2
CVEs
0
Critical
2
High
0
KEV
0
PoC
0
Unpatched C/H
100.0%
Patch Rate
0.1%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
2
MEDIUM
0
LOW
0
Monthly CVE Trend
Affected Products (30)
Ex1200t Firmware
19
X15 Firmware
16
Archer Be230 Firmware
11
Archer Ax53 Firmware
10
T10 Firmware
7
A3002r Firmware
6
A3002ru Firmware
4
Archer Ax5400 Firmware
3
Archer Axe75 Firmware
3
Archer Ax3000 Firmware
3
IoT
3
A702r Firmware
3
Tl Wr841Nd Firmware
3
Deco X50 Firmware
2
Deco Xe200 Firmware
2
Tl Wr940n Firmware
2
N302r Plus Firmware
2
Tapo C260 Firmware
2
Tl Wr841Nd V11 Firmware
2
Deco Be25 Firmware
2
Wr841N Firmware
1
T6 Firmware
1
Tapo C200 Firmware
1
Archer C60 Firmware
1
Tapo D100C V1 0
1
Tapo H100 Firmware
1
Tapo L535E V1 0 V3 0
1
Tapo P100 Firmware
1
Tapo P300 V1 0
1
Tl Ipc544ep W4 Firmware
1
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2026-3294 | An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a lo | HIGH | 8.7 | 0.1% | 44 |
|
| CVE-2026-34126 | Cleartext Bluetooth transmission in TP-Link Tapo L535E, P300, and D100C devices allows adjacent attackers to intercept and manipulate initial setup data, enabling potential unauthorized device control during onboarding. The flaw stems from missing encryption on the Bluetooth pairing channel used only during initialization, and TP-Link has released patched firmware versions for all affected models. No public exploit identified at time of analysis, but the low complexity and absence of authentication make this a meaningful risk for users provisioning devices in dense urban or office environments. | HIGH | 7.3 | – | 36 |
|