Every CVE whose affected-product data names Puppet Mcollective, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2017-2292 — CVSS 9.0 (critical): Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load, allowing the potential for arbitrary code…