats or compromised admin accounts. | LOW | 2.7 | 0.1% | 14 |
No patch
|
| CVE-2024-12802 | SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal Name) and SAM (Security Account Manager) account names when integrated with. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | CRITICAL | 9.1 | 0.1% | – |
No patch
|
| CVE-2025-40604 | Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem images without verifying signatures, allowing attackers with VMDK or datastore. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | CRITICAL | 9.8 | 0.0% | – |
No patch
|
| CVE-2026-4112 | Improper neutralization of special elements used in an SQL command (“SQL Injection”) in SonicWall SMA1000 series appliances allows a remote authentica | – | 0.1% | – |
No patch
|
|
| CVE-2026-4113 | An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credent | – | 0.0% | – |
No patch
|
|
| CVE-2026-4114 | Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN admin to bypass AMC TOTP authenticat | – | 0.0% | – |
No patch
|
|
| CVE-2026-4116 | Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tun | – | 0.0% | – |
No patch
|