Login Sign Up

Cisa Security Vulnerabilities (CVEs)

Track 8 security vulnerabilities affecting Cisa products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

1 Critical
7 Medium
🔔 Get Alerts for Cisa
CVE-2025-67634 4.4

This CVE describes a cross-site scripting (XSS) vulnerability in the CISA Software Acquisition Guide Supplier Response Web Tool. Attackers can craft m...

Dec 12, 2025
CVE-2025-35436 5.3

CVE-2025-35436 is an uncaught exception vulnerability in CISA Thorium's account verification email handling. An unauthenticated remote attacker can ca...

Sep 17, 2025
CVE-2025-35431 5.4

CVE-2025-35431 is an LDAP injection vulnerability in CISA Thorium that allows authenticated attackers to modify LDAP authorization data like group mem...

Sep 17, 2025
CVE-2025-35432 5.3

CVE-2025-35432 is an uncontrolled resource consumption vulnerability in CISA Thorium where unauthenticated attackers can send unlimited account verifi...

Sep 17, 2025
CVE-2025-35433 5.0

CVE-2025-35433 is an authentication bypass vulnerability in CISA Thorium where previously used tokens remain valid after password resets. This allows ...

Sep 17, 2025
CVE-2025-35434 4.2

CISA Thorium versions before 1.1.2 fail to validate TLS certificates when connecting to Elasticsearch, allowing man-in-the-middle attacks. An unauthen...

Sep 17, 2025
CVE-2025-35435 4.3

CVE-2025-35435 is a division-by-zero vulnerability in CISA Thorium that allows authenticated remote attackers to crash the service by sending a stream...

Sep 17, 2025
CVE-2023-7243 9.8

This vulnerability allows remote code execution through an out-of-bounds write in the ICSNPP Ethercat Zeek plugin when parsing specific Ethercat datag...

Mar 1, 2024

Why Monitor Cisa Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 8+ known vulnerabilities affecting Cisa products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Cisa packages in under 60 seconds. No agents required - completely agentless scanning that works across Cisa deployments.

Free vulnerability database: Access detailed information about every Cisa CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

  • Register free account & add your servers
  • Run one-time scan or schedule automatic monitoring (every 1-24 hours)
  • Receive instant alerts when new Cisa CVEs affect your systems
  • Access dashboard with severity breakdown & fix instructions
Start Monitoring Cisa CVEs Free