CVE Intelligence Dashboard

Exploitable This Week

High-severity CVEs with known proof-of-concept exploits available

About This Section

This table shows CVEs that have publicly available proof-of-concept (POC) exploits, cross-referenced with severity scores from CISA. These vulnerabilities represent the highest risk as attackers can readily exploit them. Priority should be given to Critical and High severity items with Network attack vectors. GitHub links point to POC repositories, while Ref links provide additional technical details.

Total with POC

Critical Severity

High Severity

Network Exploitable

CVE ID	Product	Description	Score	Severity	Attack Vector	POC Links
CVE-2025-67108	n/a	eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resultin...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-67109	n/a	Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-64721	Sandboxie	Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating sys...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2026-25520	SandboxJS	SandboxJS is a JavaScript sandboxing library. Prior to 0.8.29, The return values of functions aren't...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2026-21962	Oracle HTTP Server%2C Oracle Weblogic Server Proxy Plug-in	Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusi...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2026-22686	enclave	Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, th...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2026-27597	enclave	Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to version 2...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-60219	WooCommerce Designer Pro	Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro ...	10.0	CRITICAL	NETWORK	-
CVE-2025-50002	Energia	Unrestricted Upload of File with Dangerous Type vulnerability in Farost Energia energia allows Uploa...	10.0	CRITICAL	NETWORK	-
CVE-2025-9962	P series (P07%2C P10%2C P12%2C P15)	A buffer overflow vulnerability in Novakon P series allows attackers to gain root permission without...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2026-24054	kata-containers	Kata Containers is an open source project focusing on a standard implementation of lightweight Virtu...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-64075	n/a	A path traversal vulnerability in the check_token function of Shenzhen Zhibotong Electronics ZBT WE2...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-15586	OGP-Website	OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3fc38d663 are affected by a typ...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-10878	Fikir Odalari AdminPando	A SQL injection vulnerability exists in the login functionality of Fikir Odalari AdminPando 1.0.1 be...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2026-23830	SandboxJS	SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnera...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2024-57521	n/a	SQL Injection vulnerability in RuoYi v.4.7.9 and before allows a remote attacker to execute arbitrar...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-61937	Process Optimization	The vulnerability, if exploited, could allow an unauthenticated miscreant to achieve remote code exe...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2024-58338	Flamingo XL	Anevia Flamingo XL 3.2.9 contains a restricted shell vulnerability that allows remote attackers to e...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2025-65108	md-to-pdf	md-to-pdf is a CLI tool for converting Markdown files to PDF using Node.js and headless Chrome. Prio...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-63414	n/a	A Path Traversal vulnerability in the Allsky WebUI version v2024.12.06_06 allows an unauthenticated ...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-63216	n/a	The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to improper J...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-63224	n/a	The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper JW...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-61481	n/a	An issue in MikroTik RouterOS v.7.14.2 and SwOS v.2.18 exposes the WebFig management interface over ...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-59528	Flowise	Flowise is a drag & drop user interface to build a customized large language model flow. In version ...	10.0	CRITICAL	NETWORK	[Ref1]
CVE-2025-58384	n/a	In DOXENSE WATCHDOC before 6.1.1.5332, Deserialization of Untrusted Data can lead to remote code exe...	10.0	CRITICAL	NETWORK	-
CVE-2025-55182	react-server-dom-webpack	A pre-authentication remote code execution vulnerability exists in React Server Components versions ...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2] [Ref3]
CVE-2025-3450	Automation Runtime	An Improper Resource Locking vulnerability in the SDM component of B&R Automation Runtime versions b...	10.0	CRITICAL	NETWORK	-
CVE-2025-10363	Topal Finanzbuchhaltung	Deserialization of Untrusted Data vulnerability in Topal Solutions AG Topal Finanzbuchhaltung on Win...	10.0	CRITICAL	NETWORK	-
CVE-2025-10230	Red Hat Enterprise Linux 8	A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration pack...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2018-25118	GeoVision embedded IP devices	GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command injec...	10.0	CRITICAL	NETWORK	[Ref1] [Ref2] [Ref3] [Ref4]
CVE-2025-49844	redis	Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-70830	n/a	A Server-Side Template Injection (SSTI) vulnerability in the Freemarker template engine of Datart v1...	9.9	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2026-25763	openproject	OpenProject is an open-source, web-based project management software. Prior to versions 16.6.7 and 1...	9.9	CRITICAL	NETWORK	[Ref1] [Ref2]
CVE-2026-26009	catalyst	Catalyst is a platform built for enterprise game server hosts, game communities, and billing panel i...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-1868	GitLab AI Gateway	GitLab has remediated a vulnerability in the Duo Workflow Service component of GitLab AI Gateway aff...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-22039	kyverno	Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-27941	openlit	OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actio...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-27626	OliveTin	OliveTin gives access to predefined shell commands from a web interface. In versions up to and inclu...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-59793	n/a	Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/services/WsPortalV6UpDwAxi...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-24849	openemr	OpenEMR is a free and open source electronic health records and medical practice management applicat...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-24908	openemr	OpenEMR is a free and open source electronic health records and medical practice management applicat...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-23885	alchemy_cms	Alchemy is an open source content management system engine written in Ruby on Rails. Prior to versio...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-26068	emp3r0r	emp3r0r is a stealth-focused C2 designed by Linux users for Linux environments. Prior to 3.21.1, unt...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-27574	oneuptime	OneUptime is a solution for monitoring and managing online services. In versions 9.5.13 and below, c...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-1470	null	n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow Expression evaluat...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-24841	dokploy	Dokploy is a free, self-hostable Platform as a Service (PaaS). In versions prior to 0.26.6, a critic...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2026-24740	dozzle	Dozzle is a realtime log viewer for docker containers. Prior to version 9.0.3, a flaw in Dozzle’s ag...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-46066	n/a	An issue in Automai Director v.25.2.0 allows a remote attacker to escalate privileges...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-68668	n8n	n8n is an open source workflow automation platform. From version 1.0.0 to before 2.0.0, a sandbox by...	9.9	CRITICAL	NETWORK	[Ref1]
CVE-2025-61913	Flowise	Flowise is a drag & drop user interface to build a customized large language model flow. In versions...	9.9	CRITICAL	NETWORK	[Ref1] [Ref2]

Vendor/Product Watch

CVE distribution across vendors and products

Top Vendors by CVE Count

n/a

145899

Microsoft

83313

Linux

12153

Apple

8413

Google

4647

Total Unique Vendors

Total Products Tracked

150

Vendor	Product	CVE Count	Avg Severity	Latest CVE	Sample CVEs
n/a	n/a	143290	N/A	2026-06-15	CVE-2026-36537, CVE-2026-36213, CVE-2026-36521
Linux	Linux	12153	7.1	2026-06-16	CVE-2026-46331, CVE-2026-46331, CVE-2026-52907
Microsoft	Windows Server 2019	3641	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42987
Microsoft	Windows Server 2019 (Server Core installation)	3545	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42987
Google	Chrome	3374	N/A	2026-06-17	CVE-2026-12469, CVE-2026-12468, CVE-2026-12467
Microsoft	Windows 10 Version 1809	3270	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42985
Microsoft	Windows Server 2016	3266	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42987
Microsoft	Windows Server 2016 (Server Core installation)	3062	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42987
Apple	macOS	2985	N/A	2026-06-11	CVE-2025-30431, CVE-2025-24268, CVE-2025-43339
Microsoft	Windows Server 2022	2969	N/A	2026-06-09	CVE-2026-42993, CVE-2026-44812, CVE-2026-44803
Microsoft	Windows 10 Version 1607	2771	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42985
Microsoft	Windows Server 2012 R2	2669	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42987
Microsoft	Windows 10 Version 21H2	2592	N/A	2026-06-09	CVE-2026-42993, CVE-2026-44812, CVE-2026-44803
Microsoft	Windows Server 2012 R2 (Server Core installation)	2524	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42987
Microsoft	Windows Server 2012	2511	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42987
n/a	Android	2437	N/A	2023-06-28	CVE-2023-21237, CVE-2023-21167, CVE-2023-21171
Microsoft	Windows Server 2012 (Server Core installation)	2378	N/A	2026-06-09	CVE-2026-44812, CVE-2026-44803, CVE-2026-42987
Microsoft	Windows 10 Version 1507	2277	N/A	2025-12-09	CVE-2025-64680, CVE-2025-64679, CVE-2025-62209
Microsoft	Windows 10 Version 22H2	2093	N/A	2026-06-09	CVE-2026-42993, CVE-2026-44812, CVE-2026-44803
Microsoft	Windows Server 2008 R2 Service Pack 1	1874	N/A	2026-01-13	CVE-2026-20936, CVE-2026-20931, CVE-2026-20929
Microsoft	Windows Server 2008 R2 Service Pack 1 (Server Core installation)	1860	N/A	2026-01-13	CVE-2026-20936, CVE-2026-20931, CVE-2026-20929
Microsoft	Windows 11 version 22H2	1776	N/A	2026-06-09	CVE-2026-50508, CVE-2025-64680, CVE-2025-64679
Microsoft	Windows Server 2022, 23H2 Edition (Server Core installation)	1726	N/A	2026-05-12	CVE-2026-41097, CVE-2026-40413, CVE-2026-40403
Microsoft	Windows Server 2008 Service Pack 2 (Server Core installation)	1667	N/A	2026-01-13	CVE-2026-20936, CVE-2026-20931, CVE-2026-20929
Microsoft	Windows Server 2008 Service Pack 2	1664	N/A	2026-01-13	CVE-2026-20936, CVE-2026-20931, CVE-2026-20929
Microsoft	Windows 11 Version 23H2	1659	N/A	2026-06-09	CVE-2026-42993, CVE-2026-44812, CVE-2026-44803
Mozilla	Firefox	1656	N/A	2026-06-16	CVE-2026-12330, CVE-2026-12329, CVE-2026-12328
Microsoft	Windows 11 version 21H2	1560	N/A	2024-10-08	CVE-2024-43583, CVE-2024-43599, CVE-2024-43585
Microsoft	Windows 11 version 22H3	1556	N/A	2026-05-12	CVE-2026-41097, CVE-2026-40413, CVE-2026-40403
Apple	iOS and iPadOS	1528	N/A	2026-06-11	CVE-2025-46308, CVE-2025-46311, CVE-2026-28872
Microsoft	Windows Server 2008 Service Pack 2	1526	N/A	2025-07-08	CVE-2025-49742, CVE-2025-49732, CVE-2025-49730
Microsoft	Windows 11 Version 24H2	1350	N/A	2026-06-09	CVE-2026-42993, CVE-2026-44812, CVE-2026-44803
Microsoft	Windows Server 2025	1316	N/A	2026-06-09	CVE-2026-42993, CVE-2026-44812, CVE-2026-44803
Microsoft	Windows Server 2025 (Server Core installation)	1316	N/A	2026-06-09	CVE-2026-42993, CVE-2026-44812, CVE-2026-44803
Google	Android	1273	N/A	2026-06-17	CVE-2026-0057, CVE-2026-0019, CVE-2025-48643
Microsoft	Windows 10 Version 20H2	1260	N/A	2023-12-20	CVE-2022-44684, CVE-2022-35759, CVE-2022-35758
Apple	watchOS	1129	N/A	2026-05-11	CVE-2026-28995, CVE-2026-28983, CVE-2026-28917
Apple	tvOS	1094	N/A	2026-05-11	CVE-2026-43653, CVE-2026-28995, CVE-2026-28983
Microsoft	Windows 8.1	1087	N/A	2023-05-31	CVE-2022-35759, CVE-2022-35758, CVE-2022-35756
Huawei	HarmonyOS	1080	N/A	2026-06-09	CVE-2026-41982, CVE-2026-41981, CVE-2026-41977
Microsoft	Windows 10 Version 1903 for x64-based Systems	1070	N/A	2021-02-25	CVE-2020-17162, CVE-2020-17140, CVE-2020-17139
Microsoft	Windows Server, version 1903 (Server Core installation)	1056	N/A	2021-02-25	CVE-2020-17162, CVE-2020-17140, CVE-2020-17139
Microsoft	Windows 10 Version 1903 for ARM64-based Systems	1038	N/A	2021-02-25	CVE-2020-17162, CVE-2020-17140, CVE-2020-17139
Microsoft	Windows 10 Version 1903 for 32-bit Systems	1035	N/A	2021-02-25	CVE-2020-17162, CVE-2020-17140, CVE-2020-17139
Adobe	Adobe Experience Manager	1023	N/A	2026-06-09	CVE-2026-47980, CVE-2026-47945, CVE-2026-48280
Oracle Corporation	MySQL Server	998	N/A	2026-06-16	CVE-2026-46863, CVE-2026-35240, CVE-2026-35239
GitLab	GitLab	992	N/A	2026-06-11	CVE-2026-1500, CVE-2026-3553, CVE-2026-6269
Microsoft	Windows Server, version 1909 (Server Core installation)	990	N/A	2021-07-14	CVE-2021-33760, CVE-2021-31194, CVE-2021-31193
Microsoft	Windows 10 Version 1909	968	N/A	2022-05-18	CVE-2022-30138, CVE-2022-29142, CVE-2022-29141
Microsoft	Windows Server version 20H2	965	N/A	2023-05-31	CVE-2022-35759, CVE-2022-35758, CVE-2022-35757
Google Inc.	Android	960	N/A	2018-12-07	CVE-2018-9574, CVE-2018-9573, CVE-2018-9519
Qualcomm, Inc.	Snapdragon	940	N/A	2026-06-01	CVE-2026-25277, CVE-2026-25276, CVE-2026-25260
Mozilla	Thunderbird	933	N/A	2026-05-19	CVE-2026-8975, CVE-2026-8974, CVE-2026-8973
Microsoft	Windows 7	922	N/A	2023-05-31	CVE-2022-35759, CVE-2022-35758, CVE-2022-35756
Mozilla	Firefox ESR	907	N/A	2026-04-07	CVE-2026-5734, CVE-2026-5732, CVE-2026-5731
Microsoft	Windows Server	831	N/A	2020-07-14	CVE-2020-1463, CVE-2020-1468, CVE-2020-1438
Microsoft	Windows	823	N/A	2025-09-08	CVE-2022-50238, CVE-2025-59033, CVE-2025-9491
Microsoft	Windows 7 Service Pack 1	817	N/A	2023-05-31	CVE-2022-35759, CVE-2022-35758, CVE-2022-35756
Microsoft	Windows 10 Version 21H1	780	N/A	2023-12-20	CVE-2022-44684, CVE-2022-35759, CVE-2022-35758
Samsung Mobile	Samsung Mobile Devices	761	N/A	2026-06-05	CVE-2026-21031, CVE-2026-21030, CVE-2026-21029
Microsoft	Windows 10 Version 2004	757	N/A	2021-12-15	CVE-2021-43893, CVE-2021-43883, CVE-2021-43248
Microsoft	Windows Server version 2004	749	N/A	2026-06-09	CVE-2026-50508, CVE-2021-43893, CVE-2021-43883
Huawei	EMUI	746	N/A	2026-06-09	CVE-2026-41977, CVE-2026-41976, CVE-2026-41974
Red Hat	Red Hat Enterprise Linux 9	714	N/A	2026-06-16	CVE-2026-2604, CVE-2026-4367, CVE-2026-10649
Red Hat	Red Hat Enterprise Linux 8	711	N/A	2026-06-16	CVE-2026-2604, CVE-2026-4367, CVE-2026-10649
Juniper Networks	Junos OS	662	N/A	2026-04-09	CVE-2026-33791, CVE-2026-33790, CVE-2026-33787
Red Hat	Red Hat Enterprise Linux 7	624	N/A	2026-06-16	CVE-2026-2604, CVE-2026-4367, CVE-2026-10649
Microsoft	Windows 11 Version 25H2	616	7.2	2026-06-09	CVE-2026-42993, CVE-2026-44812, CVE-2026-44803
Red Hat	Red Hat Enterprise Linux 6	559	N/A	2026-06-16	CVE-2026-2604, CVE-2026-4367, CVE-2026-10649
Microsoft	Windows 10 Version 1803	552	N/A	2021-05-11	CVE-2021-31194, CVE-2021-31193, CVE-2021-31191
Adobe	Adobe Acrobat and Reader	516	N/A	2020-08-19	CVE-2020-9723, CVE-2020-9722, CVE-2020-9721
Microsoft	Windows 10 Version 1909 for x64-based Systems	512	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
OpenClaw	OpenClaw	512	9.2	2026-06-16	CVE-2026-53866, CVE-2026-53865, CVE-2026-53864
Microsoft	Windows 10 Version 1909 for 32-bit Systems	503	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Microsoft	Windows 10 Version 1909 for ARM64-based Systems	502	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Microsoft	Microsoft 365 Apps for Enterprise	489	N/A	2026-06-09	CVE-2026-47293, CVE-2026-45463, CVE-2026-45459
Apple	iOS	480	N/A	2026-03-17	CVE-2026-20643, CVE-2022-32871, CVE-2022-32891
Adobe	Acrobat Reader	443	N/A	2026-06-12	CVE-2026-47965, CVE-2026-47937, CVE-2026-47916
Apple	visionOS	438	N/A	2026-05-11	CVE-2026-28995, CVE-2026-28983, CVE-2026-28940
Microsoft	Microsoft Office 2019	425	N/A	2026-06-09	CVE-2026-47293, CVE-2026-45463, CVE-2026-45455
Red Hat	Red Hat Enterprise Linux 10	420	N/A	2026-06-16	CVE-2026-2604, CVE-2026-4367, CVE-2026-10649
tensorflow	tensorflow	401	N/A	2024-07-30	CVE-2023-33976, CVE-2024-3660, CVE-2023-25661
Mattermost	Mattermost	387	N/A	2026-06-15	CVE-2026-8683, CVE-2026-6517, CVE-2026-6961
Apple	Safari	386	N/A	2026-03-25	CVE-2026-20691, CVE-2026-20664, CVE-2026-20665
google	android	382	N/A	2024-12-05	CVE-2018-9391, CVE-2018-9390, CVE-2018-9388
Microsoft	Microsoft Office LTSC 2021	355	N/A	2026-06-09	CVE-2026-47293, CVE-2026-45463, CVE-2026-45455
Microsoft	Windows 11 version 26H1	352	7.8	2026-06-09	CVE-2026-44804, CVE-2026-44813, CVE-2026-42993
Unisoc (Shanghai) Technologies Co., Ltd.	SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000	327	N/A	2023-07-12	CVE-2022-48451, CVE-2023-33905, CVE-2023-33904
Qualcomm, Inc.	Android for MSM, Firefox OS for MSM, QRD Android	306	N/A	2019-02-11	CVE-2018-13893, CVE-2018-13889, CVE-2018-11962
Oracle Corporation	VM VirtualBox	280	N/A	2024-07-16	CVE-2024-21164, CVE-2024-21161, CVE-2024-21141
PDF-XChange	PDF-XChange Editor	280	N/A	2026-02-20	CVE-2026-2040, CVE-2025-6640, CVE-2025-6641
Microsoft	Microsoft SharePoint Server 2019	275	N/A	2026-06-09	CVE-2026-48562, CVE-2026-48560, CVE-2026-45484
Microsoft	Windows 10 Version 1709	270	N/A	2020-10-16	CVE-2020-1243, CVE-2020-1167, CVE-2020-1047
Microsoft	Microsoft SharePoint Enterprise Server 2016	260	N/A	2026-06-09	CVE-2026-48562, CVE-2026-48560, CVE-2026-45484
nextcloud	security-advisories	260	N/A	2026-06-01	CVE-2026-45810, CVE-2026-45722, CVE-2026-45691
Microsoft	Windows 10 Version 1709 for 32-bit Systems	256	N/A	2020-10-16	CVE-2020-1167, CVE-2020-17022, CVE-2020-16976
F5	BIG-IP	255	N/A	2026-05-13	CVE-2026-40423, CVE-2026-42930, CVE-2026-24464
google	chrome	252	N/A	2024-12-03	CVE-2024-12053, CVE-2024-7025, CVE-2024-11395
Microsoft	Microsoft Office LTSC for Mac 2021	251	N/A	2026-06-09	CVE-2026-45463, CVE-2026-45459, CVE-2026-45457
QNAP Systems Inc.	QTS	249	N/A	2026-06-10	CVE-2026-24719, CVE-2026-24717, CVE-2026-24716
Foxit	Foxit Reader	247	N/A	2025-08-13	CVE-2025-32451, CVE-2013-10068, CVE-2024-49576
discourse	discourse	247	N/A	2026-06-12	CVE-2026-47264, CVE-2026-47263, CVE-2026-45775
Juniper Networks	Junos OS Evolved	246	N/A	2026-04-09	CVE-2026-33791, CVE-2026-33783, CVE-2026-33776
Cisco	Cisco Small Business RV Series Router Firmware	243	N/A	2024-11-18	CVE-2020-3431, CVE-2024-20524, CVE-2024-20523
Microsoft	Microsoft Office LTSC 2024	242	N/A	2026-06-09	CVE-2026-47293, CVE-2026-45463, CVE-2026-45459
QNAP Systems Inc.	QuTS hero	235	N/A	2026-06-10	CVE-2026-24719, CVE-2026-24717, CVE-2026-24716
Cisco	Cisco IOS XE Software	229	N/A	2026-03-25	CVE-2026-20112, CVE-2026-20113, CVE-2026-20114
xwiki	xwiki-platform	228	N/A	2026-05-20	CVE-2026-33137, CVE-2026-40105, CVE-2026-33229
qualcomm	wsa8830_firmware	215	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43049
qualcomm	wsa8835_firmware	215	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43049
Microsoft	Windows 10	214	N/A	2024-09-26	CVE-2024-6769, CVE-2024-6768, CVE-2019-0577
Foxit	PDF Reader	211	N/A	2025-09-02	CVE-2025-9330, CVE-2025-9323, CVE-2025-9324
qualcomm	wcd9380_firmware	211	N/A	2024-12-02	CVE-2024-43053, CVE-2024-43052, CVE-2024-43050
Liferay	DXP	209	N/A	2025-11-01	CVE-2025-62275, CVE-2025-62276, CVE-2025-62267
Liferay	Portal	206	N/A	2025-11-01	CVE-2025-62275, CVE-2025-62276, CVE-2025-62267
Red Hat	Red Hat OpenShift Container Platform 4	203	N/A	2026-06-16	CVE-2026-10649, CVE-2026-42014, CVE-2026-48914
Microsoft	Windows 10 Servers	201	N/A	2019-01-08	CVE-2019-0577, CVE-2019-0547, CVE-2019-0575
Huawei	Magic UI	200	N/A	2022-09-16	CVE-2020-36601, CVE-2020-36600, CVE-2022-39003
Microsoft	Microsoft Edge (Chromium-based)	198	N/A	2026-05-18	CVE-2026-45495, CVE-2026-45494, CVE-2026-45492
qualcomm	fastconnect_7800_firmware	197	N/A	2024-12-02	CVE-2024-43053, CVE-2024-43052, CVE-2024-43050
Microsoft	Microsoft Office LTSC for Mac 2024	195	N/A	2026-06-09	CVE-2026-45463, CVE-2026-45459, CVE-2026-45457
qualcomm	fastconnect_6900_firmware	194	N/A	2024-12-02	CVE-2024-43053, CVE-2024-43052, CVE-2024-43050
qualcomm	qca6696_firmware	194	N/A	2024-12-02	CVE-2024-33063, CVE-2024-33056, CVE-2024-33053
Apple	iTunes for Windows	192	N/A	2024-10-11	CVE-2024-44157, CVE-2024-44193, CVE-2024-27793
Oracle Corporation	WebLogic Server	190	N/A	2026-06-16	CVE-2026-46848, CVE-2026-35311, CVE-2026-35303
qualcomm	wcd9385_firmware	190	N/A	2024-12-02	CVE-2024-43053, CVE-2024-43052, CVE-2024-43050
qualcomm	qca6574au_firmware	188	N/A	2024-12-02	CVE-2024-33063, CVE-2024-33056, CVE-2024-33053
Microsoft	ChakraCore	187	N/A	2021-11-10	CVE-2021-42279, CVE-2020-17131, CVE-2020-17054
Oracle Corporation	PeopleSoft Enterprise PT PeopleTools	187	N/A	2026-06-16	CVE-2026-35289, CVE-2026-35288, CVE-2026-35279
Microsoft	Microsoft Edge	186	N/A	2023-04-11	CVE-2023-28284, CVE-2019-1107, CVE-2019-1106
qualcomm	wsa8810_firmware	186	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43048
qualcomm	wsa8815_firmware	184	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43048
WWBN	AVideo	183	N/A	2026-05-29	CVE-2026-45580, CVE-2026-45578, CVE-2026-45610
Apple	iCloud for Windows	181	N/A	2022-12-15	CVE-2022-46692, CVE-2022-46698, CVE-2022-46693
IrfanView	IrfanView	180	N/A	2025-07-21	CVE-2025-7299, CVE-2025-7325, CVE-2025-7324
qualcomm	qca6391_firmware	180	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-33063
Oracle Corporation	Java	179	N/A	2020-07-15	CVE-2020-14664, CVE-2020-14621, CVE-2020-14593
Microsoft	Windows 10 Version 2004 for x64-based Systems	177	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Microsoft	Windows Server, version 2004 (Server Core installation)	177	N/A	2020-07-14	CVE-2020-1463, CVE-2020-1468, CVE-2020-1438
OpenHarmony	OpenHarmony	177	N/A	2026-05-19	CVE-2026-33565, CVE-2026-28733, CVE-2026-27766
JetBrains	TeamCity	176	N/A	2026-05-29	CVE-2026-49381, CVE-2026-49380, CVE-2026-49379
LabRedesCefetRJ	WeGIA	176	N/A	2026-05-27	CVE-2026-45335, CVE-2026-45027, CVE-2026-45026
Microsoft	Windows 10 Version 2004 for 32-bit Systems	176	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Microsoft	Windows 10 Version 2004 for ARM64-based Systems	176	N/A	2020-07-27	CVE-2020-1457, CVE-2020-1425, CVE-2020-1463
Palo Alto Networks	PAN-OS	176	N/A	2026-06-10	CVE-2026-0273, CVE-2026-0272, CVE-2026-0269
qualcomm	qca6574a_firmware	175	N/A	2024-12-02	CVE-2024-33063, CVE-2024-33056, CVE-2024-33044
qualcomm	wcd9370_firmware	175	N/A	2024-12-02	CVE-2024-43052, CVE-2024-43050, CVE-2024-43048
Qualcomm, Inc.	All Qualcomm products	174	N/A	2017-08-18	CVE-2017-9684, CVE-2017-9679, CVE-2017-9678
n/a	kernel	172	N/A	2024-02-08	CVE-2024-1312, CVE-2024-1312, CVE-2023-6200
qualcomm	qca6595au_firmware	172	N/A	2024-12-02	CVE-2024-43050, CVE-2024-33063, CVE-2024-33056

CVSS Score Drift

Comparison of CVSS scores across different versions (v2, v3.1, v4.0)

About CVSS Score Drift

CVSS Score Drift measures how vulnerability severity ratings change between CVSS versions (v2, v3.1, v4.0). Different scoring methodologies can result in the same CVE having significantly different severity ratings.

Why it matters: Security teams using different scanners may see conflicting severity scores for the same vulnerability. Understanding drift helps reconcile these differences and prioritize remediation correctly.

How to use: Focus on CVEs with high drift (=2.0 points) - these require manual review to determine actual risk. An upward arrow (?) indicates newer CVSS versions rate it more severe; downward (?) means less severe.

CVEs with Multiple Scores

150

High Drift (=2.0)

Avg Score Drift

2.02

CVE ID	Published	CVSS v2	CVSS v3.1	CVSS v4.0	Drift
CVE-2026-3289	2026-02-27	6.5	9.8	2.1	7.7 ?
CVE-2026-3287	2026-02-27	6.5	9.8	2.1	7.7 ?
CVE-2026-3292	2026-02-27	6.5	8.8	2.1	6.7 ?
CVE-2026-3270	2026-02-27	6.5	8.8	2.1	6.7 ?
CVE-2026-3265	2026-02-26	6.5	8.8	2.1	6.7 ?
CVE-2026-3264	2026-02-26	6.5	8.8	2.1	6.7 ?
CVE-2026-3262	2026-02-26	6.5	8.8	2.1	6.7 ?
CVE-2026-3285	2026-02-27	1.7	7.8	1.9	6.1 ?
CVE-2026-3281	2026-02-27	4.3	7.8	1.9	5.9 ?
CVE-2026-3283	2026-02-27	1.7	7.1	1.9	5.4 ?
CVE-2026-3282	2026-02-27	1.7	7.1	1.9	5.4 ?
CVE-2026-24352	2026-02-27	N/A	9.8	4.8	5.0 ?
CVE-2026-27154	2026-02-26	N/A	6.1	1.3	4.8 ?
CVE-2026-3292	2026-02-27	6.5	6.3	2.1	4.4 ?
CVE-2026-3289	2026-02-27	6.5	6.3	2.1	4.4 ?
CVE-2026-3287	2026-02-27	6.5	6.3	2.1	4.4 ?
CVE-2026-3286	2026-02-27	6.5	4.3	2.1	4.4 ?
CVE-2026-3286	2026-02-27	6.5	6.3	2.1	4.4 ?
CVE-2026-3270	2026-02-27	6.5	6.3	2.1	4.4 ?
CVE-2026-3269	2026-02-27	4.0	6.5	2.1	4.4 ?
CVE-2026-3265	2026-02-26	6.5	6.3	2.1	4.4 ?
CVE-2026-3264	2026-02-26	6.5	6.3	2.1	4.4 ?
CVE-2026-3262	2026-02-26	6.5	6.3	2.1	4.4 ?
CVE-2026-3261	2026-02-26	7.5	9.8	5.5	4.3 ?
CVE-2026-3302	2026-02-27	5.0	6.1	2.1	4.0 ?
CVE-2026-3293	2026-02-27	1.7	5.5	1.9	3.8 ?
CVE-2026-3284	2026-02-27	1.7	5.5	1.9	3.8 ?
CVE-2026-1696	2026-02-26	N/A	6.1	2.3	3.8 ?
CVE-2026-3263	2026-02-26	6.5	8.8	5.3	3.5 ?
CVE-2026-3281	2026-02-27	4.3	5.3	1.9	3.4 ?
CVE-2026-3268	2026-02-26	5.5	4.3	2.1	3.4 ?
CVE-2026-3268	2026-02-26	5.5	5.4	2.1	3.4 ?
CVE-2026-27510	2026-02-26	N/A	9.6	6.4	3.2 ?
CVE-2026-28219	2026-02-26	N/A	4.3	1.3	3.0 ?
CVE-2026-21660	2026-02-27	N/A	9.8	6.9	2.9 ?
CVE-2026-3302	2026-02-27	5.0	4.3	2.1	2.9 ?
CVE-2026-27647	2026-02-27	N/A	9.8	6.9	2.9 ?
CVE-2026-26290	2026-02-27	N/A	9.8	6.9	2.9 ?
CVE-2025-15509	2026-02-27	N/A	4.3	7.1	2.8 ?
CVE-2026-26979	2026-02-26	N/A	2.7	N/A	2.7 ?
CVE-2026-26227	2026-02-26	N/A	3.7	6.3	2.6 ?
CVE-2026-23748	2026-02-26	N/A	3.7	6.3	2.6 ?
CVE-2026-23747	2026-02-26	N/A	3.7	6.3	2.6 ?
CVE-2026-26228	2026-02-26	N/A	4.9	2.3	2.6 ?
CVE-2026-27152	2026-02-26	N/A	3.8	1.3	2.5 ?
CVE-2026-27150	2026-02-26	N/A	3.8	1.3	2.5 ?
CVE-2026-3271	2026-02-27	9.0	9.8	7.4	2.4 ?
CVE-2026-27510	2026-02-26	N/A	8.8	6.4	2.4 ?
CVE-2026-3269	2026-02-27	4.0	4.3	2.1	2.2 ?
CVE-2026-1693	2026-02-26	N/A	7.5	5.3	2.2 ?
CVE-2026-3261	2026-02-26	7.5	7.3	5.5	2.0 ?
CVE-2026-1694	2026-02-26	N/A	4.3	2.3	2.0 ?
CVE-2025-64999	2026-02-26	N/A	5.4	7.3	1.9 ?
CVE-2025-15567	2026-02-27	N/A	3.3	5.1	1.8 ?
CVE-2026-1585	2026-02-27	N/A	6.7	8.4	1.7 ?
CVE-2026-27975	2026-02-26	N/A	9.8	8.1	1.7 ?
CVE-2026-3293	2026-02-27	1.7	3.3	1.9	1.6 ?
CVE-2026-3285	2026-02-27	1.7	3.3	1.9	1.6 ?
CVE-2026-3284	2026-02-27	1.7	3.3	1.9	1.6 ?
CVE-2026-3283	2026-02-27	1.7	3.3	1.9	1.6 ?
CVE-2026-3282	2026-02-27	1.7	3.3	1.9	1.6 ?
CVE-2026-3275	2026-02-27	9.0	8.8	7.4	1.6 ?
CVE-2026-3274	2026-02-27	9.0	8.8	7.4	1.6 ?
CVE-2026-3273	2026-02-27	9.0	8.8	7.4	1.6 ?
CVE-2026-25774	2026-02-27	N/A	5.3	6.9	1.6 ?
CVE-2026-22878	2026-02-27	N/A	5.3	6.9	1.6 ?
CVE-2026-3272	2026-02-27	9.0	8.8	7.4	1.6 ?
CVE-2026-3271	2026-02-27	9.0	8.8	7.4	1.6 ?
CVE-2026-27773	2026-02-27	N/A	5.3	6.9	1.6 ?
CVE-2026-22890	2026-02-27	N/A	5.3	6.9	1.6 ?
CVE-2026-20733	2026-02-27	N/A	5.3	6.9	1.6 ?
CVE-2026-27149	2026-02-26	N/A	6.5	4.9	1.6 ?
CVE-2026-27021	2026-02-26	N/A	5.3	6.9	1.6 ?
CVE-2026-24498	2026-02-27	N/A	7.5	6.0	1.5 ?
CVE-2026-28227	2026-02-26	N/A	2.7	1.2	1.5 ?
CVE-2026-24497	2026-02-27	N/A	9.8	8.4	1.4 ?
CVE-2026-27638	2026-02-26	N/A	7.1	5.7	1.4 ?
CVE-2026-27153	2026-02-26	N/A	2.7	1.3	1.4 ?
CVE-2026-27151	2026-02-26	N/A	2.7	1.3	1.4 ?
CVE-2026-27653	2026-02-27	N/A	6.7	5.4	1.3 ?
CVE-2026-2680	2026-02-26	N/A	6.1	4.8	1.3 ?
CVE-2026-2679	2026-02-26	N/A	6.1	4.8	1.3 ?
CVE-2026-2678	2026-02-26	N/A	6.1	4.8	1.3 ?
CVE-2026-2677	2026-02-26	N/A	6.1	4.8	1.3 ?
CVE-2026-26305	2026-02-27	N/A	7.5	8.7	1.2 ?
CVE-2026-24445	2026-02-27	N/A	7.5	8.7	1.2 ?
CVE-2026-25945	2026-02-27	N/A	7.5	8.7	1.2 ?
CVE-2026-25114	2026-02-27	N/A	7.5	8.7	1.2 ?
CVE-2026-25113	2026-02-27	N/A	7.5	8.7	1.2 ?
CVE-2026-20792	2026-02-27	N/A	7.5	8.7	1.2 ?
CVE-2026-3263	2026-02-26	6.5	6.3	5.3	1.2 ?
CVE-2026-22205	2026-02-26	N/A	7.5	8.7	1.2 ?
CVE-2026-1697	2026-02-26	N/A	6.5	5.3	1.2 ?
CVE-2026-21659	2026-02-27	N/A	9.8	8.7	1.1 ?
CVE-2026-3301	2026-02-27	10.0	9.8	8.9	1.1 ?
CVE-2026-26305	2026-02-27	N/A	9.8	8.7	1.1 ?
CVE-2026-24445	2026-02-27	N/A	9.8	8.7	1.1 ?
CVE-2026-25945	2026-02-27	N/A	9.8	8.7	1.1 ?
CVE-2026-25114	2026-02-27	N/A	9.8	8.7	1.1 ?
CVE-2026-25113	2026-02-27	N/A	9.8	8.7	1.1 ?
CVE-2026-20792	2026-02-27	N/A	9.8	8.7	1.1 ?
CVE-2026-1434	2026-02-27	N/A	6.1	5.1	1.0 ?
CVE-2026-21658	2026-02-27	N/A	9.8	8.8	1.0 ?
CVE-2026-21657	2026-02-27	N/A	9.8	8.8	1.0 ?
CVE-2026-21656	2026-02-27	N/A	9.8	8.8	1.0 ?
CVE-2026-21654	2026-02-27	N/A	9.8	8.8	1.0 ?
CVE-2026-23750	2026-02-26	N/A	8.1	7.2	0.9 ?
CVE-2026-23749	2026-02-26	N/A	2.9	2.1	0.8 ?
CVE-2026-1698	2026-02-26	N/A	6.1	5.3	0.8 ?
CVE-2026-1695	2026-02-26	N/A	6.1	5.3	0.8 ?
CVE-2026-1692	2026-02-26	N/A	6.1	5.3	0.8 ?
CVE-2026-27652	2026-02-27	N/A	7.5	6.9	0.6 ?
CVE-2026-25778	2026-02-27	N/A	7.5	6.9	0.6 ?
CVE-2026-25711	2026-02-27	N/A	7.5	6.9	0.6 ?
CVE-2026-20895	2026-02-27	N/A	7.5	6.9	0.6 ?
CVE-2026-20791	2026-02-27	N/A	7.5	6.9	0.6 ?
CVE-2026-28230	2026-02-26	N/A	6.3	5.7	0.6 ?
CVE-2026-23939	2026-02-26	N/A	7.5	6.9	0.6 ?
CVE-2026-27028	2026-02-27	N/A	9.8	9.3	0.5 ?
CVE-2026-27772	2026-02-27	N/A	9.8	9.3	0.5 ?
CVE-2026-27767	2026-02-27	N/A	9.8	9.3	0.5 ?
CVE-2026-25851	2026-02-27	N/A	9.8	9.3	0.5 ?
CVE-2026-24731	2026-02-27	N/A	9.8	9.3	0.5 ?
CVE-2026-20781	2026-02-27	N/A	9.8	9.3	0.5 ?
CVE-2026-22207	2026-02-26	N/A	9.8	9.3	0.5 ?
CVE-2026-27509	2026-02-26	N/A	8.0	8.5	0.5 ?
CVE-2026-27647	2026-02-27	N/A	7.3	6.9	0.4 ?
CVE-2026-26290	2026-02-27	N/A	7.3	6.9	0.4 ?
CVE-2026-25774	2026-02-27	N/A	6.5	6.9	0.4 ?
CVE-2026-22878	2026-02-27	N/A	6.5	6.9	0.4 ?
CVE-2026-27773	2026-02-27	N/A	6.5	6.9	0.4 ?
CVE-2026-27652	2026-02-27	N/A	7.3	6.9	0.4 ?
CVE-2026-25778	2026-02-27	N/A	7.3	6.9	0.4 ?
CVE-2026-25711	2026-02-27	N/A	7.3	6.9	0.4 ?
CVE-2026-22890	2026-02-27	N/A	6.5	6.9	0.4 ?
CVE-2026-20895	2026-02-27	N/A	7.3	6.9	0.4 ?
CVE-2026-20791	2026-02-27	N/A	6.5	6.9	0.4 ?
CVE-2026-20733	2026-02-27	N/A	6.5	6.9	0.4 ?
CVE-2026-24351	2026-02-27	N/A	5.4	5.1	0.3 ?
CVE-2026-24350	2026-02-27	N/A	5.4	5.1	0.3 ?
CVE-2026-27776	2026-02-27	N/A	8.8	8.6	0.2 ?
CVE-2026-27028	2026-02-27	N/A	9.4	9.3	0.1 ?
CVE-2026-27772	2026-02-27	N/A	9.4	9.3	0.1 ?
CVE-2026-27767	2026-02-27	N/A	9.4	9.3	0.1 ?
CVE-2026-25851	2026-02-27	N/A	9.4	9.3	0.1 ?
CVE-2026-24731	2026-02-27	N/A	9.4	9.3	0.1 ?
CVE-2026-20781	2026-02-27	N/A	9.4	9.3	0.1 ?
CVE-2026-28218	2026-02-26	N/A	5.4	5.3	0.1 ?
CVE-2026-22206	2026-02-26	N/A	8.8	8.7	0.1 ?
CVE-2026-27162	2026-02-26	N/A	4.9	4.9	0.0 ?

CWE Trend Analysis

Common Weakness Enumeration categories and their prevalence trends

About CWE Trends

CWE (Common Weakness Enumeration) is a standardized list of software and hardware weakness types. This analysis tracks which vulnerability categories are most prevalent across your CVE databases.

Why it matters: Understanding CWE trends helps identify systemic weaknesses in your technology stack. If injection vulnerabilities (CWE-89) are rising, it signals a need for input validation improvements across applications.

How to use: Monitor "Rising" trends to anticipate emerging attack vectors. Use the most common CWEs to prioritize developer security training and code review focus areas. Cross-reference with your vendor/product data to identify which products contribute most to each weakness category.

Unique CWEs

Rising Trends

Most Common

CWE-79

Total Occurrences

132827

CWE ID	Description	CVEProject	CISA	Total	Trend
CWE-79	CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	21371	3547	24918	Declining
CWE-89	CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')	9306	1499	10805	Declining
CWE-862	CWE-862: Missing Authorization	5695	1520	7215	Declining
CWE-352	CWE-352 Cross-Site Request Forgery (CSRF)	4647	640	5287	Declining
CWE-74	Injection	4049	933	4982	Declining
CWE-22	CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	3754	629	4383	Declining
CWE-20	Insufficient validation of untrusted input	3945	370	4315	Declining
CWE-125	Out of bounds read	3203	403	3606	Declining
CWE-78	Improper neutralization of special elements used in an OS command ('OS Command Injection')	3051	540	3591	Declining
CWE-200	CWE-200	2989	445	3434	Declining
CWE-284	CWE-284 Improper Access Control - Generic	2852	581	3433	Declining
CWE-416	Use after free	2935	434	3369	Declining
CWE-94	CWE-94 Improper Control of Generation of Code ('Code Injection')	2715	545	3260	Declining
CWE-121	CWE-121: Stack-based Buffer Overflow	2722	477	3199	Declining
CWE-787	CWE-787: Out-of-bounds Write	2509	533	3042	Declining
CWE-119	Memory Corruption	2573	458	3031	Declining
CWE-434	CWE-434 Unrestricted Upload of File with Dangerous Type	2143	450	2593	Declining
CWE-122	Heap buffer overflow	2126	261	2387	Declining
CWE-120	Buffer Overflow	1866	341	2207	Declining
CWE-502	CWE-502 Deserialization of Untrusted Data	1821	326	2147	Declining
CWE-918	CWE-918: Server-Side Request Forgery (SSRF)	1783	325	2108	Declining
CWE-77	CWE-77	1656	391	2047	Declining
CWE-400	CWE-400: Uncontrolled Resource Consumption	1614	229	1843	Declining
CWE-863	CWE-863: Incorrect Authorization	1578	258	1836	Declining
CWE-476	CWE-476 NULL Pointer Dereference	1269	403	1672	Declining
CWE-306	CWE-306: Missing Authentication for Critical Function	1309	325	1634	Declining
CWE-287	CWE-287 Improper Authentication - Generic	1444	176	1620	Declining
CWE-639	CWE-639: Authorization Bypass Through User-Controlled Key	1264	334	1598	Declining
CWE-98	CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')	1107	406	1513	Declining
CWE-285	Improper Authorization	1132	199	1331	Declining
CWE-269	CWE-269: Improper Privilege Management	1109	170	1279	Declining
CWE-770	CWE-770: Allocation of Resources Without Limits or Throttling	1018	253	1271	Declining
CWE-190	Integer Overflow or Wraparound	949	124	1073	Declining
CWE-266	CWE-266 Incorrect Privilege Assignment	840	204	1044	Declining
CWE-601	CWE-601: URL Redirection to Untrusted Site ('Open Redirect')	792	123	915	Declining
CWE-427	CWE-427	744	127	871	Declining
CWE-798	CWE-798: Use of Hard-coded Credentials	620	109	729	Declining
CWE-362	Race	533	160	693	Declining
CWE-532	CWE-532 Insertion of Sensitive Information into Log File	654	0	654	Declining
CWE-276	CWE-276 Incorrect default permissions	531	90	621	Declining
CWE-295	CWE-295	530	85	615	Declining
CWE-404	CWE-404: Improper Resource Shutdown or Release	523	84	607	Declining
CWE-732	Incorrect Permission Assignment for Critical Resource	508	86	594	Declining
CWE-80	CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)	503	87	590	Declining
CWE-288	CWE-288 Authentication bypass using an alternate path or channel	472	86	558	Declining
CWE-59	CWE-59: Improper Link Resolution Before File Access ('Link Following')	502	0	502	Declining
CWE-73	External Control of File Name or Path	419	83	502	Declining
CWE-611	CWE-611 Improper Restriction of XML External Entity Reference	439	0	439	Declining
CWE-126	CWE-126: Buffer Over-read	437	0	437	Declining
CWE-522	Insufficiently Protected Credentials	427	0	427	Declining

Time to Exploit Intelligence

Analysis of time between CVE publication and first public exploit availability (2025-2026 only)

About Time to Exploit

Time to Exploit (TTE) measures the window between when a CVE is publicly disclosed and when a working proof-of-concept exploit becomes available. This metric is critical for understanding your actual patch window.

How to use: CVEs with Critical risk (=7 days) require immediate patching - attackers can weaponize these almost instantly. Use this data to set realistic SLAs for your vulnerability management program and prioritize based on actual exploit timelines, not just CVSS scores.

Average Days to Exploit

191.3

Median Days

180

Fastest Exploit

0 days

CVEs with POC

32461

Risk Distribution

Critical (=7 days)

High (=30 days)

Medium (=90 days)

Low (>90 days)

CVE ID	Vendor	Product	Published	POC Date	Risk
CVE-2025-12573	Unknown	Bookingor	2026-01-20	2026-01-20	Critical
CVE-2025-11002	7-Zip	7-Zip	2026-01-23	2026-01-23	Critical
CVE-2026-1413	Sangfor	Operation and Maintenance Security Management System	2026-01-26	2026-01-26	Critical
CVE-2026-1412	Sangfor	Operation and Maintenance Security Management System	2026-01-26	2026-01-26	Critical
CVE-2026-1414	Sangfor	Operation and Maintenance Security Management System	2026-01-26	2026-01-26	Critical
CVE-2025-14316	Unknown	AhaChat Messenger Marketing	2026-01-26	2026-01-26	Critical
CVE-2025-14973	Unknown	Recipe Card Blocks Lite	2026-01-26	2026-01-26	Critical
CVE-2026-23888	pnpm	pnpm	2026-01-26	2026-01-27	Critical
CVE-2026-23889	pnpm	pnpm	2026-01-26	2026-01-27	Critical
CVE-2026-24056	pnpm	pnpm	2026-01-26	2026-01-27	Critical
CVE-2026-24003	EVerest	everest-core	2026-01-26	2026-01-27	Critical
CVE-2026-24478	Mintplex-Labs	anything-llm	2026-01-26	2026-01-27	Critical
CVE-2026-24686	theupdateframework	go-tuf	2026-01-27	2026-01-27	Critical
CVE-2026-1213	askbot	askbot	2026-01-27	2026-01-28	Critical
CVE-2026-1470	None	None	2026-01-27	2026-01-28	Critical
CVE-2026-24881	GnuPG	GnuPG	2026-01-27	2026-01-28	Critical
CVE-2026-24882	GnuPG	GnuPG	2026-01-27	2026-01-28	Critical
CVE-2026-24770	infiniflow	ragflow	2026-01-27	2026-01-28	Critical
CVE-2026-24740	amir20	dozzle	2026-01-27	2026-01-28	Critical
CVE-2026-24909	vlt	vlt	2026-01-27	2026-01-28	Critical
CVE-2026-24910	Bun	Bun	2026-01-27	2026-01-28	Critical
CVE-2026-23830	nyariv	SandboxJS	2026-01-27	2026-01-28	Critical
CVE-2026-24842	isaacs	node-tar	2026-01-28	2026-01-28	Critical
CVE-2026-24841	Dokploy	dokploy	2026-01-28	2026-01-28	Critical
CVE-2025-13471	Unknown	User Activity Log	2026-01-28	2026-01-28	Critical
CVE-2026-24685	opf	openproject	2026-01-28	2026-01-29	Critical
CVE-2026-1544	D-Link	DIR-823X	2026-01-28	2026-01-29	Critical
CVE-2026-1547	Totolink	A7000R	2026-01-28	2026-01-29	Critical
CVE-2026-1552	n/a	SEMCMS	2026-01-29	2026-01-29	Critical
CVE-2025-14975	Unknown	Custom Login Page Customizer	2026-01-29	2026-01-29	Critical
CVE-2026-1587	n/a	Open5GS	2026-01-29	2026-01-30	Critical
CVE-2026-23896	immich-app	immich	2026-01-29	2026-01-30	Critical
CVE-2025-15550	birkir	prime	2026-01-29	2026-01-30	Critical
CVE-2026-25061	simsong	tcpflow	2026-01-29	2026-01-30	Critical
CVE-2026-25117	pwncollege	dojo	2026-01-29	2026-01-30	Critical
CVE-2026-24902	TrustTunnel	TrustTunnel	2026-01-29	2026-01-30	Critical
CVE-2026-24904	TrustTunnel	TrustTunnel	2026-01-29	2026-01-30	Critical
CVE-2026-1637	Tenda	AC21	2026-01-29	2026-01-30	Critical
CVE-2026-1638	Tenda	AC21	2026-01-29	2026-01-30	Critical
CVE-2026-24855	ChurchCRM	CRM	2026-01-30	2026-01-31	Critical
CVE-2025-4686	Kodmatic Computer Software Tourism Construction Industry and Trade Ltd. Co.	Online Exam and Assessment	2026-01-30	2026-01-31	Critical
CVE-2026-1700	projectworlds	House Rental and Property Listing	2026-01-30	2026-01-31	Critical
CVE-2026-25130	aliasrobotics	cai	2026-01-30	2026-01-31	Critical
CVE-2026-25069	SunFounder	Pironman Dashboard (pm_dashboard)	2026-01-31	2026-02-01	Critical
CVE-2026-0658	Unknown	Five Star Restaurant Reservations	2026-02-02	2026-02-02	Critical
CVE-2025-15030	Unknown	User Profile Builder	2026-02-02	2026-02-02	Critical
CVE-2025-15396	Unknown	Library Viewer	2026-02-02	2026-02-02	Critical
CVE-2026-24071	Native Instruments	Native Access	2026-02-02	2026-02-03	Critical
CVE-2026-23997	NeoRazorX	facturascripts	2026-02-02	2026-02-03	Critical
CVE-2026-25228	SignalK	signalk-server	2026-02-02	2026-02-03	Critical