194
CVEs
3
Critical
53
High
0
KEV
0
PoC
35
Unpatched C/H
23.7%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
3
HIGH
53
MEDIUM
116
LOW
17
Monthly CVE Trend
Affected Products (30)
Linux Kernel
130
Mac Os X
56
Active Management Technology Firmware
50
Debian Linux
48
Fedora
40
Graphics Driver
37
Windows
37
Xen
36
Converged Security Management Engine Firmware
30
Server Board S2600St Firmware
26
Core I7 8665U Firmware
26
Server Board S2600Wf Firmware
25
Core I7 8500Y Firmware
25
Core I7 8700K Firmware
25
Core I7 8700T Firmware
25
Core I7 8700 Firmware
25
Core I7 8650U Firmware
25
Core I7 8565U Firmware
24
Server Board S2600Bp Firmware
24
Proset Wireless Wifi
24
Core I7 8706G Firmware
24
Server Board S2600Kp Firmware
24
Core I7 8850H Firmware
24
Core I9 9900K Firmware
23
Server System R1000Wf Firmware
23
Compute Module Hns2600Bp Firmware
23
Core I7 8550U Firmware
23
Core I7 8705G Firmware
23
Core I7 8809G Firmware
23
Core I7 8709G Firmware
23
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-45898 | Kernel memory corruption in the Linux iWARP Connection Manager (RDMA/iwcm) subsystem can crash systems running RDMA workloads on iWARP-capable hardware such as Intel E830 adapters. The bug, introduced by commit e1168f0 ('RDMA/iwcm: Simplify cm_event_handler()'), causes workqueue list corruption when iwcm_work items from a free list are reused while still queued, triggering a kernel BUG and panic. No public exploit identified at time of analysis and EPSS exploitation probability is very low (0.02%, 5th percentile), despite a CVSS base score of 9.8. | CRITICAL | 9.8 | 0.0% | 49 |
|
| CVE-2025-24325 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated critical severity (CVSS 9.3), this vulnerability is low attack complexity. No vendor patch available. | CRITICAL | 9.3 | 0.0% | 47 |
No patch
|
| CVE-2026-20794 | Buffer overflow for the Intel(R) Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow an | CRITICAL | 9.3 | 0.0% | 47 |
No patch
|
| CVE-2026-20887 | Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged s | HIGH | 8.8 | 0.2% | 44 |
No patch
|
| CVE-2025-24484 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-24486 | Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-45945 | Race condition in the Linux kernel's Intel VT-d IOMMU driver allows a local low-privileged attacker to trigger inconsistent PASID table state during domain replacement, potentially producing spurious IOMMU faults and unpredictable DMA behavior with cross-scope impact. The flaw stems from non-atomic updates to 512-bit PASID entries while the Present bit is set, and no public exploit identified at time of analysis despite a high CVSS score driven by the scope-changed local attack surface. | HIGH | 8.8 | 0.0% | 44 |
|
| CVE-2025-22836 | Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-24303 | Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-34459 | Stack buffer overflow in Sandboxie-Plus SbieSvc proxy service enables SYSTEM privilege escalation from sandboxed processes, including Security Hardened Sandboxes. Attackers chain an information disclosure (returning up to 32KB uninitialized stack memory with ASLR/stack cookie bypass) with an unbounded memcpy overflow in the GetRawInputDeviceInfoSlave IPC handler. Intel CET shadow stacks block ROP exploitation but not the information leak itself. Vendor-released patch available in version 1.17.3. No public exploit identified at time of analysis, but attack complexity is rated high (AC:H) with low privilege requirements (PR:L), making this viable for motivated attackers targeting sandbox environments. | HIGH | 8.8 | 0.0% | 44 |
|
| CVE-2025-22893 | Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2025-25273 | Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 8.8). No vendor patch available. | HIGH | 8.8 | 0.0% | 44 |
No patch
|
| CVE-2026-40618 | Traffic Management Microkernel (TMM) crashes in F5 BIG-IP Virtual Edition and hardware platforms when SSL profiles are configured without hardware crypto acceleration, allowing remote unauthenticated attackers to cause denial of service via undisclosed traffic patterns. CVSS 7.5 (High) with network attack vector and no prerequisites. EPSS data not provided, no CISA KEV listing identified, indicating theoretical rather than observed exploitation. Vendor patch available per F5 advisory K000158082. | HIGH | 8.7 | 0.1% | 44 |
|
| CVE-2025-35990 | Improper input validation for some Intel Endpoint Management Assistant (EMA) software before version 1.14.5 within Ring 3: User Applications may allow | HIGH | 8.7 | 0.0% | 44 |
No patch
|
| CVE-2026-20767 | Improper input validation for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalat | HIGH | 8.5 | 0.0% | 43 |
No patch
|