2
CVEs
0
Critical
2
High
0
KEV
0
PoC
2
Unpatched C/H
0.0%
Patch Rate
0.0%
Avg EPSS
Severity Breakdown
CRITICAL
0
HIGH
2
MEDIUM
0
LOW
0
Monthly CVE Trend
Top Risky CVEs
| CVE | Summary | Severity | CVSS | EPSS | Priority | Signals |
|---|---|---|---|---|---|---|
| CVE-2025-66314 | Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 on Linux allows Accessing Functionality Not Properly Constrained by ACLs.23.20.04. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available. | HIGH | 7.5 | 0.0% | 38 |
No patch
|
| CVE-2026-34472 | Unauthenticated credential disclosure in ZTE ZXHN H188A routers (versions V6.0.10P2_TE and V6.0.10P3N3_TE) allows local network attackers to retrieve sensitive credentials including default administrator passwords, WLAN PSK, and PPPoE credentials via the wizard interface, with some cases enabling unauthenticated configuration changes. No CVSS or EPSS data is available, and KEV status is unconfirmed; however, a publicly available technical analysis exists on GitHub indicating detailed exploitation methodology. | HIGH | 7.1 | 0.0% | 36 |
No patch
|