Remediation Guides

Vulnerability remediation prioritised by severity and CVSS score. Focus your team's effort on what matters most — actively exploited CVEs with available patches first.

Severity: 38 patched CVEs

Remediation Priority Framework

Priority 1

Immediate

CVSS ≥9.0 — Critical severity, unauthenticated exploitation, active ransomware campaigns. Patch or isolate within 24–48 hours.

Priority 2

7 Days

CVSS 7.0–8.9 — High severity, exploitation requires minimal conditions. Part of CISA BOD requirements for federal agencies.

Priority 3

30 Days

CVSS 4.0–6.9 — Medium severity, requires privileges or user interaction. Still in KEV, so exploitation is confirmed.

Priority 4

90 Days

CVSS <4.0 — Low severity but still exploited. Address in next regular patch cycle.

Patches Available

38 CVEs

No patched CVEs match your search.

CVE-2024-1708 Critical Patched

CVE-2024-1708: ConnectWise ScreenConnect Path Traversal — RMM Tools as Attack Vectors

ConnectWise ·ScreenConnect ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2026-0300 Critical Patched

CVE-2026-0300: Palo Alto PAN-OS Out-of-Bounds Write Leads to Root RCE on Firewalls

Palo Alto Networks ·PAN-OS ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2026-20182 Critical Patched

CVE-2026-20182: Cisco Catalyst SD-WAN Authentication Bypass — Unauthenticated Admin Access

Cisco ·Catalyst SD-WAN Controller & Manager ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2026-41940 Critical Patched

CVE-2026-41940: cPanel & WHM Authentication Bypass — Unauthenticated Control Panel Access

WebPros ·cPanel & WHM ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2025-0282 Critical Patched

CVE-2025-0282: Ivanti Connect Secure — Stack Overflow Zero-Day RCE

Ivanti ·Connect Secure / Policy Secure / Neurons for ZTA ·CVSS 9 ·
Patch within: Immediate View guide →
CVE-2024-55956 Critical Patched

CVE-2024-55956: Cleo MFT — Unrestricted File Upload to RCE

Cleo ·Harmony / VLTrader / LexiCom ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2023-49103 Critical Patched

CVE-2023-49103: ownCloud graphapi — Sensitive Information Disclosure (CVSS 10.0)

ownCloud ·ownCloud (graphapi app) ·CVSS 10 ·
Patch within: Immediate View guide →
CVE-2023-7028 Critical Patched

CVE-2023-7028: GitLab — Account Takeover via Email Reset

GitLab ·GitLab CE/EE ·CVSS 10 ·
Patch within: Immediate View guide →
CVE-2022-26134 Critical Patched

CVE-2022-26134: Atlassian Confluence — OGNL Injection RCE

Atlassian ·Confluence Server / Data Center ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2024-29824 Critical Patched

CVE-2024-29824: Ivanti EPM — SQL Injection to RCE

Ivanti ·Endpoint Manager (EPM) ·CVSS 9.6 ·
Patch within: Immediate View guide →
CVE-2023-42793 Critical Patched

CVE-2023-42793: JetBrains TeamCity — Pre-Auth Authentication Bypass

JetBrains ·TeamCity ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2022-47986 Critical Patched

CVE-2022-47986: IBM Aspera Faspex — YAML Deserialization RCE

IBM ·Aspera Faspex ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2024-4577 Critical Patched

CVE-2024-4577: PHP CGI — Argument Injection RCE on Windows

PHP Group ·PHP (CGI mode on Windows) ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2023-48788 Critical Patched

CVE-2023-48788: Fortinet FortiClientEMS — SQL Injection to RCE

Fortinet ·FortiClientEMS ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2024-23113 Critical Patched

CVE-2024-23113: Fortinet FortiOS — Format String RCE

Fortinet ·FortiOS / FortiProxy / FortiPAM / FortiWeb ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2023-20198 Critical Patched

CVE-2023-20198: Cisco IOS XE Web UI — Zero-Day Privilege Escalation (CVSS 10.0)

Cisco ·IOS XE ·CVSS 10 ·
Patch within: Immediate View guide →
CVE-2022-1388 Critical Patched

CVE-2022-1388: F5 BIG-IP iControl REST — Authentication Bypass to RCE

F5 ·BIG-IP ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2021-44228 Critical Patched

CVE-2021-44228: Log4Shell — Apache Log4j Remote Code Execution

Apache Software Foundation ·Log4j 2 ·CVSS 10 ·
Patch within: Immediate View guide →
CVE-2023-34362 Critical Patched

CVE-2023-34362: MOVEit Transfer — SQL Injection to RCE

Progress Software ·MOVEit Transfer ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2023-4966 Critical Patched

CVE-2023-4966: Citrix NetScaler Bleed — Session Token Leak

Citrix ·NetScaler ADC / NetScaler Gateway ·CVSS 9.4 ·
Patch within: Immediate View guide →
CVE-2023-27997 Critical Patched

CVE-2023-27997: Fortinet FortiGate SSL-VPN — Pre-Auth Heap Overflow RCE

Fortinet ·FortiOS / FortiProxy ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2023-22515 Critical Patched

CVE-2023-22515: Atlassian Confluence — Privilege Escalation to Admin

Atlassian ·Confluence Data Center and Server ·CVSS 10 ·
Patch within: Immediate View guide →
CVE-2024-21762 Critical Patched

CVE-2024-21762: Fortinet FortiOS SSL VPN — Out-of-Bounds Write RCE

Fortinet ·FortiOS ·CVSS 9.6 ·
Patch within: Immediate View guide →
CVE-2024-1709 Critical Patched

CVE-2024-1709: ConnectWise ScreenConnect — Authentication Bypass (CVSS 10.0)

ConnectWise ·ScreenConnect ·CVSS 10 ·
Patch within: Immediate View guide →
CVE-2024-27198 Critical Patched

CVE-2024-27198: JetBrains TeamCity — Authentication Bypass to RCE

JetBrains ·TeamCity ·CVSS 9.8 ·
Patch within: Immediate View guide →
CVE-2024-3400 Critical Patched

CVE-2024-3400: Palo Alto PAN-OS GlobalProtect — Zero-Day Command Injection

Palo Alto Networks ·PAN-OS ·CVSS 10 ·
Patch within: Immediate View guide →
CVE-2024-21887 Critical Patched

CVE-2024-21887: Ivanti Connect Secure — Authenticated Command Injection

Ivanti ·Connect Secure / Policy Secure ·CVSS 9.1 ·
Patch within: Immediate View guide →
CVE-2026-31431 High Patched

CVE-2026-31431: Linux Kernel Privilege Escalation via Incorrect Resource Transfer

Linux ·Linux Kernel ·CVSS 7.8 ·
Patch within: 7 Days View guide →
CVE-2026-42208 High Patched

CVE-2026-42208: SQL Injection in BerriAI LiteLLM Exposes AI Proxy Credentials

BerriAI ·LiteLLM ·CVSS 8.1 ·
Patch within: 7 Days View guide →
CVE-2026-42897 High Patched

CVE-2026-42897: Microsoft Exchange Server XSS in Outlook Web Access

Microsoft ·Exchange Server ·CVSS 8 ·
Patch within: 7 Days View guide →
CVE-2026-6973 High Patched

CVE-2026-6973: Ivanti EPMM Improper Input Validation Enables Authenticated RCE

Ivanti ·Endpoint Manager Mobile (EPMM) ·CVSS 7.2 ·
Patch within: 7 Days View guide →
CVE-2024-38094 High Patched

CVE-2024-38094: Microsoft SharePoint Server — Remote Code Execution

Microsoft ·SharePoint Server ·CVSS 7.2 ·
Patch within: 7 Days View guide →
CVE-2025-29824 High Patched

CVE-2025-29824: Windows CLFS — Zero-Day Privilege Escalation

Microsoft ·Windows (CLFS Driver) ·CVSS 7.8 ·
Patch within: 7 Days View guide →
CVE-2024-50623 High Patched

CVE-2024-50623: Cleo Harmony/VLTrader — Unrestricted File Upload and Download RCE

Cleo ·Harmony / VLTrader / LexiCom ·CVSS 8.8 ·
Patch within: 7 Days View guide →
CVE-2024-21893 High Patched

CVE-2024-21893: Ivanti Connect Secure — SSRF to Authentication Bypass

Ivanti ·Connect Secure / Policy Secure ·CVSS 8.2 ·
Patch within: 7 Days View guide →
CVE-2023-0669 High Patched

CVE-2023-0669: GoAnywhere MFT — Pre-Auth Remote Code Execution

Fortra (formerly HelpSystems) ·GoAnywhere MFT ·CVSS 7.2 ·
Patch within: 7 Days View guide →
CVE-2024-6387 High Patched

CVE-2024-6387: OpenSSH regreSSHion — Unauthenticated RCE in sshd

OpenSSH ·OpenSSH (sshd) ·CVSS 8.1 ·
Patch within: 7 Days View guide →
CVE-2023-46805 High Patched

CVE-2023-46805: Ivanti Connect Secure — Authentication Bypass via Path Traversal

Ivanti ·Connect Secure / Policy Secure ·CVSS 8.2 ·
Patch within: 7 Days View guide →