137
Open CVEs
0
Exploited
0
KEV
14
Unpatched
1
No Workaround
53
Internet-facing
Why this provider is risky now
This provider has 137 open CVE(s) in the last 30 days. 14 have no vendor patch. 53 affect internet-facing services. 29 impact the management/identity plane.
14 Unpatched
29 Mgmt / Admin Plane
1 No Workaround
53 Internet-facing
Top Risky CVEs
CVE-2026-39842
Act Now
Remote code execution as root in OpenRemote IoT platform's rules engine (versions prior to 1.20.3) allows authenticated non-superuser attackers with write:rules role to execute arbitrary Java code via unsandboxed JavaScript rulesets. The vulnerability stems from Nashorn ScriptEngine.eval() executing user-supplied JavaScript without ClassFilter restrictions, enabling Java.type() access to any JVM class including java.lang.Runtime. Attackers can compromise the entire multi-tenant platform, steal c
Within 24 hours: Inventory all OpenRemote deployments and document current versions; restrict write:rules role to only trusted superuser accounts and disable rules engine if possible. Within 7 days: Test upgrade path to OpenRemote 1.20.3 or later in a non-production environment; implement network segmentation to limit rules engine access. Within 30 days: Complete upgrade of all production OpenRemote instances to version 1.20.3 or later; audit logs for any rules created by non-superuser accounts since deployment; validate tenant isolation is functioning post-patch.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-94: Code Injection)
- • Third-party ICT: Docker, PostgreSQL, Apple
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
- • ICT provider: PostgreSQL (Databases & Data Platforms)
- • ICT provider: Apple (Operating Systems)
9.9
CVSS
0.1%
EPSS
50
Priority
CVE-2026-28858
Act Now
Insufficient bounds checking in Apple iOS and iPadOS 26.4 allows unauthenticated remote attackers to trigger buffer overflow conditions that corrupt kernel memory or cause system crashes without user interaction. This critical vulnerability affects all devices running the affected OS versions and has no available patch. An attacker can exploit this flaw over the network to achieve denial of service or potentially escalate privileges through kernel memory corruption.
Within 24 hours: Identify all affected systems and apply vendor patches immediately. If patching is delayed, consider network segmentation to limit exposure.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Third-party ICT: Apple
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Apple (Operating Systems)
9.8
CVSS
0.0%
EPSS
49
Priority
CVE-2026-33976
Act Now
Remote code execution via stored XSS in Notesnook Web Clipper affects all platforms prior to version 3.3.11 (Web/Desktop) and 3.3.17 (Android/iOS). Attackers can inject malicious HTML attributes into clipped web content that execute JavaScript in the application's security context when victims open the clip. On Electron desktop builds, unsafe Node.js integration (nodeIntegration: true, contextIsolation: false) escalates this XSS to full RCE with system-level access. CVSS 9.6 (Critical) reflects network-based attack requiring no authentication but user interaction. No public exploit identified at time of analysis, though attack methodology is detailed in vendor advisory.
Within 24 hours: Identify all Notesnook Web Clipper installations across the organization (web, desktop, Android, iOS) and document current versions. Within 7 days: Deploy Notesnook Web Clipper version 3.3.11 or later (Web/Desktop) and 3.3.17 or later (Android/iOS) via MDM, package managers, or browser extension update mechanisms; verify deployment completion across 95%+ of user base. Within 30 days: Conduct post-deployment audit to confirm 100% compliance and review access logs for any suspicious clipper activity or JavaScript execution anomalies during the pre-patch window.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-79: Cross-site Scripting (XSS))
- • Third-party ICT: Apple
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Apple (Operating Systems)
9.6
CVSS
0.1%
EPSS
48
Priority
Stackfield Desktop App before version 1.10.2 for macOS and Windows allows arbitrary file writes to the filesystem through a path traversal vulnerability in its decryption functionality when processing the filePath property. A malicious export file can enable attackers to overwrite critical system or application files, potentially leading to code execution or application compromise without requiring user interaction beyond opening the malicious export.
Edge exposure
ICT dependency
No patch available
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-22: Path Traversal)
- • Third-party ICT: Apple
- • No patch available
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Apple (Operating Systems)
- • No remediation available
9.6
CVSS
0.0%
EPSS
48
Priority
CVE-2026-33439
Act Now
Remote code execution in OpenIdentityPlatform OpenAM 16.0.5 and earlier allows unauthenticated attackers to execute arbitrary OS commands via unsafe Java deserialization of the jato.clientSession HTTP parameter. This bypass exploits an unpatched deserialization sink in JATO's ClientSession.deserializeAttributes() that was overlooked when CVE-2021-35464 was mitigated. Attackers can target any JATO ViewBean endpoint with <jato:form> tags (commonly found in password reset pages) using a PriorityQue
Within 24 hours: Identify all OpenAM deployments and document version numbers; verify if any are running 16.0.5 or earlier. Within 7 days: Apply vendor-released patch to OpenAM 16.0.6 or later (GitHub commit 014007c or subsequent stable release); test in staging environment first. Within 30 days: Conduct post-patch verification; review authentication logs for suspicious jato.clientSession parameter activity; implement network-level monitoring for JATO ViewBean endpoints.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-502: Deserialization of Untrusted Data)
- • Third-party ICT: Docker, Oracle Database, Apple
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Docker (Dev Platforms & CI/CD)
- • ICT provider: Oracle Database (Databases & Data Platforms)
- • ICT provider: Apple (Operating Systems)
9.3
CVSS
0.1%
EPSS
47
Priority
CVE-2026-28827
Act Now
Improper path validation in macOS (Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4) allows sandboxed applications to escape their sandbox restrictions through directory path traversal. A local attacker with the ability to run malicious apps can exploit this weakness to execute code outside sandbox boundaries with full system privileges. No patch is currently available for this critical vulnerability.
24 hours: Audit and document all macOS devices running Sequoia 15.7.5, Sonoma 14.8.5, or Tahoe 26.4 in your environment; immediately restrict user ability to install third-party applications until patched. 7 days: Monitor CISA KEV catalog and Apple security advisories for patch release confirmation; prepare update deployment plan. 30 days: Apply vendor-released patch to all affected macOS systems as soon as Apple releases the fix; implement application allowlist controls to prevent execution of untrusted binaries.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-22: Path Traversal)
- • Third-party ICT: Apple
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Apple (Operating Systems)
9.3
CVSS
0.0%
EPSS
47
Priority
CVE-2026-20688
Act Now
Sandbox escape vulnerability in Apple iOS, iPadOS, macOS, and visionOS allows local attackers to break out of application sandboxes through improper path validation, potentially enabling unauthorized access to system resources and data. An attacker with local access could leverage this flaw to execute arbitrary operations outside application boundaries and bypass security restrictions. No patch is currently available for this critical vulnerability affecting multiple Apple platforms.
Within 24 hours: Inventory all Apple devices running iOS, iPadOS, macOS, and visionOS across the organization and identify affected versions. Within 7 days: Apply the vendor-released patch to all affected Apple devices as updates become available from Apple. Within 30 days: Complete patch deployment across 100% of Apple device inventory and verify patch installation through mobile device management (MDM) or endpoint management tools.
Edge exposure
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Internet-facing (CWE-22: Path Traversal)
- • Third-party ICT: Apple
- • Moderate evidence (PoC / elevated EPSS)
DORA Relevant
- • CRITICAL severity
- • ICT provider: Apple (Operating Systems)
9.3
CVSS
0.0%
EPSS
47
Priority
CVE-2026-39860
Act Now
Local privilege escalation in Nix package manager daemon (versions prior to 2.34.5/2.33.4/2.32.7/2.31.4/2.30.4/2.29.3/2.28.6) allows unprivileged users to gain root access in multi-user Linux installations. Incomplete fix for CVE-2024-27297 permits symlink attacks during fixed-output derivation registration, enabling arbitrary file overwrites as root. Attackers exploit sandboxed build registration by placing symlinks in temporary output paths, causing the daemon to follow symlinks and overwrite sensitive system files with controlled content. Affects default configurations where all users can submit builds. No public exploit identified at time of analysis.
Within 24 hours: Identify all systems running Nix versions prior to 2.34.5, 2.33.4, 2.32.7, 2.31.4, 2.30.4, 2.29.3, or 2.28.6 using 'nix --version' and inventory. Within 7 days: Apply vendor-released patches to upgrade to Nix 2.34.5 (or 2.33.4, 2.32.7, 2.31.4, 2.30.4, 2.29.3, or 2.28.6 depending on current branch). Within 30 days: Conduct access review of multi-user Nix installations and audit build logs for unauthorized fixed-output derivation submissions during the window of vulnerability exposure.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • CRITICAL severity
- • Third-party ICT: SUSE, Apple
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • CRITICAL severity
- • ICT provider: SUSE (Infrastructure & Virtualization)
- • ICT provider: Apple (Operating Systems)
9.0
CVSS
0.0%
EPSS
45
Priority
CVE-2025-43219
This Week
Memory corruption in macOS Sequoia image processing allows remote attackers to achieve arbitrary code execution via maliciously crafted images requiring user interaction. Affects macOS Sequoia versions prior to 15.6, with CVSS 8.8 (High) severity due to potential for complete system compromise. EPSS data unavailable; no public exploit identified at time of analysis. Apple addressed the vulnerability through improved memory handling in macOS 15.6 (released June 2025). Attack requires victim to process a weaponized image file, making social engineering or malicious websites likely delivery vectors.
Within 24 hours: Identify all macOS Sequoia devices running versions prior to 15.6 using your MDM or asset inventory. Within 7 days: Deploy macOS Sequoia 15.6 or later to all affected devices; prioritize systems handling sensitive data or accessed by high-value targets. Within 30 days: Confirm 100% patch compliance via MDM reporting and conduct user awareness training on opening image files from untrusted sources.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Apple
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Apple (Operating Systems)
8.8
CVSS
0.0%
EPSS
44
Priority
CVE-2025-43264
This Week
Memory corruption in macOS Sequoia's image processing subsystem allows unauthenticated remote attackers to potentially execute arbitrary code when a user opens a specially crafted image file. Apple has patched this buffer overflow vulnerability in macOS 15.6. With a CVSS score of 8.8 and requiring only user interaction, this represents a significant attack surface for social engineering campaigns. EPSS data not available, but no public exploit or active exploitation confirmed at time of analysis. The SSVC framework rates this as total technical impact, reinforcing the criticality of applying the vendor patch.
Within 24 hours: Inventory all macOS Sequoia deployments and notify users to avoid opening untrusted image files from email or web sources. Within 7 days: Deploy macOS 15.6 (or later) to all affected systems using your MDM solution; prioritize users in high-risk roles. Within 30 days: Verify 100% patch compliance across macOS fleet and implement content filtering rules to block suspicious image attachments at mail gateways.
ICT dependency
Patched
Why flagged?
NIS2 Relevant
- • HIGH severity
- • Third-party ICT: Apple
- • Strong evidence (KEV / high EPSS / multi-source)
DORA Relevant
- • HIGH severity
- • ICT provider: Apple (Operating Systems)
8.8
CVSS
0.0%
EPSS
44
Priority
By Exposure
Internet-facing
53
Mgmt / Admin Plane
29
Identity / Auth
9
Internal only
80
By Exploitability
Known exploited
0
Public PoC
0
High EPSS (>30%)
0
Remote unauthenticated
63
Local only
55
By Remediation
Patch available
123
No patch
14
Workaround available
114
No workaround
1
Affected Services / Product Families
Apple
137 CVE(s)
+ 127 more
macOS
76 CVE(s)
+ 66 more
iOS
41 CVE(s)
+ 31 more