839
CVEs
60
Critical
269
High
9
KEV
39
PoC
171
Unpatched C/H
43.9%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
60
HIGH
269
MEDIUM
452
LOW
57
Monthly CVE Trend
Affected Products (30)
macOS
370
iOS
210
Ipados
79
Iphone Os
74
Windows
46
Open Redirect
32
Ios Xe
31
Android
31
Safari
29
Visionos
26
Tvos
23
Watchos
23
Python
22
Docker
15
Node.js
14
Ios Xr
13
PHP
10
Jwt Attack
7
Chrome
7
Linux Kernel
7
Ubuntu
6
Virtual Appliance Application
5
Virtual Appliance Host
5
Mobile Security Framework
4
Meeting Software Development Kit
4
Java
4
Workplace Desktop
4
PostgreSQL
3
Video Software Development Kit
3
Rooms
3
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-43300 | Apple iOS/iPadOS contain an out-of-bounds write in image processing that allows code execution through malicious images, exploited in extremely sophisticated targeted attacks against specific individuals. | CRITICAL | 10.0 | 0.5% | 121 |
KEV
PoC
No patch
|
| CVE-2025-31277 | WebKit memory corruption in Safari 18.6 and multiple Apple platforms allows remote code execution when processing maliciously crafted web content, exploited in the wild as a zero-day. | HIGH | 8.8 | 0.1% | 114 |
KEV
PoC
|
| CVE-2026-20700 | Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CVE-2026-20700, CVSS 7.8) that allows attackers with memory write capability to execute arbitrary code at the kernel level. KEV-listed with Apple confirming reports of sophisticated in-the-wild exploitation, this represents an active zero-day targeting the Apple ecosystem at its most fundamental security boundary. | HIGH | 7.8 | 0.4% | 109 |
KEV
PoC
No patch
|
| CVE-2025-43510 | Apple kernel lock state checking flaw allows a malicious application to cause unexpected changes in memory shared between processes, potentially enabling cross-process data manipulation on iOS, macOS, and other Apple platforms. | HIGH | 7.8 | 0.0% | 109 |
KEV
PoC
No patch
|
| CVE-2025-34089 | An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote control utility developed by Aexol Studio, in versions up to and including 2025.7. When the application is configured with authentication disabled (i.e., the "Allow unknown devices" option is enabled), the /api/executeScript endpoint is exposed without access control. This allows unauthenticated remote attackers to inject arbitrary AppleScript payloads via the X-Script HTTP header, resulting in code execution using do shell script. Successful exploitation grants attackers the ability to run arbitrary commands on the macOS host with the privileges of the Remote for Mac background process. | CRITICAL | 9.3 | 56.5% | 103 |
No patch
|
| CVE-2025-43520 | Apple kernel memory corruption in multiple operating systems allows a malicious application to cause unexpected system termination or write kernel memory via an out-of-bounds write flaw addressed in watchOS 26.1, iOS 18.7.2, and macOS Tahoe 26.1. | MEDIUM | 5.5 | 0.0% | 98 |
KEV
PoC
No patch
|
| CVE-2025-43529 | WebKit arbitrary code execution via use-after-free memory corruption affects Safari 26.2, iOS/iPadOS 18.7.3 through 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, and watchOS 26.2, allowing remote attackers to execute arbitrary code by convincing users to visit malicious websites. This vulnerability is confirmed actively exploited (CISA KEV) in extremely sophisticated targeted attacks against specific individuals on iOS versions prior to iOS 26, per Apple's security bulletin. EPSS score of 0.12% (32nd percentile) significantly understates real-world risk given confirmed exploitation. Related vulnerability CVE-2025-14174 was issued for the same exploitation campaign, suggesting a complex attack chain targeting Apple ecosystem users. | HIGH | 8.8 | 0.1% | 94 |
KEV
|
| CVE-2025-20352 | A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available. | HIGH | 7.7 | 2.0% | 90 |
KEV
No patch
|
| CVE-2025-43200 | A denial of service vulnerability in This (CVSS 4.2). Risk factors: actively exploited (KEV-listed). | MEDIUM | 4.2 | 0.4% | 71 |
KEV
|
| CVE-2025-34192 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.3 | 0.3% | 67 |
PoC
No patch
|
| CVE-2025-66555 | AirKeyboard iOS App 1.0.5 contains a missing authentication vulnerability that allows unauthenticated attackers to type arbitrary keystrokes directly into the victim's iOS device in real-time without user interaction, resulting in full remote input control. | HIGH | 8.8 | 0.4% | 64 |
PoC
No patch
|
| CVE-2025-52841 | Cross-Site Request Forgery (CSRF) vulnerability in Laundry on Linux, MacOS allows to perform an Account Takeover. This issue affects Laundry: 2.3.0. | HIGH | 8.8 | 0.0% | 64 |
PoC
No patch
|
| CVE-2026-24070 | Native Access on macOS allows local authenticated attackers to inject malicious libraries into the privileged XPC helper process due to overly permissive code signing entitlements, enabling arbitrary code execution with system-level privileges. The vulnerability stems from the application being signed with dyld environment variable and library validation bypass entitlements while communicating with a trusted helper that validates only the signing certificate. Public exploit code exists, and no patch is currently available. | HIGH | 8.8 | 0.0% | 64 |
PoC
No patch
|
| CVE-2026-47114 | Arbitrary command execution in IINA media player for macOS versions prior to 1.4.3 allows remote attackers to run shell commands as the logged-in user by tricking the victim into approving an iina://open URL containing malicious mpv_-prefixed parameters. Publicly available exploit code exists and a vendor patch has been released; exploitation requires a single browser protocol prompt approval (UI:A) but no authentication and no valid media file. | HIGH | 8.6 | 0.2% | 63 |
PoC
|
| CVE-2025-34188 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local logging. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available. | HIGH | 8.4 | 0.0% | 62 |
PoC
No patch
|