1052
CVEs
65
Critical
354
High
9
KEV
51
PoC
175
Unpatched C/H
54.5%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
65
HIGH
354
MEDIUM
570
LOW
62
Monthly CVE Trend
Affected Products (30)
Iphone Os
2907
macOS
1894
Mac Os X
1833
Tvos
1491
Ipados
1334
Watchos
1302
Safari
922
Itunes
589
iOS
556
Ios Xe
464
Icloud
319
Ios Xr
159
Visionos
156
Chrome
132
Debian Linux
95
Webkitgtk
87
Fedora
79
Quicktime
72
Webkit
64
Ipad Os
63
Ubuntu Linux
60
Ios And Ipados
56
Jwt Attack
49
Open Redirect
44
Mac Os X Server
43
Firefox
42
Windows
40
Python
35
Enterprise Linux Workstation
34
Enterprise Linux Server
34
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-43300 | Apple iOS/iPadOS contain an out-of-bounds write in image processing that allows code execution through malicious images, exploited in extremely sophisticated targeted attacks against specific individuals. | CRITICAL | 10.0 | 0.5% | 121 |
KEV
PoC
No patch
|
| CVE-2025-31277 | WebKit memory corruption in Safari 18.6 and multiple Apple platforms allows remote code execution when processing maliciously crafted web content, exploited in the wild as a zero-day. | HIGH | 8.8 | 0.1% | 114 |
KEV
PoC
|
| CVE-2023-43000 | A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available. | HIGH | 8.8 | 0.1% | 114 |
KEV
PoC
|
| CVE-2026-20700 | Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CVE-2026-20700, CVSS 7.8) that allows attackers with memory write capability to execute arbitrary code at the kernel level. KEV-listed with Apple confirming reports of sophisticated in-the-wild exploitation, this represents an active zero-day targeting the Apple ecosystem at its most fundamental security boundary. | HIGH | 7.8 | 0.4% | 109 |
KEV
PoC
No patch
|
| CVE-2025-43510 | Apple kernel lock state checking flaw allows a malicious application to cause unexpected changes in memory shared between processes, potentially enabling cross-process data manipulation on iOS, macOS, and other Apple platforms. | HIGH | 7.8 | 0.0% | 109 |
KEV
PoC
No patch
|
| CVE-2025-43520 | Apple kernel memory corruption in multiple operating systems allows a malicious application to cause unexpected system termination or write kernel memory via an out-of-bounds write flaw addressed in watchOS 26.1, iOS 18.7.2, and macOS Tahoe 26.1. | MEDIUM | 5.5 | 0.0% | 98 |
KEV
PoC
No patch
|
| CVE-2025-43529 | WebKit arbitrary code execution via use-after-free memory corruption affects Safari 26.2, iOS/iPadOS 18.7.3 through 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, and watchOS 26.2, allowing remote attackers to execute arbitrary code by convincing users to visit malicious websites. This vulnerability is confirmed actively exploited (CISA KEV) in extremely sophisticated targeted attacks against specific individuals on iOS versions prior to iOS 26, per Apple's security bulletin. EPSS score of 0.12% (32nd percentile) significantly understates real-world risk given confirmed exploitation. Related vulnerability CVE-2025-14174 was issued for the same exploitation campaign, suggesting a complex attack chain targeting Apple ecosystem users. | HIGH | 8.8 | 0.1% | 94 |
KEV
|
| CVE-2025-20352 | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available. | HIGH | 7.7 | 2.0% | 90 |
KEV
No patch
|
| CVE-2025-34192 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.3 | 0.3% | 67 |
PoC
No patch
|
| CVE-2026-33439 | Remote code execution in OpenIdentityPlatform OpenAM 16.0.5 and earlier allows unauthenticated attackers to execute arbitrary OS commands via unsafe Java deserialization of the jato.clientSession HTTP parameter. This bypass exploits an unpatched deserialization sink in JATO's ClientSession.deserializeAttributes() that was overlooked when CVE-2021-35464 was mitigated. Attackers can target any JATO ViewBean endpoint with <jato:form> tags (commonly found in password reset pages) using a PriorityQue | CRITICAL | 9.3 | 0.1% | 67 |
PoC
|
| CVE-2025-66555 | AirKeyboard iOS App 1.0.5 contains a missing authentication vulnerability that allows unauthenticated attackers to type arbitrary keystrokes directly into the victim's iOS device in real-time without user interaction, resulting in full remote input control. | HIGH | 8.8 | 0.4% | 64 |
PoC
No patch
|
| CVE-2026-24070 | Native Access on macOS allows local authenticated attackers to inject malicious libraries into the privileged XPC helper process due to overly permissive code signing entitlements, enabling arbitrary code execution with system-level privileges. The vulnerability stems from the application being signed with dyld environment variable and library validation bypass entitlements while communicating with a trusted helper that validates only the signing certificate. Public exploit code exists, and no patch is currently available. | HIGH | 8.8 | 0.0% | 64 |
PoC
No patch
|
| CVE-2026-48801 | Denial of service in linkify-it (npm) through v5.0.0 lets remote unauthenticated attackers wedge a rendering worker by submitting tens of KB of repeated email/link-like text. The core public API LinkifyIt.prototype.match runs an O(N²) scan loop that re-slices the input and re-runs unanchored fuzzy regex searches once per match, so 64 KB of "a@b.com" burns ~2.5 s of single-threaded CPU and 128 KB ~10 s. The flaw is inherited by markdown-it (~21.6M weekly npm downloads) whenever linkify:true is set, exposing forums, chat, wikis and AI chat UIs; publicly available exploit code (a PoC in the GHSA advisory) exists, but there is no evidence of active exploitation. | HIGH | 8.7 | 0.4% | 64 |
PoC
|
| CVE-2021-47973 | Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 8.7 | 0.0% | 64 |
PoC
No patch
|
| CVE-2021-47944 | memono Notepad 4.2 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character buffers into note fields. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 8.7 | 0.0% | 64 |
PoC
No patch
|