Every CVE whose affected-product data names Smallstep Step-ca, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-30836 — CVSS 10.0 (critical): Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not…
CVE-2026-40097 — CVSS 3.7 (low): Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an…