Reports
Threat Exposure Management Bytes

Top Notable Enterprise Remote Vulnerabilities

27-03-2026
A concise overview for IS leaders, emphasizing actively exploited vulnerabilities, their significance, and the critical need for remediation.
Download PDF
Subscribe
Currently Trending Enterprise Remote Vulnerabilities
Trending CVEs
Vulnerability
Notables
CVE-2026-33017
Vulnerability
Langflow AI Pipeline Unauthenticated RCE
Notables
Proof of Concept Available, Actively Exploited
CVE-2026-33634
Vulnerability
Aqua Security Trivy Supply Chain Compromise
Notables
Proof of Concept Available, Actively Exploited
CVE-2026-21992
Vulnerability
Oracle Identity Manager & Web Services Manager - Unauthenticated RCE
Notables
Proof of Concept Available, Actively Exploited
CVE-2026-33309
Vulnerability
Langflow Arbitrary File Write via v2 API Path Traversal
Notables
Proof of Concept Available, Actively Exploited
CVE-2026-27493
Vulnerability
n8n Unauthenticated Expression Injection via Form Nodes
Notables
Proof of Concept Available, Actively Exploited
CVE-2026-33475
Vulnerability
Langflow CI/CD GitHub Actions Shell Injection
Notables
Proof of Concept Available, Actively Exploited
CVE-2026-26110
Vulnerability
Microsoft Office RCE via Preview Pane
Notables
Proof of Concept Available
CVE-2026-26113
Vulnerability
Microsoft Office RCE via Preview Pane
Notables
Proof of Concept Available
CVE-2026-26128
Vulnerability
Windows SMB Server EoP
Notables
Proof of Concept Available
CVE-2026-26116
Vulnerability
Microsoft SQL Server EoP - Grants SQLAdmin privileges over network
Notables
Limited Public Information Available
CVE-2026-2745
Vulnerability
GitLab CE/EE WebAuthn 2FA Authentication Bypass
Notables
Proof of Concept Available, Actively Exploited
CVE-2026-32647
Vulnerability
NGINX Open Source & NGINX Plus - ngx_http_mp4_module Buffer Overflow
Notables
Proof of Concept Available, Actively Exploited
CVE-2026-27654
Vulnerability
NGINX Open Source & NGINX Plus - ngx_http_dav_module Heap-Based Buffer Overflow
Notables
Proof of Concept Available
CVE-2026-28753
Vulnerability
NGINX Plus Mail Module - CRLF Injection via DNS Response
Notables
Proof of Concept Available
CVE-2026-30892
Vulnerability
crun OCI Container Runtime UID Parsing Bug
Notables
Proof of Concept Available
CVE-2026-32748
Vulnerability
Squid Caching Proxy - Heap Use-After-Free in ICP Traffic Handling
Notables
Proof of Concept Available
CVE-2026-33407
Vulnerability
Wallos Self-Hosted Subscription Tracker SSRF
Notables
Proof of Concept Available
CVE-2026-2746
Vulnerability
GitLab EE - Unauthenticated Access to Self-Hosted AI Model API Tokens
Notables
Potential Risk of Exploitation
CVE-2026-33509
Vulnerability
pyLoad Download Manager SSRF
Notables
Potential Risk of Exploitation
CVE-2026-33401
Vulnerability
Wallos - SSRF via Notification Test Endpoints
Notables
Potential Risk of Exploitation
info@nstcyber.ai
San Jose CA, USA
Bangalore, India
Dubai, UAE

Platform

Continuous Threat Exposure Management
Agentic AI -Assisted Exposure Assessment & Adversarial Validation
Automated Assessments
Prioritized Risk Identification
Swift Threat Detection and Response
Cyber Threat Informed Defense (CTID)
Compliance Assurance

Use Cases

Assess Your Security Posture
Eliminate Attack Vectors
Evaluate Vendors and Partners
Meet Compliance

Company

About NST Cyber
NST Cyber Partner Program
Careers

Resources

Blogs
Videos
White Papers & Advisories
© 2025 NetSentries Technologies Inc.  All Rights Reserved.
Privacy Policy