CVE Intelligence Dashboard

Exploitable This Week

High-severity CVEs with known proof-of-concept exploits available

About This Section

This table shows CVEs that have publicly available proof-of-concept (POC) exploits, cross-referenced with severity scores from CISA. These vulnerabilities represent the highest risk as attackers can readily exploit them. Priority should be given to Critical and High severity items with Network attack vectors. GitHub links point to POC repositories, while Ref links provide additional technical details.

Total with POC

Critical Severity

High Severity

Network Exploitable

CVE ID	Product	Description	Score	Severity	Attack Vector	POC Links
CVE-2025-9962	P series	A buffer overflow vulnerability in Novakon P series allows attackers to gain root permission without...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-65108	md-to-pdf	md-to-pdf is a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome. Prio...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-63216	n/a	The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper J...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-63224	n/a	The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JW...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-61481	n/a	An issue in MikroTik RouterOS v.7.14.2 and SwOS v.2.18 exposes the WebFig management interface over ...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-60219	WooCommerce Designer Pro	Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro ...	10.0	CRITICAL	NETWORK	-
CVE-2025-59528	Flowise	Flowise is a drag & drop user interface to build a customized large language model flow. In version ...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-58384	n/a	In DOXENSE WATCHDOC before 6.1.1.5332, Deserialization of Untrusted Data can lead to remote code exe...	10.0	CRITICAL	NETWORK	-
CVE-2025-3450	Automation Runtime	An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions b...	10.0	CRITICAL	NETWORK	-
CVE-2025-10363	Topal Finanzbuchhaltung	Deserialization of Untrusted Data vulnerability in Topal Solutions AG Topal Finanzbuchhaltung on Win...	10.0	CRITICAL	NETWORK	-
CVE-2025-10230	Red Hat Enterprise Linux 8	A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration pack...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2018-25118	GeoVision embedded IP devices	GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command injec...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2] [Ref3] [Ref4]
CVE-2025-61913	Flowise	Flowise is a drag & drop user interface to build a customized large language model flow. In versions...	9.9	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-60957	n/a	OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W 6...	9.9	CRITICAL	NETWORK	-
CVE-2025-60306	n/a	code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users c...	9.9	CRITICAL	NETWORK	-
CVE-2025-59832	horilla	Horilla is a free and open source Human Resource Management System (HRMS). Prior to version 1.4.0, t...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-55343	n/a	Quipux 4.0.1 through e1774ac allows authenticated users to conduct SQL injection attacks via busqued...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-55315	Microsoft Visual Studio 2022 version 17.10	Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core all...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-55187	n/a	In DriveLock 24.1.4 before 24.1.5, 24.2.5 before 24.2.6, and 25.1.2 before 25.1.4, attackers can gai...	9.9	CRITICAL	NETWORK	-
CVE-2025-49844	redis	Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an...	9.9	CRITICAL	NETWORK	-
CVE-2025-34267	Flowise	Flowise v3.0.1 < 3.0.8 and all versions after with 'ALLOW_BUILTIN_DEP' enabled contain an authentica...	9.9	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-20333	Cisco Secure Firewall Threat Defense (FTD) Software	A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Sof...	9.9	CRITICAL	NETWORK	-
CVE-2025-12421	Mattermost	Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-12419	Mattermost	Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12, 11.0.x <= 11.0.3 fail...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-11539	grafana-image-renderer	Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnera...	9.9	CRITICAL	NETWORK	-
CVE-2025-10725	Red Hat OpenShift AI 2.22	A flaw was found in Red Hat Openshift AI Service. A low-privileged attacker with access to an authen...	9.9	CRITICAL	NETWORK	-
CVE-2025-11469	Hotel and Lodge Management System	A weakness has been identified in SourceCodester Hotel and Lodge Management System 1.0. The affected...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2] [Ref3]
CVE-2025-60355	n/a	zhangyd-c OneBlog v2.3.9 and before was vulnerable to SSTI (Server-Side Template Injection) via Free...	9.8	CRITICAL	NETWORK	[Ref1]
CVE-2025-12313	DI-7001 MINI	A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element is...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-13267	Dental Clinic Appointment Reservation System	A vulnerability was detected in SourceCodester Dental Clinic Appointment Reservation System 1.0. Imp...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12939	Interview Management System	A security flaw has been discovered in SourceCodester Interview Management System up to 1.0. Affecte...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-13059	Alumni Management System	A weakness has been identified in SourceCodester Alumni Management System 1.0. The impacted element ...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12932	Baby Care System	A vulnerability was determined in SourceCodester Baby Care System 1.0. Affected by this issue is som...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12933	Baby Care System	A vulnerability was identified in SourceCodester Baby Care System 1.0. This affects an unknown part ...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12931	Food Ordering System	A vulnerability was found in SourceCodester Food Ordering System 1.0. Affected by this vulnerability...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12930	Food Ordering System	A vulnerability has been found in SourceCodester Food Ordering System 1.0. Affected is an unknown fu...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12853	Best House Rental Management System	A vulnerability was determined in SourceCodester Best House Rental Management System 1.0. This affec...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12614	Best House Rental Management System	A weakness has been identified in SourceCodester Best House Rental Management System 1.0. Impacted i...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12598	Best House Rental Management System	A flaw has been found in SourceCodester Best House Rental Management System 1.0. Affected by this is...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12597	Best House Rental Management System	A vulnerability was detected in SourceCodester Best House Rental Management System 1.0. Affected by ...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12294	Point of Sales	A security flaw has been discovered in SourceCodester Point of Sales 1.0. Impacted is an unknown fun...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-12226	Best House Rental Management System	A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-11487	Farm Management System	A security flaw has been discovered in SourceCodester Farm Management System 1.0. Affected by this i...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-11486	Farm Management System	A vulnerability was identified in SourceCodester Farm Management System 1.0. Affected by this vulner...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-11474	Hotel and Lodge Management System	A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this ...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-11404	Hotel and Lodge Management System	A vulnerability was determined in SourceCodester Hotel and Lodge Management System 1.0. This affects...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-11405	Hotel and Lodge Management System	A vulnerability was identified in SourceCodester Hotel and Lodge Management System 1.0. This vulnera...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-11403	Hotel and Lodge Management System	A vulnerability was found in SourceCodester Hotel and Lodge Management System 1.0. Affected by this ...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-11402	Hotel and Lodge Management System	A vulnerability has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected by ...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-11401	Hotel and Lodge Management System	A flaw has been found in SourceCodester Hotel and Lodge Management System 1.0. Affected is an unknow...	9.8	CRITICAL	NETWORK	[Ref1] [Ref2]

Vendor/Product Watch

CVE distribution across vendors and products

Top Vendors by CVE Count

n/a

144802

Microsoft

77917

Linux

10473

Apple

7886

Google

3393

Total Unique Vendors

Total Products Tracked

150

Vendor	Product	CVE Count	Avg Severity	Latest CVE	Sample CVEs
n/a	n/a	142193	N/A	2026-03-10	CVE-2026-26738, CVE-2025-70025, CVE-2025-69614
Linux	Linux	10473	7.1	2026-03-10	CVE-2026-23240, CVE-2026-23240, CVE-2026-23239
Microsoft	Windows Server 2019	3395	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-26111
Microsoft	Windows Server 2019 (Server Core installation)	3299	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-26111
Microsoft	Windows Server 2016	3060	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-26111
Microsoft	Windows 10 Version 1809	3037	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-25190
Microsoft	Windows Server 2016 (Server Core installation)	2856	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-26111
Apple	macOS	2789	N/A	2026-02-11	CVE-2026-20629, CVE-2026-20644, CVE-2026-20652
Microsoft	Windows Server 2022	2694	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Microsoft	Windows 10 Version 1607	2578	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-25190
Microsoft	Windows Server 2012 R2	2504	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-26111
n/a	Android	2437	N/A	2023-06-28	CVE-2023-21237, CVE-2023-21167, CVE-2023-21171
Microsoft	Windows Server 2012 R2 (Server Core installation)	2359	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-26111
Microsoft	Windows Server 2012	2355	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-26111
Microsoft	Windows 10 Version 21H2	2343	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Microsoft	Windows 10 Version 1507	2277	N/A	2025-12-09	CVE-2025-64680, CVE-2025-64679, CVE-2025-62209
Google	Chrome	2228	N/A	2026-03-04	CVE-2026-3545, CVE-2026-3544, CVE-2026-3543
Microsoft	Windows Server 2012 (Server Core installation)	2222	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26128, CVE-2026-26111
Microsoft	Windows Server 2008 R2 Service Pack 1	1874	N/A	2026-01-13	CVE-2026-20936, CVE-2026-20931, CVE-2026-20929
Microsoft	Windows Server 2008 R2 Service Pack 1 (Server Core installation)	1860	N/A	2026-01-13	CVE-2026-20936, CVE-2026-20931, CVE-2026-20929
Microsoft	Windows 10 Version 22H2	1844	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Microsoft	Windows 11 version 22H2	1775	N/A	2025-12-09	CVE-2025-64680, CVE-2025-64679, CVE-2025-62209
Microsoft	Windows Server 2008 Service Pack 2 (Server Core installation)	1667	N/A	2026-01-13	CVE-2026-20936, CVE-2026-20931, CVE-2026-20929
Microsoft	Windows Server 2008 Service Pack 2	1664	N/A	2026-01-13	CVE-2026-20936, CVE-2026-20931, CVE-2026-20929
Microsoft	Windows 11 version 21H2	1560	N/A	2024-10-08	CVE-2024-43583, CVE-2024-43599, CVE-2024-43585
Microsoft	Windows Server 2022, 23H2 Edition (Server Core installation)	1550	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Microsoft	Windows Server 2008 Service Pack 2	1526	N/A	2025-07-08	CVE-2025-49742, CVE-2025-49732, CVE-2025-49730
Mozilla	Firefox	1475	N/A	2026-03-10	CVE-2026-3847, CVE-2026-3846, CVE-2026-3845
Apple	iOS and iPadOS	1411	N/A	2026-02-11	CVE-2026-20644, CVE-2026-20644, CVE-2026-20652
Microsoft	Windows 11 Version 23H2	1392	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Microsoft	Windows 11 version 22H3	1388	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Microsoft	Windows 10 Version 20H2	1260	N/A	2023-12-20	CVE-2022-44684, CVE-2022-35759, CVE-2022-35758
Google	Android	1165	N/A	2026-03-10	CVE-2026-0124, CVE-2026-0123, CVE-2026-0122
Microsoft	Windows 8.1	1087	N/A	2023-05-31	CVE-2022-35759, CVE-2022-35758, CVE-2022-35756
Microsoft	Windows 10 Version 1903 for x64-based Systems	1070	N/A	2021-02-25	CVE-2020-17162, CVE-2020-17140, CVE-2020-17139
Microsoft	Windows 11 Version 24H2	1067	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Apple	watchOS	1064	N/A	2026-02-11	CVE-2026-20609, CVE-2026-20649, CVE-2026-20700
Microsoft	Windows Server, version 1903 (Server Core installation)	1056	N/A	2021-02-25	CVE-2020-17162, CVE-2020-17140, CVE-2020-17139
Microsoft	Windows 10 Version 1903 for ARM64-based Systems	1038	N/A	2021-02-25	CVE-2020-17162, CVE-2020-17140, CVE-2020-17139
Microsoft	Windows 10 Version 1903 for 32-bit Systems	1035	N/A	2021-02-25	CVE-2020-17162, CVE-2020-17140, CVE-2020-17139
Huawei	HarmonyOS	1033	N/A	2026-03-05	CVE-2026-28542, CVE-2026-28548, CVE-2026-28551
Apple	tvOS	1031	N/A	2026-02-11	CVE-2026-20609, CVE-2026-20649, CVE-2026-20700
Microsoft	Windows Server 2025	1021	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Microsoft	Windows Server 2025 (Server Core installation)	1021	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Microsoft	Windows Server, version 1909 (Server Core installation)	990	N/A	2021-07-14	CVE-2021-33760, CVE-2021-31194, CVE-2021-31193
Oracle Corporation	MySQL Server	972	N/A	2026-01-20	CVE-2026-21968, CVE-2026-21965, CVE-2026-21964
Microsoft	Windows 10 Version 1909	968	N/A	2022-05-18	CVE-2022-30138, CVE-2022-29142, CVE-2022-29141
Microsoft	Windows Server version 20H2	965	N/A	2023-05-31	CVE-2022-35759, CVE-2022-35758, CVE-2022-35757
Adobe	Adobe Experience Manager	962	N/A	2026-03-11	CVE-2026-27241, CVE-2026-27255, CVE-2026-27244
Google Inc.	Android	960	N/A	2018-12-07	CVE-2018-9574, CVE-2018-9573, CVE-2018-9519
Microsoft	Windows 7	922	N/A	2023-05-31	CVE-2022-35759, CVE-2022-35758, CVE-2022-35756
Mozilla	Thunderbird	902	N/A	2026-01-28	CVE-2026-0818, CVE-2026-0818, CVE-2025-14333
GitLab	GitLab	900	N/A	2026-02-25	CVE-2025-14511, CVE-2026-0752, CVE-2026-1388
Qualcomm, Inc.	Snapdragon	891	N/A	2026-03-02	CVE-2026-21385, CVE-2025-59603, CVE-2025-59600
Mozilla	Firefox ESR	867	N/A	2026-02-24	CVE-2026-2793, CVE-2026-2793, CVE-2026-2792
Microsoft	Windows Server	831	N/A	2020-07-14	CVE-2020-1463, CVE-2020-1468, CVE-2020-1438
Microsoft	Windows	823	N/A	2025-09-08	CVE-2022-50238, CVE-2025-59033, CVE-2025-9491
Microsoft	Windows 7 Service Pack 1	817	N/A	2023-05-31	CVE-2022-35759, CVE-2022-35758, CVE-2022-35756
Microsoft	Windows 10 Version 21H1	780	N/A	2023-12-20	CVE-2022-44684, CVE-2022-35759, CVE-2022-35758
Microsoft	Windows 10 Version 2004	757	N/A	2021-12-15	CVE-2021-43893, CVE-2021-43883, CVE-2021-43248
Microsoft	Windows Server version 2004	748	N/A	2021-12-15	CVE-2021-43893, CVE-2021-43883, CVE-2021-43248
Huawei	EMUI	734	N/A	2026-03-05	CVE-2026-28542, CVE-2026-28548, CVE-2026-28552
Samsung Mobile	Samsung Mobile Devices	732	N/A	2026-02-04	CVE-2026-20983, CVE-2026-20982, CVE-2026-20981
Juniper Networks	Junos OS	643	N/A	2026-01-15	CVE-2026-21921, CVE-2026-21920, CVE-2026-21918
Red Hat	Red Hat Enterprise Linux 9	564	N/A	2026-03-04	CVE-2025-12801, CVE-2026-28295, CVE-2026-28296
Red Hat	Red Hat Enterprise Linux 8	561	N/A	2026-03-04	CVE-2025-12801, CVE-2026-28295, CVE-2026-28296
Microsoft	Windows 10 Version 1803	552	N/A	2021-05-11	CVE-2021-31194, CVE-2021-31193, CVE-2021-31191
Adobe	Adobe Acrobat and Reader	516	N/A	2020-08-19	CVE-2020-9723, CVE-2020-9722, CVE-2020-9721
Microsoft	Windows 10 Version 1909 for x64-based Systems	512	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Microsoft	Windows 10 Version 1909 for 32-bit Systems	503	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Microsoft	Windows 10 Version 1909 for ARM64-based Systems	502	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Red Hat	Red Hat Enterprise Linux 7	485	N/A	2026-03-04	CVE-2025-12801, CVE-2026-28295, CVE-2026-28296
Apple	iOS	479	N/A	2023-04-10	CVE-2022-32871, CVE-2022-32891, CVE-2022-32833
Red Hat	Red Hat Enterprise Linux 6	443	N/A	2026-03-04	CVE-2025-12801, CVE-2025-12801, CVE-2026-28295
Microsoft	Microsoft 365 Apps for Enterprise	435	N/A	2026-03-10	CVE-2026-26144, CVE-2026-26110, CVE-2026-26109
Adobe	Acrobat Reader	419	N/A	2026-03-10	CVE-2026-27221, CVE-2026-27278, CVE-2026-27220
tensorflow	tensorflow	401	N/A	2024-07-30	CVE-2023-33976, CVE-2024-3660, CVE-2023-25661
google	android	382	N/A	2024-12-05	CVE-2018-9391, CVE-2018-9390, CVE-2018-9388
Microsoft	Microsoft Office 2019	381	N/A	2026-03-10	CVE-2026-26110, CVE-2026-26109, CVE-2026-26108
Apple	Safari	378	N/A	2026-02-11	CVE-2026-20644, CVE-2026-20652, CVE-2026-20608
Apple	visionOS	361	N/A	2026-02-11	CVE-2026-20644, CVE-2026-20652, CVE-2026-20625
Microsoft	Windows 11 Version 25H2	333	N/A	2026-03-10	CVE-2026-23674, CVE-2026-26132, CVE-2026-26128
Unisoc (Shanghai) Technologies Co., Ltd.	SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000	327	N/A	2023-07-12	CVE-2022-48451, CVE-2023-33905, CVE-2023-33904
Microsoft	Microsoft Office LTSC 2021	306	N/A	2026-03-10	CVE-2026-26110, CVE-2026-26109, CVE-2026-26108
Qualcomm, Inc.	Android for MSM, Firefox OS for MSM, QRD Android	306	N/A	2019-02-11	CVE-2018-13893, CVE-2018-13889, CVE-2018-11962
Mattermost	Mattermost	303	N/A	2026-03-02	CVE-2026-1628, CVE-2025-14573, CVE-2026-1046
Red Hat	Red Hat Enterprise Linux 10	281	N/A	2026-03-04	CVE-2025-12801, CVE-2026-28295, CVE-2026-28296
Oracle Corporation	VM VirtualBox	280	N/A	2024-07-16	CVE-2024-21164, CVE-2024-21161, CVE-2024-21141
PDF-XChange	PDF-XChange Editor	280	N/A	2026-02-20	CVE-2026-2040, CVE-2025-6640, CVE-2025-6641
Microsoft	Windows 10 Version 1709	270	N/A	2020-10-16	CVE-2020-1243, CVE-2020-1167, CVE-2020-1047
Microsoft	Windows 10 Version 1709 for 32-bit Systems	256	N/A	2020-10-16	CVE-2020-1167, CVE-2020-17022, CVE-2020-16976
google	chrome	252	N/A	2024-12-03	CVE-2024-12053, CVE-2024-7025, CVE-2024-11395
Foxit	Foxit Reader	247	N/A	2025-08-13	CVE-2025-32451, CVE-2013-10068, CVE-2024-49576
Cisco	Cisco Small Business RV Series Router Firmware	243	N/A	2024-11-18	CVE-2020-3431, CVE-2024-20524, CVE-2024-20523
Juniper Networks	Junos OS Evolved	237	N/A	2026-02-25	CVE-2026-21902, CVE-2026-21921, CVE-2026-21911
QNAP Systems Inc.	QTS	237	N/A	2026-03-11	CVE-2024-14026, CVE-2025-47205, CVE-2025-58466
Microsoft	Microsoft SharePoint Server 2019	234	N/A	2026-03-10	CVE-2026-26106, CVE-2026-26114, CVE-2026-26113
nextcloud	security-advisories	234	N/A	2025-12-05	CVE-2025-66558, CVE-2025-66556, CVE-2025-66554
xwiki	xwiki-platform	225	N/A	2026-02-12	CVE-2026-26000, CVE-2026-24128, CVE-2025-66473
QNAP Systems Inc.	QuTS hero	222	N/A	2026-03-11	CVE-2024-14026, CVE-2025-47205, CVE-2025-48725
Microsoft	Microsoft SharePoint Enterprise Server 2016	220	N/A	2026-03-10	CVE-2026-26106, CVE-2026-26114, CVE-2026-26113
Cisco	Cisco IOS XE Software	217	N/A	2025-09-25	CVE-2025-20363, CVE-2025-20314, CVE-2025-20316
qualcomm	wsa8830_firmware	215	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43049
qualcomm	wsa8835_firmware	215	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43049
Microsoft	Windows 10	214	N/A	2024-09-26	CVE-2024-6769, CVE-2024-6768, CVE-2019-0577
F5	BIG-IP	211	N/A	2026-02-18	CVE-2026-2507, CVE-2026-22548, CVE-2026-20732
Foxit	PDF Reader	211	N/A	2025-09-02	CVE-2025-9330, CVE-2025-9323, CVE-2025-9324
qualcomm	wcd9380_firmware	211	N/A	2024-12-02	CVE-2024-43053, CVE-2024-43052, CVE-2024-43050
Liferay	DXP	209	N/A	2025-11-01	CVE-2025-62275, CVE-2025-62276, CVE-2025-62267
Liferay	Portal	206	N/A	2025-11-01	CVE-2025-62275, CVE-2025-62276, CVE-2025-62267
Microsoft	Microsoft Office LTSC for Mac 2021	204	N/A	2026-03-10	CVE-2026-26110, CVE-2026-26109, CVE-2026-26108
Microsoft	Windows 10 Servers	201	N/A	2019-01-08	CVE-2019-0577, CVE-2019-0547, CVE-2019-0575
Huawei	Magic UI	200	N/A	2022-09-16	CVE-2020-36601, CVE-2020-36600, CVE-2022-39003
qualcomm	fastconnect_7800_firmware	197	N/A	2024-12-02	CVE-2024-43053, CVE-2024-43052, CVE-2024-43050
qualcomm	fastconnect_6900_firmware	194	N/A	2024-12-02	CVE-2024-43053, CVE-2024-43052, CVE-2024-43050
qualcomm	qca6696_firmware	194	N/A	2024-12-02	CVE-2024-33063, CVE-2024-33056, CVE-2024-33053
Apple	iTunes for Windows	192	N/A	2024-10-11	CVE-2024-44157, CVE-2024-44193, CVE-2024-27793
Microsoft	Microsoft Edge (Chromium-based)	190	N/A	2026-02-17	CVE-2026-0102, CVE-2026-0391, CVE-2026-21223
Microsoft	Microsoft Office LTSC 2024	190	N/A	2026-03-10	CVE-2026-26110, CVE-2026-26109, CVE-2026-26108
qualcomm	wcd9385_firmware	190	N/A	2024-12-02	CVE-2024-43053, CVE-2024-43052, CVE-2024-43050
qualcomm	qca6574au_firmware	188	N/A	2024-12-02	CVE-2024-33063, CVE-2024-33056, CVE-2024-33053
Microsoft	ChakraCore	187	N/A	2021-11-10	CVE-2021-42279, CVE-2020-17131, CVE-2020-17054
Microsoft	Microsoft Edge	186	N/A	2023-04-11	CVE-2023-28284, CVE-2019-1107, CVE-2019-1106
qualcomm	wsa8810_firmware	186	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43048
qualcomm	wsa8815_firmware	184	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43048
discourse	discourse	183	N/A	2026-02-26	CVE-2026-28227, CVE-2026-28219, CVE-2026-28218
Apple	iCloud for Windows	181	N/A	2022-12-15	CVE-2022-46692, CVE-2022-46698, CVE-2022-46693
IrfanView	IrfanView	180	N/A	2025-07-21	CVE-2025-7299, CVE-2025-7325, CVE-2025-7324
qualcomm	qca6391_firmware	180	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-33063
Oracle Corporation	Java	179	N/A	2020-07-15	CVE-2020-14664, CVE-2020-14621, CVE-2020-14593
Oracle Corporation	PeopleSoft Enterprise PT PeopleTools	179	N/A	2024-07-16	CVE-2024-21180, CVE-2024-21178, CVE-2024-21158
Microsoft	Windows 10 Version 2004 for x64-based Systems	177	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Microsoft	Windows Server, version 2004 (Server Core installation)	177	N/A	2020-07-14	CVE-2020-1463, CVE-2020-1468, CVE-2020-1438
Oracle Corporation	WebLogic Server	177	N/A	2024-07-16	CVE-2024-21183, CVE-2024-21182, CVE-2024-21181
Microsoft	Windows 10 Version 2004 for 32-bit Systems	176	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Microsoft	Windows 10 Version 2004 for ARM64-based Systems	176	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
qualcomm	qca6574a_firmware	175	N/A	2024-12-02	CVE-2024-33063, CVE-2024-33056, CVE-2024-33044
qualcomm	wcd9370_firmware	175	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43048
Qualcomm, Inc.	All Qualcomm products	174	N/A	2017-08-18	CVE-2017-9684, CVE-2017-9679, CVE-2017-9678
n/a	kernel	172	N/A	2024-02-08	CVE-2024-1312, CVE-2024-1312, CVE-2023-6200
qualcomm	qca6595au_firmware	172	N/A	2024-12-02	CVE-2024-43050, CVE-2024-33063, CVE-2024-33056
linux	linux_kernel	169	N/A	2024-10-23	CVE-2024-50066, CVE-2024-40902, CVE-2024-39495
qualcomm	qca6698aq_firmware	168	N/A	2024-12-02	CVE-2024-33063, CVE-2024-33056, CVE-2024-33044
Dell	PowerScale OneFS	164	N/A	2026-03-04	CVE-2026-25907, CVE-2026-21422, CVE-2026-21424
JetBrains	TeamCity	164	N/A	2026-02-25	CVE-2026-28196, CVE-2026-28195, CVE-2026-28194
Palo Alto Networks	PAN-OS	163	N/A	2026-02-11	CVE-2026-0229, CVE-2026-0228, CVE-2026-0227
Unisoc (Shanghai) Technologies Co., Ltd.	SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000	163	N/A	2024-10-09	CVE-2024-39438, CVE-2024-39437, CVE-2024-39436
Cisco	Cisco Firepower Threat Defense Software	162	N/A	2025-09-25	CVE-2025-20363, CVE-2025-20220, CVE-2025-20268
Fortinet	FortiOS	162	N/A	2026-02-10	CVE-2025-62439, CVE-2025-68686, CVE-2025-64157
Cisco	Cisco Adaptive Security Appliance (ASA) Software	160	N/A	2025-09-25	CVE-2025-20363, CVE-2025-20254, CVE-2025-20263

CVSS Score Drift

Comparison of CVSS scores across different versions (v2, v3.1, v4.0)

About CVSS Score Drift

CVSS Score Drift measures how vulnerability severity ratings change between CVSS versions (v2, v3.1, v4.0). Different scoring methodologies can result in the same CVE having significantly different severity ratings.

Why it matters: Security teams using different scanners may see conflicting severity scores for the same vulnerability. Understanding drift helps reconcile these differences and prioritize remediation correctly.

How to use: Focus on CVEs with high drift (=2.0 points) - these require manual review to determine actual risk. An upward arrow (?) indicates newer CVSS versions rate it more severe; downward (?) means less severe.

CVEs with Multiple Scores

150

High Drift (=2.0)

Avg Score Drift

1.5

CVE ID	Published	CVSS v2	CVSS v3.1	CVSS v4.0	Drift
CVE-2025-13872	2025-12-02	N/A	9.1	2.1	7.0 ?
CVE-2025-13871	2025-12-02	N/A	8.8	2.3	6.5 ?
CVE-2025-2486	2025-11-26	N/A	8.8	3.7	5.1 ?
CVE-2025-13815	2025-12-01	6.5	9.8	5.3	4.5 ?
CVE-2025-13800	2025-12-01	6.5	9.8	5.3	4.5 ?
CVE-2025-13799	2025-12-01	6.5	9.8	5.3	4.5 ?
CVE-2025-13798	2025-12-01	6.5	9.8	5.3	4.5 ?
CVE-2025-13797	2025-12-01	6.5	9.8	5.3	4.5 ?
CVE-2025-13783	2025-11-30	6.5	9.8	5.3	4.5 ?
CVE-2025-62497	2025-11-25	N/A	6.5	2.1	4.4 ?
CVE-2025-13643	2025-11-25	N/A	6.5	2.3	4.2 ?
CVE-2025-13790	2025-11-30	5.0	8.8	5.3	3.8 ?
CVE-2025-13787	2025-11-30	5.5	9.1	5.3	3.8 ?
CVE-2025-13805	2025-12-01	2.6	3.7	6.3	3.7 ?
CVE-2025-13742	2025-11-27	N/A	6.1	2.4	3.7 ?
CVE-2025-13816	2025-12-01	6.5	8.8	5.3	3.5 ?
CVE-2025-13837	2025-12-01	N/A	5.5	2.1	3.4 ?
CVE-2025-66412	2025-12-01	N/A	5.4	8.5	3.1 ?
CVE-2025-12893	2025-11-25	N/A	5.4	2.3	3.1 ?
CVE-2025-13813	2025-12-01	5.1	8.1	6.3	3.0 ?
CVE-2025-66405	2025-12-01	N/A	9.8	6.9	2.9 ?
CVE-2025-13814	2025-12-01	7.5	9.8	6.9	2.9 ?
CVE-2025-13806	2025-12-01	7.5	9.8	6.9	2.9 ?
CVE-2025-13788	2025-11-30	7.5	9.8	6.9	2.9 ?
CVE-2025-13786	2025-11-30	7.5	9.8	6.9	2.9 ?
CVE-2025-13782	2025-11-30	7.5	9.8	6.9	2.9 ?
CVE-2025-66219	2025-11-29	N/A	9.8	6.9	2.9 ?
CVE-2025-13810	2025-12-01	5.0	7.5	5.5	2.5 ?
CVE-2025-13785	2025-11-30	4.0	6.5	5.3	2.5 ?
CVE-2025-66021	2025-11-26	N/A	6.1	8.6	2.5 ?
CVE-2025-13795	2025-11-30	3.3	2.4	4.8	2.4 ?
CVE-2025-13784	2025-11-30	3.3	2.4	4.8	2.4 ?
CVE-2025-66313	2025-12-01	N/A	7.2	5.1	2.1 ?
CVE-2025-40890	2025-11-25	N/A	7.9	5.8	2.1 ?
CVE-2025-66305	2025-12-01	N/A	4.9	6.9	2.0 ?
CVE-2025-27232	2025-12-01	N/A	4.9	6.8	1.9 ?
CVE-2025-13811	2025-12-01	6.5	7.2	5.3	1.9 ?
CVE-2025-13808	2025-12-01	7.5	8.8	6.9	1.9 ?
CVE-2025-66360	2025-11-28	N/A	8.8	6.9	1.9 ?
CVE-2025-12893	2025-11-25	N/A	4.2	2.3	1.9 ?
CVE-2025-11461	2025-11-26	N/A	8.8	7.1	1.7 ?
CVE-2025-66258	2025-11-26	N/A	5.4	7.1	1.7 ?
CVE-2025-13353	2025-12-02	N/A	5.5	7.1	1.6 ?
CVE-2025-66400	2025-12-01	N/A	5.3	6.9	1.6 ?
CVE-2025-66415	2025-12-01	N/A	5.4	6.9	1.5 ?
CVE-2025-13784	2025-11-30	3.3	4.8	4.8	1.5 ?
CVE-2025-13084	2025-11-26	N/A	7.6	6.1	1.5 ?
CVE-2025-66308	2025-12-01	N/A	5.4	6.8	1.4 ?
CVE-2025-66297	2025-12-01	N/A	8.8	7.4	1.4 ?
CVE-2025-66263	2025-11-26	N/A	7.5	8.9	1.4 ?
CVE-2025-66251	2025-11-26	N/A	9.1	7.7	1.4 ?
CVE-2025-65085	2025-11-25	N/A	9.8	8.4	1.4 ?
CVE-2025-65084	2025-11-25	N/A	9.8	8.4	1.4 ?
CVE-2025-13807	2025-12-01	4.0	4.3	5.3	1.3 ?
CVE-2025-13807	2025-12-01	4.0	4.3	5.3	1.3 ?
CVE-2025-13804	2025-12-01	4.0	4.3	5.3	1.3 ?
CVE-2025-13785	2025-11-30	4.0	4.3	5.3	1.3 ?
CVE-2025-66217	2025-11-29	N/A	7.5	8.8	1.3 ?
CVE-2025-66028	2025-11-26	N/A	8.2	6.9	1.3 ?
CVE-2025-66254	2025-11-26	N/A	9.1	7.8	1.3 ?
CVE-2025-64730	2025-11-25	N/A	6.1	4.8	1.3 ?
CVE-2025-55749	2025-12-01	N/A	7.5	8.7	1.2 ?
CVE-2025-13836	2025-12-01	N/A	7.5	6.3	1.2 ?
CVE-2025-13816	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13815	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13813	2025-12-01	5.1	5.6	6.3	1.2 ?
CVE-2025-13811	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13809	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13809	2025-12-01	6.5	6.5	5.3	1.2 ?
CVE-2025-13800	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13799	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13798	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13797	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13796	2025-12-01	6.5	6.3	5.3	1.2 ?
CVE-2025-13791	2025-11-30	6.5	6.3	5.3	1.2 ?
CVE-2025-13791	2025-11-30	6.5	6.5	5.3	1.2 ?
CVE-2025-13789	2025-11-30	6.5	5.3	5.3	1.2 ?
CVE-2025-13789	2025-11-30	6.5	6.3	5.3	1.2 ?
CVE-2025-13783	2025-11-30	6.5	6.3	5.3	1.2 ?
CVE-2025-66031	2025-11-26	N/A	7.5	8.7	1.2 ?
CVE-2025-11780	2025-12-02	N/A	9.8	8.7	1.1 ?
CVE-2025-13768	2025-11-28	N/A	8.8	7.7	1.1 ?
CVE-2025-10543	2025-12-02	N/A	5.3	6.3	1.0 ?
CVE-2025-66301	2025-12-01	N/A	9.6	8.6	1.0 ?
CVE-2025-13802	2025-12-01	5.0	4.3	5.3	1.0 ?
CVE-2025-13793	2025-11-30	5.0	4.3	5.3	1.0 ?
CVE-2025-13790	2025-11-30	5.0	4.3	5.3	1.0 ?
CVE-2025-6666	2025-11-29	1.2	2.0	1.0	1.0 ?
CVE-2025-66291	2025-11-29	N/A	4.3	5.3	1.0 ?
CVE-2025-66290	2025-11-29	N/A	4.3	5.3	1.0 ?
CVE-2025-66221	2025-11-29	N/A	5.3	6.3	1.0 ?
CVE-2025-66030	2025-11-26	N/A	5.3	6.3	1.0 ?
CVE-2025-12848	2025-11-26	N/A	6.1	7.0	0.9 ?
CVE-2025-66252	2025-11-26	N/A	7.5	8.4	0.9 ?
CVE-2025-11781	2025-12-02	N/A	7.8	8.6	0.8 ?
CVE-2025-66312	2025-12-01	N/A	5.4	6.2	0.8 ?
CVE-2025-66311	2025-12-01	N/A	5.4	6.2	0.8 ?
CVE-2025-66310	2025-12-01	N/A	5.4	6.2	0.8 ?
CVE-2025-12143	2025-11-28	N/A	6.1	6.9	0.8 ?
CVE-2025-9624	2025-11-25	N/A	7.5	8.3	0.8 ?
CVE-2025-13643	2025-11-25	N/A	3.1	2.3	0.8 ?
CVE-2025-65966	2025-11-26	N/A	8.1	8.8	0.7 ?
CVE-2025-66260	2025-11-26	N/A	6.5	7.2	0.7 ?
CVE-2025-13873	2025-12-02	N/A	5.4	4.8	0.6 ?
CVE-2025-58044	2025-12-01	N/A	6.1	5.5	0.6 ?
CVE-2025-13814	2025-12-01	7.5	7.3	6.9	0.6 ?
CVE-2025-13808	2025-12-01	7.5	7.3	6.9	0.6 ?
CVE-2025-13806	2025-12-01	7.5	7.3	6.9	0.6 ?
CVE-2025-13803	2025-12-01	7.5	7.3	6.9	0.6 ?
CVE-2025-13792	2025-11-30	7.5	7.3	6.9	0.6 ?
CVE-2025-13788	2025-11-30	7.5	7.3	6.9	0.6 ?
CVE-2025-13786	2025-11-30	7.5	7.3	6.9	0.6 ?
CVE-2025-13782	2025-11-30	7.5	7.3	6.9	0.6 ?
CVE-2025-66027	2025-11-29	N/A	6.5	7.1	0.6 ?
CVE-2025-13771	2025-11-28	N/A	6.5	7.1	0.6 ?
CVE-2025-13770	2025-11-28	N/A	6.5	7.1	0.6 ?
CVE-2025-13769	2025-11-28	N/A	6.5	7.1	0.6 ?
CVE-2025-64129	2025-11-26	N/A	7.6	7.0	0.6 ?
CVE-2025-66250	2025-11-26	N/A	9.8	9.2	0.6 ?
CVE-2025-13644	2025-11-25	N/A	6.5	7.1	0.6 ?
CVE-2025-13507	2025-11-25	N/A	6.5	7.1	0.6 ?
CVE-2025-49643	2025-12-01	N/A	6.5	6.0	0.5 ?
CVE-2025-13810	2025-12-01	5.0	5.3	5.5	0.5 ?
CVE-2025-66216	2025-11-29	N/A	9.8	9.3	0.5 ?
CVE-2025-66201	2025-11-29	N/A	8.1	8.6	0.5 ?
CVE-2025-64130	2025-11-26	N/A	9.8	9.3	0.5 ?
CVE-2025-66262	2025-11-26	N/A	9.8	9.3	0.5 ?
CVE-2025-66259	2025-11-26	N/A	9.8	9.3	0.5 ?
CVE-2025-11779	2025-12-02	N/A	9.8	9.4	0.4 ?
CVE-2025-66410	2025-12-01	N/A	9.1	8.7	0.4 ?
CVE-2025-66361	2025-11-28	N/A	6.5	6.9	0.4 ?
CVE-2025-13644	2025-11-25	N/A	7.5	7.1	0.4 ?
CVE-2025-11778	2025-12-02	N/A	9.8	10.0	0.2 ?
CVE-2025-66298	2025-12-01	N/A	7.5	7.7	0.2 ?
CVE-2025-13787	2025-11-30	5.5	5.4	5.3	0.2 ?
CVE-2025-66224	2025-11-29	N/A	8.8	9.0	0.2 ?
CVE-2025-13768	2025-11-28	N/A	7.5	7.7	0.2 ?
CVE-2025-12758	2025-11-27	N/A	7.5	7.7	0.2 ?
CVE-2025-66309	2025-12-01	N/A	6.1	6.2	0.1 ?
CVE-2025-66294	2025-12-01	N/A	8.8	8.7	0.1 ?
CVE-2025-66289	2025-11-29	N/A	8.8	8.7	0.1 ?
CVE-2025-66225	2025-11-29	N/A	8.8	8.7	0.1 ?
CVE-2025-66261	2025-11-26	N/A	9.8	9.9	0.1 ?
CVE-2025-66257	2025-11-26	N/A	9.1	9.2	0.1 ?
CVE-2025-66256	2025-11-26	N/A	9.8	9.9	0.1 ?
CVE-2025-66255	2025-11-26	N/A	9.8	9.9	0.1 ?
CVE-2025-66253	2025-11-26	N/A	9.8	9.9	0.1 ?
CVE-2025-64128	2025-11-26	N/A	10.0	10.0	0.0 ?
CVE-2025-64127	2025-11-26	N/A	10.0	10.0	0.0 ?
CVE-2025-64126	2025-11-26	N/A	10.0	10.0	0.0 ?

CWE Trend Analysis

Common Weakness Enumeration categories and their prevalence trends

About CWE Trends

CWE (Common Weakness Enumeration) is a standardized list of software and hardware weakness types. This analysis tracks which vulnerability categories are most prevalent across your CVE databases.

Why it matters: Understanding CWE trends helps identify systemic weaknesses in your technology stack. If injection vulnerabilities (CWE-89) are rising, it signals a need for input validation improvements across applications.

How to use: Monitor "Rising" trends to anticipate emerging attack vectors. Use the most common CWEs to prioritize developer security training and code review focus areas. Cross-reference with your vendor/product data to identify which products contribute most to each weakness category.

Unique CWEs

Rising Trends

Most Common

CWE-79

Total Occurrences

105176

CWE ID	Description	CVEProject	CISA	Total	Trend
CWE-79	CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	19516	1480	20996	Declining
CWE-89	CWE-89	8168	726	8894	Declining
CWE-862	CWE-862 Missing Authorization	4755	487	5242	Declining
CWE-352	CWE-352 Cross-Site Request Forgery (CSRF)	4346	277	4623	Declining
CWE-74	CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')	3399	468	3867	Declining
CWE-20	Improper Input Validation (CWE-20)	3451	126	3577	Declining
CWE-22	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)	3051	201	3252	Declining
CWE-125	Out-of-bounds Read (CWE-125)	2838	166	3004	Declining
CWE-200	CWE-200: Exposure of Sensitive Information to an Unauthorized Actor	2661	203	2864	Declining
CWE-284	CWE-284: Improper Access Control	2493	282	2775	Declining
CWE-78	CWE-78	2470	181	2651	Declining
CWE-121	Stack-based Buffer Overflow (CWE-121)	2364	194	2558	Declining
CWE-416	Use After Free (CWE-416)	2304	211	2515	Declining
CWE-94	Code injection	2187	207	2394	Declining
CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer	2181	162	2343	Declining
CWE-787	Out-of-bounds Write (CWE-787)	2127	200	2327	Declining
CWE-434	CWE-434 Unrestricted Upload of File with Dangerous Type	1958	181	2139	Declining
CWE-122	Heap-based Buffer Overflow (CWE-122)	1821	95	1916	Declining
CWE-120	CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')	1672	108	1780	Declining
CWE-502	CWE-502 Deserialization of untrusted data	1553	120	1673	Declining
CWE-400	CWE-400: Uncontrolled Resource Consumption	1407	97	1504	Declining
CWE-77	CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')	1249	143	1392	Declining
CWE-918	Server-Side Request Forgery (SSRF) (CWE-918)	1256	121	1377	Declining
CWE-476	NULL Pointer Dereference (CWE-476)	1127	193	1320	Declining
CWE-287	CWE-287: Improper Authentication	1224	62	1286	Declining
CWE-863	Incorrect Authorization (CWE-863)	1140	92	1232	Declining
CWE-306	CWE-306: Missing Authentication for Critical Function	1026	136	1162	Declining
CWE-269	CWE-269 Improper Privilege Management	979	72	1051	Declining
CWE-285	CWE-285 Improper Authorization	938	107	1045	Declining
CWE-98	CWE-98 Improper control of filename for Include/Require statement in PHP program ('PHP remote file inclusion')	961	82	1043	Declining
CWE-639	CWE-639 Authorization Bypass Through User-Controlled Key	868	120	988	Declining
CWE-770	CWE-770: Allocation of Resources Without Limits or Throttling	782	73	855	Declining
CWE-190	Integer Overflow or Wraparound (CWE-190)	795	44	839	Declining
CWE-266	Incorrect Privilege Assignment	679	83	762	Declining
CWE-601	CWE-601 URL redirection to untrusted site ('open redirect')	683	48	731	Declining
CWE-427	CWE-427 Uncontrolled Search Path Element	680	49	729	Declining
CWE-532	CWE-532 Insertion of sensitive information into log file	592	34	626	Declining
CWE-798	Use of hard-coded credentials	544	36	580	Declining
CWE-276	CWE-276: Incorrect Default Permissions	491	46	537	Declining
CWE-80	CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)	451	47	498	Declining
CWE-732	CWE-732: Incorrect Permission Assignment for Critical Resource	444	33	477	Declining
CWE-362	CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')	392	58	450	Declining
CWE-59	CWE-59: Improper Link Resolution Before File Access ('Link Following')	415	30	445	Declining
CWE-126	CWE-126 Buffer Over-read	403	36	439	Declining
CWE-295	CWE-295	434	0	434	Declining
CWE-288	Authentication Bypass Using an Alternate Path or Channel	388	40	428	Declining
CWE-404	CWE-404 Improper Resource Shutdown or Release	421	0	421	Declining
CWE-611	CWE-611 Improper Restriction of XML External Entity Reference	406	0	406	Declining
CWE-522	CWE-522: Insufficiently Protected Credentials	370	0	370	Declining
CWE-23	CWE-23: Relative Path Traversal	359	0	359	Declining

Time to Exploit Intelligence

Analysis of time between CVE publication and first public exploit availability (2025-2026 only)

About Time to Exploit

Time to Exploit (TTE) measures the window between when a CVE is publicly disclosed and when a working proof-of-concept exploit becomes available. This metric is critical for understanding your actual patch window.

How to use: CVEs with Critical risk (=7 days) require immediate patching - attackers can weaponize these almost instantly. Use this data to set realistic SLAs for your vulnerability management program and prioritize based on actual exploit timelines, not just CVSS scores.

Average Days to Exploit

197.4

Median Days

188

Fastest Exploit

0 days

CVEs with POC

28043

Risk Distribution

Critical (=7 days)

High (=30 days)

Medium (=90 days)

Low (>90 days)

CVE ID	Vendor	Product	Published	POC Date	Risk
CVE-2025-12573	Unknown	Bookingor	2026-01-20	2026-01-20	Critical
CVE-2025-50002	Farost	Energia	2026-01-22	2026-01-23	Critical
CVE-2025-11002	7-Zip	7-Zip	2026-01-23	2026-01-23	Critical
CVE-2026-1413	Sangfor	Operation and Maintenance Security Management System	2026-01-26	2026-01-26	Critical
CVE-2026-1412	Sangfor	Operation and Maintenance Security Management System	2026-01-26	2026-01-26	Critical
CVE-2026-1414	Sangfor	Operation and Maintenance Security Management System	2026-01-26	2026-01-26	Critical
CVE-2025-14316	Unknown	AhaChat Messenger Marketing	2026-01-26	2026-01-26	Critical
CVE-2025-14973	Unknown	Recipe Card Blocks Lite	2026-01-26	2026-01-26	Critical
CVE-2026-23888	pnpm	pnpm	2026-01-26	2026-01-27	Critical
CVE-2026-23889	pnpm	pnpm	2026-01-26	2026-01-27	Critical
CVE-2026-24056	pnpm	pnpm	2026-01-26	2026-01-27	Critical
CVE-2026-24003	EVerest	everest-core	2026-01-26	2026-01-27	Critical
CVE-2026-24478	Mintplex-Labs	anything-llm	2026-01-26	2026-01-27	Critical
CVE-2026-24686	theupdateframework	go-tuf	2026-01-27	2026-01-27	Critical
CVE-2026-1213	askbot	askbot	2026-01-27	2026-01-28	Critical
CVE-2026-1470	None	None	2026-01-27	2026-01-28	Critical
CVE-2026-24881	GnuPG	GnuPG	2026-01-27	2026-01-28	Critical
CVE-2026-24882	GnuPG	GnuPG	2026-01-27	2026-01-28	Critical
CVE-2026-24770	infiniflow	ragflow	2026-01-27	2026-01-28	Critical
CVE-2026-24740	amir20	dozzle	2026-01-27	2026-01-28	Critical
CVE-2026-24909	vlt	vlt	2026-01-27	2026-01-28	Critical
CVE-2026-24910	Bun	Bun	2026-01-27	2026-01-28	Critical
CVE-2026-23830	nyariv	SandboxJS	2026-01-27	2026-01-28	Critical
CVE-2026-24842	isaacs	node-tar	2026-01-28	2026-01-28	Critical
CVE-2026-24841	Dokploy	dokploy	2026-01-28	2026-01-28	Critical
CVE-2025-13471	Unknown	User Activity Log	2026-01-28	2026-01-28	Critical
CVE-2026-24685	opf	openproject	2026-01-28	2026-01-29	Critical
CVE-2026-1544	D-Link	DIR-823X	2026-01-28	2026-01-29	Critical
CVE-2026-1547	Totolink	A7000R	2026-01-28	2026-01-29	Critical
CVE-2026-1552	n/a	SEMCMS	2026-01-29	2026-01-29	Critical
CVE-2025-14975	Unknown	Custom Login Page Customizer	2026-01-29	2026-01-29	Critical
CVE-2026-1587	n/a	Open5GS	2026-01-29	2026-01-30	Critical
CVE-2026-23896	immich-app	immich	2026-01-29	2026-01-30	Critical
CVE-2025-15550	birkir	prime	2026-01-29	2026-01-30	Critical
CVE-2026-25061	simsong	tcpflow	2026-01-29	2026-01-30	Critical
CVE-2026-25117	pwncollege	dojo	2026-01-29	2026-01-30	Critical
CVE-2026-25040	Budibase	budibase	2026-01-29	2026-01-30	Critical
CVE-2026-24902	TrustTunnel	TrustTunnel	2026-01-29	2026-01-30	Critical
CVE-2026-24904	TrustTunnel	TrustTunnel	2026-01-29	2026-01-30	Critical
CVE-2026-1637	Tenda	AC21	2026-01-29	2026-01-30	Critical
CVE-2026-1625	D-Link	DWR-M961	2026-01-29	2026-01-30	Critical
CVE-2026-1638	Tenda	AC21	2026-01-29	2026-01-30	Critical
CVE-2026-24855	ChurchCRM	CRM	2026-01-30	2026-01-31	Critical
CVE-2025-4686	Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co.	Online Exam and Assessment	2026-01-30	2026-01-31	Critical
CVE-2026-1700	projectworlds	House Rental and Property Listing	2026-01-30	2026-01-31	Critical
CVE-2026-25130	aliasrobotics	cai	2026-01-30	2026-01-31	Critical
CVE-2026-25069	SunFounder	Pironman Dashboard (pm_dashboard)	2026-01-31	2026-02-01	Critical
CVE-2026-0658	Unknown	Five Star Restaurant Reservations	2026-02-02	2026-02-02	Critical
CVE-2025-15030	Unknown	User Profile Builder	2026-02-02	2026-02-02	Critical
CVE-2025-15396	Unknown	Library Viewer	2026-02-02	2026-02-02	Critical