ACT NOW
CVE-2021-45046
9.0
Apache Log4j2 contains an incomplete fix for Log4Shell (CVE-2021-44228) that allows attackers to bypass the initial patch through Thread Context Map (MDC) input data in non-default configurations, enabling RCE and DoS.
|
ACT NOW
CVE-2021-44228
10.0
Apache Log4j2 contains a critical JNDI injection vulnerability known as 'Log4Shell' that allows unauthenticated remote code execution through crafted log messages, affecting virtually every Java application on Earth and triggering the largest vulnerability remediation effort in history.
|
Today's Vulnerabilities Vulnerabilities
Daily vulnerability intelligence for defenders – fresh CVEs with exploitability signals, patch status, and action-oriented priorities from 17 sources.
CVEs published in review
Track vulnerabilities that matter to your stack
Personalized alerts, dashboards, and weekly digests – free.
Trending Now
🚨
GHSA
MAL
CVSS
NEWS
No trending vulnerabilities right now
Critical Watch
KEV
POC
CVSS
No critical watch entries today
Vendor Today – Quick Filter
Techniques
POC
CISA KEV
PATCH
UNPATCHED
results
Sort:
Base Score
Vector String
Attack Vector (AV)
Attack Complexity (AC)
Privileges Required (PR)
User Interaction (UI)
Scope (S)
Confidentiality (C)
Integrity (I)
Availability (A)
0
|
3.9|
6.9|
8.9|
10
NONE
LOW
MEDIUM
HIGH
CRITICAL
CVSS Filter
– CVEs match
No CVEs match the selected criteria
Loading...
No vulnerabilities found for this date.
Data may not have been fetched yet.
Live Feed
auto-refresh 60s
KEV
POC
No new CVEs in the last 2 hours. Check back soon.