forcepoint

Top products

The 15 most recently published vulnerabilities affecting forcepoint.

• CVE-2025-2274Stored Cross Site Scripting in Forcepoint Web Security6.1Mar 16, 2026
• CVE-2025-12690Local Privilege Escalation in NGFW Engine7.8Mar 11, 2026
• CVE-2025-14026Vulnerable Python version used in Forcepoint One DLP Client7.8Jan 6, 2026
• CVE-2025-2272Privilege Escalation and Arbitrary code execution in F1E Endpoint7.0May 22, 2025
• CVE-2024-9103Persistent XSS in blocked messages6.1Mar 24, 2025
• CVE-2024-2166Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Email Security (Real Time Monitor modules) allows Reflected XSS.This issue affects E...8.8Sep 4, 2024
• CVE-2023-6452Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Web Security (Transaction Viewer) allows Stored XSS. The Forcepoint Web Securi...9.6Aug 22, 2024
• CVE-2023-5451Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutral...6.1Mar 4, 2024
• CVE-2023-1705Missing Authorization vulnerability in Forcepoint F|One SmartEdge Agent on Windows (bgAutoinstaller service modules) allows Privilege Escalation, Functionality Bypass.This issue affects F|One Smart...8.4Jan 29, 2024
• CVE-2023-2080Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cl...8.5Jun 15, 2023
• CVE-2023-26292Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cl...6.1Mar 29, 2023
• CVE-2023-26291Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cl...6.1Mar 29, 2023
• CVE-2023-26290Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cl...6.1Mar 29, 2023
• CVE-2022-1700Improper Restriction of XML External Entity Reference ('XXE') vulnerability in the Policy Engine of Forcepoint Data Loss Prevention (DLP), which is also leveraged by Forcepoint One Endpoint (F1E), ...7.5Sep 12, 2022
• CVE-2022-27609Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide sufficient anti-tampering protection of services by users with Administrator privileges. This could re...6.0Apr 4, 2022