Advisory: Fortinet “FortiBleed” Credential Exposure and Sophos VPN Bruteforcing Campaign Severity: InformationalFirst Published: Sat, 20 Jun 2026 02:28:23 GMTUpdated: Tue, 23 Jun 2026 00:00:00 GMTPublication ID: fortinet-fortibleed-credential-exposure-and-sophos-vpn-bruteforcing-campaignArticle Version: 2
informational
Watch
23 Priority score blends severity, KEV, recency, source signal, and EPSS where available. No EPSS. watchJun 19, 2026, 9:28 PM Vendor advisory Open source Advisory: GitHub Internal Systems Breach Severity: InformationalFirst Published: Wed, 20 May 2026 10:30:00 GMTUpdated: Wed, 20 May 2026 00:00:00 GMTPublication ID: sophos-sa-20260520-github-internal-systems-breachArticle Version: 1
informational
Watch
23 Priority score blends severity, KEV, recency, source signal, and EPSS where available. No EPSS. watchMay 20, 2026, 5:30 AM Vendor advisory Open source Advisory: Linux Kernel LPE - Dirty Frag Severity: InformationalFirst Published: Fri, 08 May 2026 09:00:00 GMTUpdated: Tue, 12 May 2026 00:00:00 GMTPublication ID: sophos-sa-20260508-dirtyfragArticle Version: 2
informational
Watch
23 Priority score blends severity, KEV, recency, source signal, and EPSS where available. No EPSS. watchMay 8, 2026, 4:00 AM Vendor advisory Open source Advisory: Linux Kernel LPE - Copy Fail (CVE-2026-31431) Severity: InformationalCVE: CVE-2026-31431First Published: Fri, 01 May 2026 12:00:00 GMTUpdated: Tue, 12 May 2026 00:00:00 GMTPublication ID: sophos-sa-20260501-copyfailArticle Version: 3
informational CVE-2026-31431
Elevated
48 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 96.8% EPSS. watchMay 1, 2026, 7:00 AM Vendor advisory Open source Advisory: AirSnitch Vulnerabilities in Sophos AP6 and APX Series Access Points Severity: MediumFirst Published: Tue, 21 Apr 2026 12:00:00 GMTUpdated: Tue, 21 Apr 2026 00:00:00 GMTPublication ID: sophos-sa-20260421-airsnitchArticle Version: 1
medium
Watch
33 Priority score blends severity, KEV, recency, source signal, and EPSS where available. No EPSS. watchApr 21, 2026, 7:00 AM Vendor advisory Open source Resolved Authentication Bypass Vulnerability in Sophos AP6 Series Wireless Access Points Firmware (CVE-2025-10159) Severity: criticalCVE: CVE-2025-10159First Published: Tue, 09 Sep 2025 14:38:18 GMTUpdated: Tue, 09 Sep 2025 00:00:00 GMTPublication ID: sophos-sa-20250909-ap6Article Version: 1
critical CVE-2025-10159
Elevated
68 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.8% EPSS. activeSep 9, 2025, 9:38 AM Vendor advisory Open source Advisory: Salesloft Drift Security Incident Severity: InformationalFirst Published: Wed, 03 Sep 2025 22:26:34 GMTUpdated: Wed, 03 Sep 2025 00:00:00 GMTPublication ID: sophos-sa-20250903-salesloft-drift-security-incidentArticle Version: 2
informational
Watch
23 Priority score blends severity, KEV, recency, source signal, and EPSS where available. No EPSS. watchSep 3, 2025, 5:26 PM Vendor advisory Open source Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, CVE-2024-13973) Severity: CriticalCVE: CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, CVE-2024-13973First Published: Mon, 21 Jul 2025 11:00:00 GMTUpdated: Mon, 21 Jul 2025 00:00:00 GMTPublication ID: sophos-sa-20250721-sfos-rceArticle Version: 1
critical CVE-2025-6704
Elevated
68 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 8.2% EPSS. activeJul 21, 2025, 6:00 AM Vendor advisory Open source Resolved Multiple Vulnerabilities in Sophos Endpoint for Windows (CVE-2024-13972, CVE-2025-7433, CVE-2025-7472) Severity: HighCVE: CVE-2024-13972, CVE-2025-7433, CVE-2025-7472First Published: Thu, 17 Jul 2025 18:00:00 GMTUpdated: Wed, 06 Aug 2025 00:00:00 GMTPublication ID: sophos-sa-20250717-cix-lpeArticle Version: 3
high CVE-2024-13972
Elevated
68 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.1% EPSS. activeJul 17, 2025, 1:00 PM Vendor advisory Open source Resolved LPE vulnerability in Taegis Endpoint Agent (Linux) (CVE-2024-13861) Severity: HighCVE: CVE-2024-13861First Published: Fri, 11 Apr 2025 12:14:37 GMTUpdated: Fri, 11 Apr 2025 00:00:00 GMTPublication ID: sophos-sa-20250411-taegis-agent-lpeArticle Version: 1
high CVE-2024-13861
Elevated
68 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.2% EPSS. activeApr 11, 2025, 7:14 AM Vendor advisory Open source Advisory: Apache Parquet Vulnerability (CVE-2025-30065) Severity: InformationalCVE: CVE-2025-30065First Published: Sun, 06 Apr 2025 05:52:10 GMTUpdated: Fri, 18 Apr 2025 00:00:00 GMTPublication ID: sophos-sa-20250406-apache-parquetArticle Version: 2
informational CVE-2025-30065
Watch
35 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 38.8% EPSS. watchApr 6, 2025, 12:52 AM Vendor advisory Open source Advisory: Oracle Cloud Data Breach Severity: InformationalFirst Published: Sun, 23 Mar 2025 17:32:21 GMTUpdated: Sun, 23 Mar 2025 00:00:00 GMTPublication ID: sophos-sa-20250321-oracle-cloud-data-breachArticle Version: 2
informational
Watch
23 Priority score blends severity, KEV, recency, source signal, and EPSS where available. No EPSS. watchMar 23, 2025, 12:32 PM Vendor advisory Open source Advisory: GitHub Action tj-actions/changed-files Compromise (CVE-2025-30066) Severity: InformationalCVE: CVE-2025-30066First Published: Mon, 17 Mar 2025 11:11:08 GMTUpdated: Mon, 17 Mar 2025 00:00:00 GMTPublication ID: sophos-sa-20250317-tj-action-compromiseArticle Version: 1
informational CVE-2025-30066
Elevated
48 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 91.8% EPSS. watchMar 17, 2025, 6:11 AM Vendor advisory Open source Sophos XG Firewall Buffer Overflow Vulnerability Sophos XG Firewall contains a buffer overflow vulnerability that allows for remote code execution via the "HTTP/S bookmark" feature.
XG Firewall
critical CVE-2020-15069
Critical
110 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 10.7% EPSS. activeFeb 5, 2025, 6:00 PM CyberoamOS (CROS) SQL Injection Vulnerability CyberoamOS (CROS) contains a SQL injection vulnerability in the WebAdmin that allows an unauthenticated attacker to execute arbitrary SQL statements remotely.
CyberoamOS
critical CVE-2020-29574
Critical
110 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 4.7% EPSS. activeFeb 5, 2025, 6:00 PM Resolved Multiple Vulnerabilities in Sophos Firewall (CVE-2024-12727, CVE-2024-12728, CVE-2024-12729) Severity: CriticalCVE: CVE-2024-12727, CVE-2024-12728, CVE-2024-12729First Published: Thu, 19 Dec 2024 20:00:00 GMTUpdated: Thu, 19 Dec 2024 00:00:00 GMTPublication ID: sophos-sa-20241219-sfos-rceArticle Version: 1
critical CVE-2024-12727
Elevated
68 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 2.3% EPSS. activeDec 19, 2024, 2:00 PM Vendor advisory Open source Resolved LPE vulnerability in Sophos Intercept X for Windows (CVE-2024-8885) Severity: HighCVE: CVE-2024-8885First Published: Wed, 02 Oct 2024 11:00:00 GMTUpdated: Wed, 02 Oct 2024 00:00:00 GMTPublication ID: sophos-sa-20241002-cde-lpeArticle Version: 1
high CVE-2024-8885
Elevated
68 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 0.0% EPSS. activeOct 2, 2024, 6:00 AM Vendor advisory Open source Sophos Web Appliance Command Injection Vulnerability Sophos Web Appliance contains a command injection vulnerability in the warn-proceed handler that allows for remote code execution.
Web Appliance
critical CVE-2023-1671
Critical
135 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 100.0% EPSS. activeNov 15, 2023, 6:00 PM Sophos Firewall Code Injection Vulnerability A code injection vulnerability in the User Portal and Webadmin of Sophos Firewall allows for remote code execution.
Firewall
critical CVE-2022-3236
Critical
135 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 98.9% EPSS. activeSep 22, 2022, 7:00 PM Sophos Firewall Authentication Bypass Vulnerability An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.
Firewall
critical CVE-2022-1040
Critical
135 Priority score blends severity, KEV, recency, source signal, and EPSS where available. 99.8% EPSS. activeMar 30, 2022, 7:00 PM