Vendor scorecard
Forcepoint
Forcepoint security disclosure record — CVE volume, CVSS severity mix and product-category breakdown, sourced from the NIST NVD.
CPE: forcepoint
Product families
2
Open in latest
5
Inferred — see methodology
Last disclosure
Mar 16, 2026
01
Product categories
2 trackedCVE volume, severity mix and the inferred latest shipping version per category.
| Category | CVEs | Volume | Severity mix | Open | Inferred latest |
|---|---|---|---|---|---|
| NGFWNGFW / Network Securitynext_generation_firewall, next_generation_firewall_engine | 1 | 2 | 7.2.5HIGH | ||
| Secure Web/DLPNGFW / Network Securityweb_security, data_loss_prevention, one_endpoint | 1 | 3 | 22.01MED |
02
Recent CVEs
2 shownMost recently published, newest first. Each ID links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-2274(opens NVD record) | Medium | 6.1 | Improper Neutralization of Input During Web Page Generation in Forcepoint Web Security (On-Prem) on Windows allows Stored XSS.This issue affects Web Security through 8.5.6. | Mar 16, 2026 |
| CVE-2025-12690(opens NVD record) | High | 7.8 | Execution with unnecessary privileges in Forcepoint NGFW Engine allows local privilege escalation.This issue affects NGFW Engine through 6.10.19, through 7.3.0, through 7.2.4, through 7.1.10. | Mar 11, 2026 |
2 CVEs · 2 product families