CVE Watch — Dashboard

20793

CVEs this week

8117

Rule alerts

2763

Critical

Days tracked

Last 14 days

05-05

05-06

20335

05-07

457

Recent alerts (top 25 across the week)

Day	CVE	Severity	CVSS	Vendors	Summary	Rules
2026-05-07	`CVE-2026-37541`	CRITICAL	10.0	—	Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length field in GVRET binary…	Critical anywhere
2026-05-07	`CVE-2026-40281`	CRITICAL	10.0	—	Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata…	Critical anywhere
2026-05-06	`CVE-2001-1594`	CRITICAL	10.0	gehealthcare	GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the super user of the Polestar/Polestar-i…	Critical anywhere
2026-05-06	`CVE-2002-2445`	CRITICAL	10.0	gehealthcare	GE Healthcare Millennium MG, NC, and MyoSIGHT has a default password of (1) root.genie for the root user, (2) "service." for the service…	Critical anywhere
2026-05-06	`CVE-2002-2446`	CRITICAL	10.0	gehealthcare	GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite.genieacq for the insite account that cannot be changed without…	Critical anywhere
2026-05-06	`CVE-2003-1603`	CRITICAL	10.0	gehealthcare	GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Interfile server or (2) "2" for the LOCAL…	Critical anywhere
2026-05-06	`CVE-2004-2777`	CRITICAL	10.0	gehealthcare	GE Healthcare Centricity Image Vault 3.x has a password of (1) gemnet for the administrator account, (2) webadmin for the webadmin…	Critical anywhere
2026-05-06	`CVE-2006-7253`	CRITICAL	10.0	gehealthcare	GE Healthcare Infinia II has a default password of (1) infinia for the infinia user, (2) #bigguy1 for the acqservice user, (3) dont4get2…	Critical anywhere
2026-05-06	`CVE-2007-6757`	CRITICAL	10.0	gehealthcare	GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 has a password of Muse!Admin for the Museadmin user, which has unspecified impact and attack…	Critical anywhere
2026-05-06	`CVE-2009-5143`	CRITICAL	10.0	gehealthcare	GE Healthcare Discovery 530C has a password of #bigguy1 for the (1) acqservice user and (2) wsservice user of the Xeleris System, which has…	Critical anywhere
2026-05-06	`CVE-2010-5306`	CRITICAL	10.0	gehealthcare	GE Healthcare Optima CT680, CT540, CT640, and CT520 has a default password of #bigguy for the root user, which has unspecified impact and…	Critical anywhere
2026-05-06	`CVE-2010-5307`	CRITICAL	10.0	gehealthcare	The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the…	Critical anywhere
2026-05-06	`CVE-2010-5308`	CRITICAL	10.0	gehealthcare	GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users…	Critical anywhere
2026-05-06	`CVE-2010-5309`	CRITICAL	10.0	gehealthcare	GE Healthcare CADStream Server has a default password of confirma for the admin user, which has unspecified impact and attack vectors.	Critical anywhere
2026-05-06	`CVE-2010-5310`	CRITICAL	10.0	gehealthcare	The Acquisition Workstation for the GE Healthcare Revolution XQ/i has a password of adw3.1 for the sdc user, which has unspecified impact…	Critical anywhere
2026-05-06	`CVE-2010-5323`	CRITICAL	10.0	novell	Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10…	Critical anywhere
2026-05-06	`CVE-2010-5324`	CRITICAL	10.0	novell	Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10…	Critical anywhere
2026-05-06	`CVE-2011-5322`	CRITICAL	10.0	gehealthcare	GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Server sa user, (2) G3car3s for the analyst…	Critical anywhere
2026-05-06	`CVE-2011-5323`	CRITICAL	10.0	gehealthcare	GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions has a password of A11enda1e for the sa SQL server user,…	Critical anywhere
2026-05-06	`CVE-2011-5324`	CRITICAL	10.0	gehealthcare	The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions, has a password of (1)…	Critical anywhere
2026-05-06	`CVE-2012-1166`	CRITICAL	10.0	canonical	The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via…	Critical anywhere, RCE / code injection class
2026-05-06	`CVE-2012-4886`	CRITICAL	10.0	kingsoft	Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute arbitrary code…	Critical anywhere
2026-05-06	`CVE-2012-5106`	CRITICAL	10.0	freefloat	Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a…	Critical anywhere
2026-05-06	`CVE-2012-5390`	CRITICAL	10.0	condor_project	The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly…	Critical anywhere
2026-05-06	`CVE-2012-6429`	CRITICAL	10.0	samsung	Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote…	Critical anywhere

Top vendors (last 7 days)

Vendor	Count
microsoft	2654
apple	2490
oracle	1809
google	1761
linux	1370
adobe	1174
cisco	1125
ibm	1099
debian	995
canonical	906

Daily reports

Date	Total	New	Modified	Alerts	Top severity
2026-05-07	457	218	239	89	CRITICAL
2026-05-06	20335	20182	153	8027	CRITICAL
2026-05-05	1	1	0	1	CRITICAL