| High |
WGSA-2026-00030 |
WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI Command Handler |
CVE-2026-13053 |
|
| High |
WGSA-2026-00029 |
WatchGuard Firebox networkd Out of Bounds Write Vulnerability |
CVE-2026-13050 |
|
| High |
WGSA-2026-00028 |
WatchGuard Firebox Arbitrary File Write via Path Traversal in Management Web UI |
CVE-2026-13054 |
|
| High |
WGSA-2026-00027 |
WatchGuard Mobile VPN with SSL Windows Client Local Privilege Escalation |
CVE-2026-13079 |
|
| High |
WGSA-2026-00026 |
WatchGuard Firebox admd Out of Bounds Write Vulnerability |
CVE-2026-8247 |
|
| Medium |
WGSA-2026-00025 |
WatchGuard Firebox Hardcoded Fallback Encryption Key in Access Portal Resource Credential Database |
CVE-2026-13728 |
|
| High |
WGSA-2026-00024 |
WatchGuard Firebox iked Null Pointer Dereference |
CVE-2026-13084 |
|
| Critical |
WGSA-2026-00023 |
WatchGuard Firebox Race Condition and Use-After-Free in Mobile VPN with IKEv2 LDAP Authentication |
CVE-2026-13368 |
|
| High |
WGSA-2026-00022 |
WatchGuard Firebox Firmware Image Validation Bypass in WatchGuard Fireware OS |
CVE-2026-13722 |
|
| High |
WGSA-2026-00021 |
WatchGuard Firebox wgagent Out of Bounds Write Vulnerability |
CVE-2026-13384 |
|
| High |
WGSA-2026-00020 |
WatchGuard Firebox ikestubd Out of Bounds Write Vulnerability |
CVE-2026-13383 |
|
| Medium |
WGSA-2026-00019 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration |
CVE-2026-13377 |
|
| Medium |
WGSA-2026-00018 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in spamBlocker Module |
CVE-2026-13376 |
|
| Medium |
WGSA-2026-00017 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Autotask Technology Integration Configuration |
CVE-2026-13375 |
|
| Medium |
WGSA-2026-00016 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration |
CVE-2026-13374 |
|
| Medium |
WGSA-2026-00015 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration |
CVE-2026-13373 |
|
| Medium |
WGSA-2026-00014 |
WatchGuard Firebox Management Web UI Denial of Service via Unsafe Deserialization |
CVE-2026-13371 |
|
| High |
WGSA-2026-00013 |
WatchGuard Agent on Windows Local Privilege Escalation to SYSTEM via Chained Agent Service Vulnerabilities |
CVE-2026-6787, CVE-2026-6788 |
|
| High |
WGSA-2026-00012 |
WatchGuard Agent on Windows Privilege Escalation Vulnerability |
CVE-2026-41288 |
|
| High |
WGSA-2026-00011 |
Stack-based Buffer Overflow in WatchGuard Agent Discovery Service on Windows Causes Denial of Service - Variant B |
CVE-2026-41286 |
|
| High |
WGSA-2026-00010 |
Stack-based Buffer Overflow in WatchGuard Agent Discovery Service on Windows Causes Denial of Service - Variant A |
CVE-2026-41287 |
|
| High |
WGSA-2026-00009 |
WatchGuard Firebox Arbitrary File Write via Path Traversal in Fireware Web UI |
CVE-2026-3987 |
|
| High |
WGSA-2026-00008 |
Multiple Vulnerabilities in AppArmor AKA CrackArmor |
CVE-2026-23268, CVE-2026-23269 |
|
| High |
WGSA-2026-00007 |
WatchGuard Firebox Insecure Deserialization in Fireware Access Portal |
CVE-2026-4266 |
|
| High |
WGSA-2026-00006 |
WatchGuard Firebox Cross-Site Request Forgery (CSRF) in Fireware Web UI |
CVE-2026-4315 |
|
| Medium |
WGSA-2026-00005 |
WatchGuard Firebox System Integrity Check Bypass |
CVE-2026-3344 |
|
| Medium |
WGSA-2026-00004 |
WatchGuard Firebox Reflected Cross-Site-Scripting (XSS) Vulnerability in Fireware Web UI |
CVE-2026-3343 |
|
| High |
WGSA-2026-00003 |
WatchGuard Firebox Out of Bounds Write Vulnerability |
CVE-2026-3342 |
|
| Medium |
WGSA-2026-00002 |
NCP IPSec VPN Client MSI Installer Privilege Escallation (NCPVE-2025-0626) |
|
|
| High |
WGSA-2026-00001 |
WatchGuard Firebox LDAP Injection |
CVE-2026-1498 |
|
| Critical |
WGSA-2025-00027 |
WatchGuard Firebox iked Out of Bounds Write Vulnerability |
CVE-2025-14733 |
|
| Medium |
WGSA-2025-00026 |
WatchGuard Firebox Boot Time System Integrity Check Bypass |
CVE-2025-13940 |
|
| High |
WGSA-2025-00025 |
WatchGuard Firebox XPath Injection Vulnerability in Web CGI |
CVE-2025-1545 |
|
| Medium |
WGSA-2025-00024 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Gateway Wireless Controller |
CVE-2025-13939 |
|
| Medium |
WGSA-2025-00023 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Autotask Technology Integration Configuration |
CVE-2025-13938 |
|
| Medium |
WGSA-2025-00022 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration |
CVE-2025-13937 |
|
| Medium |
WGSA-2025-00021 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Tigerpaw Technology Integration Configuration |
CVE-2025-13936 |
|
| High |
WGSA-2025-00020 |
WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI Ping Command |
CVE-2025-12196 |
|
| High |
WGSA-2025-00019 |
WatchGuard Firebox Authenticated Out of Bounds Write in Management CLI IPSec Configuration |
CVE-2025-12195 |
|
| High |
WGSA-2025-00018 |
WatchGuard Firebox iked Memory Corruption Vulnerability |
CVE-2025-11838 |
|
| High |
WGSA-2025-00017 |
WatchGuard Firebox Authenticated Out of Bounds Write in certd |
CVE-2025-12026 |
|
| Medium |
WGSA-2025-00016 |
WatchGuard Mobile VPN with SSL Local Privilege Escalation |
CVE-2025-1549 |
|
| Critical |
WGSA-2025-00015 |
WatchGuard Firebox iked Out of Bounds Write Vulnerability |
CVE-2025-9242 |
|
| Medium |
WGSA-2025-00014 |
WatchGuard Firebox Authentication Portal Request Smuggling Vulnerability |
CVE-2025-6999 |
|
| High |
WGSA-2025-00013 |
WatchGuard Firebox Authenticated Stack Overflow in Certificate Request Command |
CVE-2025-1547 |
|
| Medium |
WGSA-2025-00012 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration |
CVE-2025-6947 |
|
| Medium |
WGSA-2025-00011 |
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in IPS Configuration |
CVE-2025-6946 |
|
| High |
WGSA-2025-00010 |
WatchGuard Firebox Leftover Debug Code Vulnerability |
CVE-2025-4106 |
|
| Medium |
WGSA-2025-00009 |
Pre-authentication Denial of Service attack in OpenSSH |
CVE-2025-26466 |
|
| High |
WGSA-2025-00008 |
WatchGuard Mobile VPN with SSL Local Privilege Escalation |
CVE-2025-1910 |
|