🚀 Just released:
Latio 2026 Application Security Market Report.
Read it in our Whitepapers.
100% Signal 0% Noise
Platform
Invicti Platform
Zero-noise AppSec platform
Scan Code
Secure code before runtime
SAST
Early static security analysis
Open Source (SCA)
Find vulnerable dependencies
SBOM & License Risk
Generate SBOMs and track licenses
Secrets
Detect exposed secrets in applications
Infrastructure as Code
Ingest IaC security findings
Container
Track container image vulnerabilities
Test Runtime
Test live applications like attackers
DAST & AI DAST
Test runtime, prove exploitability
Agentic Pentesting
Automate real-world attack techniques
API Security Testing
Discover and test APIs
Attack Surface Management
Identify exposed apps and endpoints
Cloud AppSec
Get a single-pane view of cloud app risk
AI AppSec
Scan smarter, accelerate remediation
Manage Vulnerabilities
See, prioritize, reduce AppSec risk
Vulnerability Management (ASPM)
Centralize and correlate AppSec findings
Compliance & Executive Reporting
Measure risk and impact
Threat Intelligence
Reachability, exploitability, and business logic
Solutions
API Discovery
Manage Vulnerabilities
Automate Security Workflows
Track AppSec KPIs
Manage Open Source Risk
Pricing
Why Invicti
About Us
Case Studies
Contact Us
Careers
Resources
Resource Library
Blog
Webinars
White Papers
Podcasts
Invicti Learn
Savings Calculator
Live Training
Partners
Documentation
Get a demo
Home
/
Web Application Vulnerabilities
/ Missing Update
Web Application Vulnerabilities
Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise
Acunetix Standard & Premium
v.26.4.2314
Missing Update
This page lists
23101 vulnerabilities
in this category.
Critical: 1474
High: 12458
Medium: 8395
Low: 770
Information: 4
Vulnerability Name
CVE
CWE
Severity
Apache HTTP Server Insertion of Sensitive Information Into Sent Data Vulnerability (CVE-2025-58098)
CVE-2025-58098
CWE-201
High
Chamilo Improper Enforcement of Behavioral Workflow Vulnerability (CVE-2025-52469)
CVE-2025-52469
CWE-841
High
XWikiplatform Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2025-58049)
CVE-2025-58049
CWE-212
High
Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-62254)
CVE-2025-62254
CWE-22
High
Liferay DXP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2025-43816)
CVE-2025-43816
CWE-401
High
SharePoint Improper Input Validation Vulnerability (CVE-2026-20951)
CVE-2026-20951
CWE-20
High
Drupal Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2025-31674)
CVE-2025-31674
CWE-913
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-30382)
CVE-2025-30382
CWE-502
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-30384)
CVE-2025-30384
CWE-502
High
Django Inefficient Algorithmic Complexity Vulnerability (CVE-2026-1285)
CVE-2026-1285
CWE-407
High
Oracle JRE CVE-2025-30749 Vulnerability (CVE-2025-30749)
CVE-2025-30749
-
High
Oracle Database Server Incorrect Authorization Vulnerability (CVE-2025-30751)
CVE-2025-30751
CWE-863
High
TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2026-0859)
CVE-2026-0859
CWE-502
High
Jboss EAP Improper Resource Shutdown or Release Vulnerability (CVE-2025-9784)
CVE-2025-9784
CWE-404
High
WebLogic Missing Authentication for Critical Function Vulnerability (CVE-2025-30762)
CVE-2025-30762
CWE-306
High
Apache Tomcat Incomplete Cleanup Vulnerability (CVE-2025-31650)
CVE-2025-31650
CWE-459
High
Apache Traffic Server Improper Access Control Vulnerability (CVE-2025-31698)
CVE-2025-31698
CWE-284
High
Envoy Proxy CVE-2025-30157 Vulnerability (CVE-2025-30157)
CVE-2025-30157
-
High
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2025-32044)
CVE-2025-32044
CWE-200
High
Sqlite Improper Clearing of Heap Memory Before Release ('Heap Inspection') Vulnerability (CVE-2025-70873)
CVE-2025-70873
CWE-244
High
phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-70810)
CVE-2025-70810
CWE-352
High
EspoCRM Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2025-32390)
CVE-2025-32390
CWE-138
High
MongoDb Excessive Iteration Vulnerability (CVE-2025-6714)
CVE-2025-6714
CWE-834
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-32873)
CVE-2025-32873
CWE-770
High
XWikiplatform Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-32968)
CVE-2025-32968
CWE-138
High
MongoDb Uncontrolled Recursion Vulnerability (CVE-2025-6710)
CVE-2025-6710
CWE-674
High
MongoDb CVE-2025-6709 Vulnerability (CVE-2025-6709)
CVE-2025-6709
-
High
MongoDb Use After Free Vulnerability (CVE-2025-6706)
CVE-2025-6706
CWE-416
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-30378)
CVE-2025-30378
CWE-502
High
GeoServer Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-30145)
CVE-2025-30145
CWE-835
High
Liferay Portal Incorrect Authorization Vulnerability (CVE-2025-3586)
CVE-2025-3586
CWE-863
High
Sqlite Integer Overflow or Wraparound Vulnerability (CVE-2025-29087)
CVE-2025-29087
CWE-190
High
axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-27152)
CVE-2025-27152
CWE-918
High
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2026-20948)
CVE-2026-20948
CWE-822
High
SharePoint Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2026-20947)
CVE-2026-20947
CWE-138
High
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-27556)
CVE-2025-27556
CWE-770
High
SharePoint Untrusted Search Path Vulnerability (CVE-2026-20943)
CVE-2026-20943
CWE-426
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1850)
CVE-2026-1850
CWE-770
High
MongoDb Uncontrolled Recursion Vulnerability (CVE-2026-1849)
CVE-2026-1849
CWE-674
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1848)
CVE-2026-1848
CWE-770
High
SharePoint Untrusted Pointer Dereference Vulnerability (CVE-2025-27747)
CVE-2025-27747
CWE-822
High
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2026-1847)
CVE-2026-1847
CWE-770
High
Jetty Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2026-1605)
CVE-2026-1605
CWE-401
High
MOVEit Transfer Improper Privilege Management Vulnerability (CVE-2025-2324)
CVE-2025-2324
CWE-269
High
Seo Panel Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29451)
CVE-2025-29451
CWE-918
High
Seo Panel Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29452)
CVE-2025-29452
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29457)
CVE-2025-29457
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29458)
CVE-2025-29458
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29459)
CVE-2025-29459
CWE-918
High
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2025-29460)
CVE-2025-29460
CWE-918
High
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2025-29793)
CVE-2025-29793
CWE-502
High
SharePoint Improper Authorization Vulnerability (CVE-2025-29794)
CVE-2025-29794
CWE-285
High
XWikiplatform Incorrect Authorization Vulnerability (CVE-2025-29924)
CVE-2025-29924
CWE-863
High
SharePoint CVE-2025-29976 Vulnerability (CVE-2025-29976)
CVE-2025-29976
-
High
MongoDb Uncaught Exception Vulnerability (CVE-2025-3083)
CVE-2025-3083
CWE-248
High
Liferay DXP Incorrect Authorization Vulnerability (CVE-2025-3586)
CVE-2025-3586
CWE-863
High
Liferay DXP Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2025-43813)
CVE-2025-43813
CWE-22
High
Envoy Proxy NULL Pointer Dereference Vulnerability (CVE-2025-62409)
CVE-2025-62409
CWE-476
High
Django Inefficient Algorithmic Complexity Vulnerability (CVE-2025-64460)
CVE-2025-64460
CWE-407
High
Django Inefficient Algorithmic Complexity Vulnerability (CVE-2025-64458)
CVE-2025-64458
CWE-407
High
SharePoint Use After Free Vulnerability (CVE-2025-62562)
CVE-2025-62562
CWE-416
High
SharePoint Use After Free Vulnerability (CVE-2025-62559)
CVE-2025-62559
CWE-416
High
SharePoint Use After Free Vulnerability (CVE-2025-62558)
CVE-2025-62558
CWE-416
High
SharePoint Use After Free Vulnerability (CVE-2025-62555)
CVE-2025-62555
CWE-416
High
phpMyFAQ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2025-62519)
CVE-2025-62519
CWE-138
High
Envoy Proxy Use After Free Vulnerability (CVE-2025-62504)
CVE-2025-62504
CWE-416
High
Liferay Portal Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43790)
CVE-2025-43790
CWE-639
High
Liferay DXP Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2025-43790)
CVE-2025-43790
CWE-639
High
Piwigo Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2025-62406)
CVE-2025-62406
CWE-640
High
Envoy Proxy Improper Null Termination Vulnerability (CVE-2025-66220)
CVE-2025-66220
CWE-170
High
Liferay DXP Improper Validation of Specified Quantity in Input Vulnerability (CVE-2025-43793)
CVE-2025-43793
CWE-1284
High
Liferay Portal Improper Validation of Specified Quantity in Input Vulnerability (CVE-2025-43793)
CVE-2025-43793
CWE-1284
High
Moodle Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2025-62399)
CVE-2025-62399
CWE-307
High
Liferay Portal Uncontrolled Resource Consumption Vulnerability (CVE-2025-43796)
CVE-2025-43796
CWE-400
High
Liferay DXP Uncontrolled Resource Consumption Vulnerability (CVE-2025-43796)
CVE-2025-43796
CWE-400
High
«
1
...
69
70
71
...
309
»
