Feb 6, 2026, 12:54 AM - Required Scan configuration (Detected software that is considered a component of another application should only trigger vuln findings when the scan is running in paranoid mode. At this moment in time, this change affects only OpenSSL, Curl, LibCurl , SQLite, PHP, Apache HTTPD and Tomcat. Others may follow at a later date.)
|
Nov 3, 2025, 9:25 PM |
Oct 30, 2025, 11:01 PM - CISA reference
- CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C")
- CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C")
- Exploit attributes ("Exploit available" set to "True")
- Exploit attributes ("Exploit framework metasploit" set to "True")
- Exploit attributes ("Exploitability ease" set to "Exploits are available")
|
Oct 29, 2025, 8:57 PM |
* Changelogs are generally available for changes made after Nov 1, 2022
