186
CVEs
2
Critical
45
High
0
KEV
0
PoC
34
Unpatched C/H
21.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
2
HIGH
45
MEDIUM
109
LOW
17
Monthly CVE Trend
Affected Products (16)
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-24325 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available. | CRITICAL | 9.3 | 0.0% | 47 |
No patch
|
| CVE-2026-20794 | Buffer overflow for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow an | CRITICAL | 9.3 | 0.0% | 47 |
No patch
|
| CVE-2026-20887 | Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged s | HIGH | 8.8 | 0.2% | 44 |
No patch
|
| CVE-2025-24484 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-24486 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-22836 | Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-24303 | Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-34459 | Stack buffer overflow in Sandboxie-Plus SbieSvc proxy service enables SYSTEM privilege escalation from sandboxed processes, including Security Hardened Sandboxes. Attackers chain an information disclosure (returning up to 32KB uninitialized stack memory with ASLR/stack cookie bypass) with an unbounded memcpy overflow in the GetRawInputDeviceInfoSlave IPC handler. Intel CET shadow stacks block ROP exploitation but not the information leak itself. Vendor-released patch available in version 1.17.3. No public exploit identified at time of analysis, but attack complexity is rated high (AC:H) with low privilege requirements (PR:L), making this viable for motivated attackers targeting sandbox environments. | HIGH | 8.8 | 0.0% | 44 |
|
| CVE-2025-22893 | Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-25273 | Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-35990 | Improper input validation for some Intel Endpoint Management Assistant (EMA) software before version 1.14.5 within Ring 3: User Applications may allow | HIGH | 8.7 | 0.0% | 44 |
No patch
|
| CVE-2026-40618 | Traffic Management Microkernel (TMM) crashes in F5 BIG-IP Virtual Edition and hardware platforms when SSL profiles are configured without hardware crypto acceleration, allowing remote unauthenticated attackers to cause denial of service via undisclosed traffic patterns. CVSS 7.5 (High) with network attack vector and no prerequisites. EPSS data not provided, no CISA KEV listing identified, indicating theoretical rather than observed exploitation. Vendor patch available per F5 advisory K000158082. | HIGH | 8.7 | 0.1% | 44 |
|
| CVE-2026-20767 | Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalat | HIGH | 8.5 | 0.0% | 43 |
No patch
|
| CVE-2026-20738 | Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 8960 software before version 1.13 within Ring 3: User Applications may allow an es | HIGH | 8.5 | 0.0% | 43 |
No patch
|
| CVE-2026-20714 | Out-of-bounds write for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a escalation of | HIGH | 8.5 | 0.0% | 43 |
No patch
|