88
CVEs
13
Critical
43
High
0
KEV
20
PoC
17
Unpatched C/H
63.6%
Patch Rate
2.7%
Avg EPSS
Severity Breakdown
CRITICAL
13
HIGH
43
MEDIUM
25
LOW
5
Monthly CVE Trend
Affected Products (30)
Docker
12
Kubernetes
10
PHP
8
Command Injection
6
Nginx Ui
4
Modsecurity
3
Nginx Plus
3
Request Smuggling
2
Nginx Open Source
2
Java
2
OpenSSL
2
Heap Overflow
2
Ubuntu
2
Tinyweb
2
Python
2
Integer Overflow
1
Nginx Instance Manager
1
Cpp Httplib
1
Nginx Unit
1
Kan
1
Virtual Appliance Application
1
Open Security Issue Management
1
Race Condition
1
Frappe
1
Virtual Appliance Host
1
Null Pointer Dereference
1
Roxy Wi
1
Github
1
Termix
1
Lua Nginx Module
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-1098 | Kubernetes ingress-nginx contains a configuration injection vulnerability via the mirror-target and mirror-host Ingress annotations. Attackers can inject arbitrary NGINX configuration directives that lead to code execution in the ingress controller context, exposing cluster Secrets. This is a companion vulnerability to CVE-2025-1974 (IngressNightmare). | HIGH | 8.8 | 49.9% | 114 |
PoC
|
| CVE-2025-24514 | A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.0%. | HIGH | 8.8 | 23.0% | 87 |
PoC
|
| CVE-2025-1097 | A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 20.8%. | HIGH | 8.8 | 20.8% | 85 |
PoC
|
| CVE-2026-27944 | Unauthenticated backup download and RCE in Nginx UI before 2.3.3. EPSS 1.0%. PoC available. | CRITICAL | 9.8 | 1.0% | 70 |
PoC
|
| CVE-2024-13869 | The Migration, Backup, Staging - WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_files' function in all. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.7%. | HIGH | 7.2 | 10.7% | 67 |
PoC
|
| CVE-2025-34203 | Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 (VA and SaaS deployments) contain multiple Docker containers that. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available. | CRITICAL | 9.3 | 0.1% | 67 |
PoC
No patch
|
| CVE-2025-59951 | Docker default credentials in Termix server management. PoC and patch available. | CRITICAL | 9.1 | 0.1% | 66 |
PoC
|
| CVE-2024-33452 | An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available. | HIGH | 7.7 | 0.7% | 59 |
PoC
No patch
|
| CVE-2025-46728 | cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available. | HIGH | 7.5 | 1.0% | 59 |
PoC
|
| CVE-2025-48866 | ModSecurity versions prior to 2.9.10 contain a denial of service vulnerability in the `sanitiseArg` and `sanitizeArg` actions that allows unauthenticated remote attackers to cause service disruption by submitting requests with an excessive number of arguments. This is a network-accessible DoS vulnerability with high impact on availability that affects widely-deployed WAF deployments across Apache, IIS, and Nginx platforms. | HIGH | 7.5 | 0.4% | 58 |
PoC
|
| CVE-2026-22265 | Authenticated command injection in Roxy-WI versions prior to 8.2.8.2 enables attackers to execute arbitrary system commands through improper sanitization of the grep parameter in log viewing functionality. Public exploit code exists for this vulnerability, affecting users managing HAProxy, Nginx, Apache, and Keepalived servers through the web interface. A patch is available in version 8.2.8.2 and later. | HIGH | 7.5 | 0.2% | 58 |
PoC
|
| CVE-2025-5961 | The Migration, Backup, Staging - WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpvivid_upload_import_files' function in all versions up to, and including, 0.9.116. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. NOTE: Uploaded files are only accessible on WordPress instances running on the NGINX web server as the existing .htaccess within the target file upload folder prevents access on Apache servers. | HIGH | 7.2 | 1.3% | 57 |
PoC
|
| CVE-2026-33494 | Ory Oathkeeper, an identity and access proxy, contains an authorization bypass vulnerability via HTTP path traversal that allows attackers to access protected resources without authentication. The vulnerability affects Ory Oathkeeper installations where the software uses un-normalized paths for rule matching, enabling requests like '/public/../admin/secrets' to bypass authentication requirements. With a CVSS score of 10.0 (Critical) and network-based exploitation requiring no privileges or user interaction, this represents a severe authentication bypass, though no current EPSS score or KEV listing indicates limited evidence of active exploitation at this time. | CRITICAL | 10.0 | 0.0% | 50 |
|
| CVE-2026-33502 | An unauthenticated server-side request forgery (SSRF) vulnerability exists in AVideo's Live plugin test.php endpoint that allows remote attackers to force the server to send HTTP requests to arbitrary URLs. The vulnerability affects AVideo installations with the Live plugin enabled and can be exploited to probe internal network services, access cloud metadata endpoints, and retrieve content from internal HTTP resources. A proof-of-concept has been published demonstrating localhost service enumeration, and the vulnerability requires no authentication or user interaction to exploit. | CRITICAL | 9.3 | 3.0% | 50 |
|
| CVE-2026-23837 | MyTube self-hosted video downloader has an authorization bypass (CVSS 9.8) that allows unauthenticated access to administrative functions in versions 1.7.65 and prior. | CRITICAL | 9.8 | 0.3% | 49 |
|