{
  "feed": "CYBERDUDEBIVASH Public Threat Feed",
  "publisher": "CYBERDUDEBIVASH® Sentinel APEX",
  "tier": "FREE",
  "license": "Free tier — attribution required. Full API: https://cyberdudebivash.in/#pricing",
  "generated_at": "2026-07-02T18:24:11.315Z",
  "data_source": "d1",
  "live": true,
  "count": 25,
  "items": [
    {
      "id": "CVE-2026-45659",
      "cve": "CVE-2026-45659",
      "title": "Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-07-01",
      "summary": "Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code o",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-48558",
      "cve": "CVE-2026-48558",
      "title": "SimpleHelp Authentication Bypass Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-29",
      "summary": "SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-12569",
      "cve": "CVE-2026-12569",
      "title": "PTC Windchill and FlexPLM Improper Input Validation Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-25",
      "summary": "PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitr",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-20230",
      "cve": "CVE-2026-20230",
      "title": "Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-25",
      "summary": "Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) conta",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2025-67038",
      "cve": "CVE-2025-67038",
      "title": "Lantronix EDS5000 Code Injection Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-23",
      "summary": "Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username param",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-34910",
      "cve": "CVE-2026-34910",
      "title": "Ubiquiti UniFi OS Improper Input Validation Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-23",
      "summary": "Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to cond",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-34909",
      "cve": "CVE-2026-34909",
      "title": "Ubiquiti UniFi OS Path Traversal Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-23",
      "summary": "Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on ",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-34908",
      "cve": "CVE-2026-34908",
      "title": "Ubiquiti UniFi OS Improper Access Control Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-23",
      "summary": "Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make u",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-20253",
      "cve": "CVE-2026-20253",
      "title": "Splunk Enterprise Missing Authentication for Critical Function Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-18",
      "summary": "Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create ",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-48907",
      "cve": "CVE-2026-48907",
      "title": "Widget Factory Joomla Content Editor Improper Access Control Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-16",
      "summary": "Widget Factory Joomla Content Editor contains an improper access control vulnerability which could allow for upload and execution of PHP cod",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-54420",
      "cve": "CVE-2026-54420",
      "title": "LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-15",
      "summary": "LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-20262",
      "cve": "CVE-2026-20262",
      "title": "Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-15",
      "summary": "Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to cre",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-35273",
      "cve": "CVE-2026-35273",
      "title": "Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-12",
      "summary": "Oracle PeopleSoft Enterprise PeopleTools contains a missing authentication for critical function vulnerability which could allow an unauthen",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-10520",
      "cve": "CVE-2026-10520",
      "title": "Ivanti Sentry OS Command Injection Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-11",
      "summary": "Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticate",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-11645",
      "cve": "CVE-2026-11645",
      "title": "Google Chromium V8 Out-of-Bounds Read and Write Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-09",
      "summary": "Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox ",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-7473",
      "cve": "CVE-2026-7473",
      "title": "Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-09",
      "summary": "Arista Extensible Operating System (EOS) contains an incomplete comparison with missing factors vulnerability when the switch incorrectly de",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-20245",
      "cve": "CVE-2026-20245",
      "title": "Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-09",
      "summary": "Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability ",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-42271",
      "cve": "CVE-2026-42271",
      "title": "BerriAI LiteLLM Command Injection Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-08",
      "summary": "BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege inter",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-50751",
      "cve": "CVE-2026-50751",
      "title": "Check Point Security Gateway Improper Authentication Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-08",
      "summary": "Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated rem",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-28318",
      "cve": "CVE-2026-28318",
      "title": "SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-05",
      "summary": "SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-45247",
      "cve": "CVE-2026-45247",
      "title": "Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-03",
      "summary": "Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to ach",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2022-0492",
      "cve": "CVE-2022-0492",
      "title": "Linux Kernel Improper Authentication Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-02",
      "summary": "Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent f",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2025-48595",
      "cve": "CVE-2025-48595",
      "title": "Android Framework Integer Overflow Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-02",
      "summary": "Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2024-21182",
      "cve": "CVE-2024-21182",
      "title": "Oracle WebLogic Server Unspecified Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-06-01",
      "summary": "Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compr",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    },
    {
      "id": "CVE-2026-0257",
      "cve": "CVE-2026-0257",
      "title": "Palo Alto Networks PAN-OS Authentication Bypass Vulnerability",
      "severity": "HIGH",
      "cvss": null,
      "source": "cisa_kev",
      "published_at": "2026-05-29",
      "summary": "Palo Alto Networks PAN-OS contains an authentication bypass vulnerability that allows attackers to bypass security restrictions and establis",
      "_premium": "EPSS score, full description, CWE/CPE & STIX export require a paid plan"
    }
  ],
  "upgrade": {
    "message": "You are on the FREE tier (recent items, basic fields). Unlock the full ~1,600+ CVE catalog, EPSS scores, full KEV feed and STIX 2.1 export.",
    "upgrade_url": "https://cyberdudebivash.in/#pricing",
    "docs": "https://cyberdudebivash.in/api-docs",
    "plans": [
      {
        "tier": "STARTER",
        "price_inr": 499,
        "max_results": 100,
        "epss": true,
        "stix": false,
        "daily_limit": 2000
      },
      {
        "tier": "PRO",
        "price_inr": 1499,
        "max_results": 500,
        "epss": true,
        "stix": true,
        "daily_limit": 20000
      },
      {
        "tier": "ENTERPRISE",
        "price_inr": 4999,
        "max_results": 2000,
        "epss": true,
        "stix": true,
        "daily_limit": -1
      },
      {
        "tier": "MSSP",
        "price_inr": 9999,
        "max_results": 5000,
        "epss": true,
        "stix": true,
        "daily_limit": -1
      }
    ]
  }
}