System	Score	Found at
epss	0.00306	https://api.first.org/data/v1/epss?cve=CVE-2026-37709
cvssv3.1_qr	CRITICAL	https://github.com/advisories/GHSA-xg82-2hrv-hf64
cvssv3.1	9.8	https://github.com/grokability/snipe-it
generic_textual	CRITICAL	https://github.com/grokability/snipe-it
cvssv3.1	9.8	https://github.com/grokability/snipe-it/commit/676a9958895a77de340565e7a0b17ae744664904
generic_textual	CRITICAL	https://github.com/grokability/snipe-it/commit/676a9958895a77de340565e7a0b17ae744664904
ssvc	Track	https://github.com/grokability/snipe-it/commit/676a9958895a77de340565e7a0b17ae744664904
cvssv3.1	9.8	https://github.com/grokability/snipe-it/security/advisories/GHSA-xg82-2hrv-hf64
cvssv3.1_qr	CRITICAL	https://github.com/grokability/snipe-it/security/advisories/GHSA-xg82-2hrv-hf64
generic_textual	CRITICAL	https://github.com/grokability/snipe-it/security/advisories/GHSA-xg82-2hrv-hf64
ssvc	Track	https://github.com/grokability/snipe-it/security/advisories/GHSA-xg82-2hrv-hf64
cvssv3.1	9.8	https://nvd.nist.gov/vuln/detail/CVE-2026-37709
generic_textual	CRITICAL	https://nvd.nist.gov/vuln/detail/CVE-2026-37709

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2026-37709
		https://nvd.nist.gov/vuln/detail/CVE-2026-37709
676a9958895a77de340565e7a0b17ae744664904		https://github.com/grokability/snipe-it/commit/676a9958895a77de340565e7a0b17ae744664904
GHSA-xg82-2hrv-hf64		https://github.com/advisories/GHSA-xg82-2hrv-hf64
GHSA-xg82-2hrv-hf64		https://github.com/grokability/snipe-it/security/advisories/GHSA-xg82-2hrv-hf64

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/grokability/snipe-it

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/grokability/snipe-it/commit/676a9958895a77de340565e7a0b17ae744664904

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

---

Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-07T17:39:06Z/ Found at https://github.com/grokability/snipe-it/commit/676a9958895a77de340565e7a0b17ae744664904

---

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/grokability/snipe-it/security/advisories/GHSA-xg82-2hrv-hf64

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

---

Vector: SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-07T17:39:06Z/ Found at https://github.com/grokability/snipe-it/security/advisories/GHSA-xg82-2hrv-hf64

---

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2026-37709

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Percentile	0.54266
EPSS Score	0.00306
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T16:45:07.113553+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2026/37xxx/CVE-2026-37709.json	38.6.0