2370
CVEs
82
Critical
600
High
1
KEV
41
PoC
43
Unpatched C/H
92.8%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
82
HIGH
600
MEDIUM
854
LOW
8
Monthly CVE Trend
Affected Products (30)
Linux Kernel
2958
Ubuntu
715
Debian Linux
388
Windows
85
Db2
20
Android
12
Windows Server 2025
12
Windows 11 24h2
11
macOS
11
Exynos 1580 Firmware
10
Dx Netops Spectrum
10
Exynos 1330 Firmware
10
Windows 11 25h2
10
Windows Server 2022
10
Exynos 1380 Firmware
10
Windows Server 2022 23h2
10
Exynos 1480 Firmware
10
Exynos W920 Firmware
9
Exynos 980 Firmware
9
Exynos 1280 Firmware
9
Exynos 1080 Firmware
9
Windows 11 23h2
9
Exynos W930 Firmware
9
Exynos 850 Firmware
9
Exynos W1000 Firmware
9
Cyber Protect
8
Windows 10 22h2
8
Chrome
8
Windows 10 21h2
8
Windows Server 2016
7
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-31431 | Memory corruption in Linux kernel's algif_aead cryptographic interface allows local authenticated users to achieve arbitrary kernel memory read/write, leading to privilege escalation to root. The vulnerability stems from improper handling of in-place operations introduced in commit 72548b093ee3, affecting kernel versions from 4.14 through 6.19.x. Multiple public exploit codes exist including proof-of-concept demonstrations from security researchers, with EPSS score of 0.01% indicating currently low widespread exploitation likelihood despite POC availability. | HIGH | 7.8 | 0.0% | 109 |
KEV
PoC
|
| CVE-2026-26068 | Command injection in emp3r0r C2 framework before 3.21.1. Untrusted agent metadata (Transport, Hostname) injected into commands. PoC and patch available. EPSS 0.61%. | CRITICAL | 9.9 | 0.6% | 70 |
PoC
|
| CVE-2026-29128 | Plaintext daemon credentials in IDC SFX2100 routing config files (zebra, bgpd, ospfd, ripd). CVSS 10.0. PoC available. | CRITICAL | 10.0 | 0.0% | 70 |
PoC
No patch
|
| CVE-2021-47796 | Denver SHC-150 Smart WiFi Camera has hardcoded telnet credentials on port 23, providing unauthenticated root shell access. PoC available. | CRITICAL | 9.8 | 0.1% | 69 |
PoC
No patch
|
| CVE-2026-23873 | HUSTOJ online judge system has a CSV injection vulnerability in all versions that allows code execution through crafted submissions exported to spreadsheets. | CRITICAL | 9.0 | 0.0% | 65 |
PoC
No patch
|
| CVE-2025-66210 | A command injection vulnerability in Coolify's Database Import functionality allows authenticated users with application/service management permissions to execute arbitrary system commands as root on managed servers. The vulnerability stems from unsanitized database names being passed directly to shell commands, enabling full remote code execution. A public proof-of-concept exploit is available, and with an EPSS score of 0.41% (61st percentile), this represents a moderate real-world exploitation risk for organizations using vulnerable Coolify versions. | HIGH | 8.8 | 0.4% | 64 |
PoC
No patch
|
| CVE-2026-43284 | Use-after-free in Linux kernel ESP (IPsec) allows local authenticated attackers to decrypt shared memory fragments improperly, potentially exposing encrypted network traffic or causing memory corruption. Affects kernel versions 6.5+ where MSG_SPLICE_PAGES can attach pipe pages directly to UDP socket buffers. The IPv4/IPv6 datagram paths fail to mark spliced pages as shared, causing ESP input decryption to modify memory not privately owned by the packet buffer. Public exploit code exists (POC available on GitHub), EPSS score is low (0.01%) indicating limited widespread exploitation risk, and vendor patches are available across affected stable kernel branches (6.6.138, 6.12.87, 6.18.28, 7.0.5). | HIGH | 8.8 | 0.0% | 64 |
PoC
|
| CVE-2026-27212 | Prototype pollution in Swiper versions 6.5.1 through 12.1.1 allows local authenticated attackers to manipulate Object.prototype through improperly validated user input, enabling authentication bypass, denial of service, and remote code execution. Public exploit code exists for this vulnerability, which affects applications on Linux and Windows using Node.js or Bun runtimes. A patch is available and should be applied immediately to affected systems processing untrusted input. | HIGH | 7.8 | 0.1% | 59 |
PoC
|
| CVE-2026-46300 | Local privilege escalation in Linux kernel XFRM ESP-in-TCP subsystem (Fragnesia vulnerability) allows authenticated local attackers to overwrite kernel memory structures by exploiting arbitrary byte writes into the kernel page cache of read-only files. CVSS score of 7.8 reflects high impact across confidentiality, integrity, and availability. Low attack complexity (AC:L) and no user interaction requirement (UI:N) make this exploitable by any local user with basic privileges. No confirmed active exploitation (not in CISA KEV) or public proof-of-concept identified at time of analysis, but the specific vulnerability name 'Fragnesia' suggests coordinated disclosure with security research community. | HIGH | 7.8 | 0.0% | 59 |
PoC
|
| CVE-2026-23233 | F2FS swapfile memory corruption in Linux kernel 6.6+ allows local attackers with user privileges to cause data corruption through improper physical block mapping when using fragmented swapfiles smaller than the F2FS section size. Public exploit code exists for this vulnerability, and attackers can trigger dm-verity corruption errors or F2FS node corruption leading to system crashes and data loss. No patch is currently available. | HIGH | 7.8 | 0.0% | 59 |
PoC
|
| CVE-2025-70616 | A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. [CVSS 7.8 HIGH] | HIGH | 7.8 | 0.0% | 59 |
PoC
No patch
|
| CVE-2026-43500 | Buffer overflow in Linux kernel rxrpc subsystem allows local authenticated attackers to achieve arbitrary code execution with kernel privileges. The vulnerability stems from improper handling of shared fragment memory in DATA and RESPONSE packet processing, where the kernel fails to unshare externally-owned page fragments before in-place decryption operations. This creates a buffer overflow condition (CWE-787) exploitable by local users with low privileges. Patches are available for kernel versions 6.18.29, 7.0.6, and 7.1-rc3. EPSS and KEV status not provided in available data. | HIGH | 7.8 | 0.0% | 59 |
PoC
|
| CVE-2026-29123 | Local privilege escalation in IDC SFX2100 firmware affects Linux systems through a SUID binary vulnerable to PATH hijacking, symlink abuse, and shared object hijacking. A local attacker can exploit this to gain root-level privileges, and public exploit code is available. No patch is currently available to address this HIGH severity vulnerability. | HIGH | 7.8 | 0.0% | 59 |
PoC
No patch
|
| CVE-2020-37041 | OpenCTI 3.3.1 is vulnerable to a directory traversal attack via the static/css endpoint. An unauthenticated attacker can read arbitrary files from the filesystem by sending crafted GET requests with path traversal sequences (e.g., '../') in the URL. [CVSS 7.5 HIGH] | HIGH | 7.5 | 0.4% | 58 |
PoC
No patch
|
| CVE-2019-25291 | INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains hard-coded credentials in its Linux distribution image that cannot be changed through normal device operations. [CVSS 7.5 HIGH] | HIGH | 7.5 | 0.0% | 58 |
PoC
No patch
|