Cisa Software Acquisition Guide — known CVE vulnerabilities
Every CVE whose affected-product data names Cisa Software Acquisition Guide, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2025-67634 — CVSS 4.4 (medium): The CISA Software Acquisition Guide Supplier Response Web Tool before 2025-12-11 was vulnerable to cross-site scripting via text fields. If…