4
CVEs
0
Critical
2
High
0
KEV
0
PoC
1
Unpatched C/H
25.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
2
MEDIUM
2
LOW
0
Monthly CVE Trend
Affected Products (21)
Linux Kernel
46
Windows
38
Memory Corruption
20
Quickassist Technology
14
Computing Improvement Program
11
Null Pointer Dereference
10
Proset Wireless Wifi
7
Use After Free
6
Race Condition
6
Ethernet Controller
4
Jwt Attack
3
macOS
3
Stack Overflow
3
Integer Overflow
3
Advisor
2
Securecore Technology
2
Oneapi Base Toolkit
2
Python
2
Tdx Module
1
Debian Linux
1
Kubernetes
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-23554 | This vulnerability in Intel EPT (Extended Page Tables) paging code within Xen allows information disclosure through a use-after-free condition in cached EPT state management. When paging structures are freed before cached EPT state is flushed, stale entries can persist in the EPT cache pointing to memory ranges outside the guest's intended ownership, enabling unauthorized memory access. Xen across multiple versions is affected, with Ubuntu tracking the issue at medium priority across 7 releases and Debian across 7 releases, making this a widespread concern for virtualization infrastructure. | HIGH | 7.8 | 0.0% | 39 |
|
| CVE-2026-33697 | Attested TLS relay attacks in Cocos AI confidential computing system versions 0.4.0 through 0.8.2 enable attackers to impersonate genuine TEE-protected services on AMD SEV-SNP and Intel TDX platforms by extracting ephemeral TLS private keys and redirecting authenticated sessions. The architectural flaw allows an attacker with physical access or side-channel capabilities to relay attestation evidence to a different endpoint, breaking the authentication binding between the TEE and the client. No vendor-released patch is available; the vulnerability affects a specialized confidential computing platform with low EPSS probability (formal EPSS score not provided in input) and no public exploit identified at time of analysis, though formal ProVerif verification confirms the attack feasibility. | HIGH | 7.5 | 0.0% | 38 |
No patch
|
| CVE-2026-20699 | A downgrade vulnerability affecting Intel-based Mac computers allows malicious applications to bypass code-signing restrictions and access user-sensitive data. The vulnerability impacts macOS Sequoia (versions before 15.7.5), macOS Sonoma (versions before 14.8.5), macOS Tahoe (versions before 26.3 and 26.4), and affects all Intel-based Mac systems running vulnerable versions. An attacker can craft an application that exploits insufficient code-signing validation to downgrade security protections and exfiltrate sensitive user information. | MEDIUM | 6.2 | 0.0% | 31 |
No patch
|
| CVE-2026-20709 | Use of a default cryptographic key in Intel Pentium Processor Silver Series, Celeron Processor J Series, and Celeron Processor N Series hardware allows privilege escalation when a hardware reverse engineer with privileged user access performs a high-complexity physical attack with special internal knowledge. The vulnerability has a CVSS score of 5.8 with physical attack vector (AV:P) and high attack complexity (AC:H), requiring privileged access (PR:H) and special attack time requirements (AT:P). No public exploit code or active CISA KEV designation has been identified. | MEDIUM | 5.8 | 0.0% | 29 |
No patch
|