zohocorp

559 tracked vulnerabilities.

CVE-2026-2740 HIGH
ManageEngine ADSelfService Plus <6525, DataSecurity Plus <6264, RecoveryManager Plus <6313 - RCE
May 21, 2026
CVSS 8.4
EPSS 0.01
CVE-2026-3324 HIGH
ManageEngine Log360 13000-13013 - Authentication Bypass via Improper Filter Configuration
Apr 16, 2026
CVSS 8.2
EPSS 0.00
CVE-2026-5785 HIGH
ManageEngine PAM360 < 8531 and Password Manager Pro 8600-13230 - Authenticated SQL Injection in Query Report Module
Apr 16, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-27655 HIGH
ManageEngine Exchange Reporter Plus < 5802 - Stored Cross-Site Scripting in Permissions Based on Mailboxes Report
Apr 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-4108 HIGH
ManageEngine Exchange Reporter Plus < 5802 - Stored Cross-Site Scripting in Non-Owner Mailbox Permission Report
Apr 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-4107 HIGH
ManageEngine Exchange Reporter Plus < 5802 - Stored Cross-Site Scripting in Folder Message Count and Size Report
Apr 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-3880 HIGH
ManageEngine Exchange Reporter Plus < 5802 - Stored Cross-Site Scripting in Public Folder Client Permissions Report
Apr 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-3879 HIGH
ManageEngine Exchange Reporter Plus < 5802 - Stored Cross-Site Scripting in Equipment Mailbox Details Report
Apr 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-28703 HIGH
ManageEngine Exchange Reporter Plus < 5802 - Stored Cross-Site Scripting in Mails Exchanged Between Users Report
Apr 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-28756 HIGH
ManageEngine Exchange Reporter Plus < 5802 - Stored Cross-Site Scripting in Permissions Report
Apr 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-28754 HIGH
ManageEngine Exchange Reporter Plus < 5802 - Stored Cross-Site Scripting in Distribution Lists Report
Apr 03, 2026
CVSS 7.3
EPSS 0.00
CVE-2026-1367 HIGH
ManageEngine ADSelfService Plus <6522 - SQL Injection
Feb 23, 2026
CVSS 8.3
EPSS 0.00
CVE-2025-9226 MEDIUM
Zohocorp ManageEngine <128582 - XSS
Jan 30, 2026
CVSS 4.6
EPSS 0.00
CVE-2025-9435 MEDIUM
Zohocorp ManageEngine ADManager Plus <7230 - Path Traversal
Jan 13, 2026
CVSS 5.5
EPSS 0.00
CVE-2025-11669 HIGH
ManageEngine PAM360 < 8.2, Password Manager Pro < 13.2, Access Manager Plus < 4.4 - Missing Authorization
Jan 13, 2026
CVSS 8.1
EPSS 0.00
CVE-2025-11250 CRITICAL
Zohocorp ManageEngine ADSelfService Plus <6519 - Auth Bypass
Jan 13, 2026
CVSS 9.1
EPSS 0.00
CVE-2025-9787 MEDIUM
ManageEngine Applications Manager <= 177400 - Stored Cross-Site Scripting in NOC View
Dec 18, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-11670 MEDIUM
ManageEngine ADManager Plus < 8025 - NTLM Hash Exposure
Dec 15, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-9227 MEDIUM
Zohocorp ManageEngine OpManager <128609 - XSS
Nov 11, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-9223 HIGH
Zohocorp ManageEngine Applications Manager <178100 - Command Injection
Nov 11, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-8324 CRITICAL
Zohocorp ManageEngine Analytics Plus <6170 - SQL Injection
Nov 11, 2025
CVSS 9.8
EPSS 0.03
CVE-2025-7633 HIGH
Zohocorp ManageEngine Exchange Reporter Plus <5.723 - XSS
Nov 11, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-7632 HIGH
Zohocorp ManageEngine Exchange Reporter Plus <5.723 - XSS
Nov 11, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-7430 HIGH
Zohocorp ManageEngine Exchange Reporter Plus <5.723 - XSS
Nov 11, 2025
CVSS 7.3
EPSS 0.00
CVE-2025-7429 HIGH
Zohocorp ManageEngine Exchange Reporter Plus <5.723 - XSS
Nov 11, 2025
CVSS 7.3
EPSS 0.00
Products
manageengine_applications_manager 56 manageengine_opmanager 56 manageengine_admanager_plus 53 manageengine_adaudit_plus 52 manageengine_adselfservice_plus 51 manageengine_servicedesk_plus 50 manageengine_desktop_central 48 manageengine_supportcenter_plus 31 manageengine_exchange_reporter_plus 28 manageengine_netflow_analyzer 28 manageengine_assetexplorer 26 manageengine_servicedesk_plus_msp 26 manageengine_password_manager_pro 22 manageengine_eventlog_analyzer 19 manageengine_network_configuration_manager 14 manageengine_pam360 14 manageengine_remote_access_plus 14 manageengine_firewall_analyzer 12 manageengine_access_manager_plus 11 manageengine_it360 9 manageengine_log360 9 ManageEngine Exchange Reporter Plus 8 manageengine_endpoint_central 8 manageengine_oputils 8 manageengine_analytics_plus 7 manageengine_datasecurity_plus 6 manageengine_opmanager_msp 6 manageengine_opmanager_plus 6 manageengine_cloud_security_plus 5 manageengine_key_manager_plus 5
Quick Filters
Critical CVEs With Exploits In CISA KEV