Critical Alert 1 Active Exploit Detected Today

CVE-2008-4128 Cisco IOS Cross-Site Request Forgery Vulnerability →
Powered by CVE Watchtower
×

CVE Watchtower


← Back to CVE List

CVE-2026-3014NVD

Vulnerability Summary

Milestone
has released a new version of XProtect® (and several cumulative patch updates)
which fix security vulnerability in Management Server API. 



The vulnerability
causes users with edit permissions to the Management Server to be able to
execute arbitrary code in context of the Management Server Service.
Severity Level
CRITICAL(9.1)
Published Date
Jul 14, 2026
Last Modified
Jul 14, 2026
Exploitation Status
No confirmed exploitation yet
EPSS Score (30-Day)
Data Pending
Root Weakness (CWE)
N/A
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeChanged
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh