Vulnerabilities exploitable today
9,869in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,283
- High4,187
- Medium3,505
- Low268
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-61839——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61451. Reason: This candidate is a duplicate of CVE-2026-61451. Notes: All CVE users should reference CVE-2026-61451 instead of this candidate.1dCVE-2026-61829——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61452. Reason: This candidate is a duplicate of CVE-2026-61452. Notes: All CVE users should reference CVE-2026-61452 instead of this candidate.1dCVE-2026-61710——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61453. Reason: This candidate is a duplicate of CVE-2026-61453. Notes: All CVE users should reference CVE-2026-61453 instead of this candidate.1dCVE-2026-61606——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61457. Reason: This candidate is a duplicate of CVE-2026-61457. Notes: All CVE users should reference CVE-2026-61457 instead of this candidate.1dCVE-2026-201577.5 HIG0.0%
——0As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities.
The vulnerabilities tracked by CVE-2026-20157 are related to missing encryption that are grouped under the Common Weakness Enumeration (CWE) Pillar CWE-311.1dCVE-2026-61605——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-58655. Reason: This candidate is a duplicate of CVE-2026-58655. Notes: All CVE users should reference CVE-2026-58655 instead of this candidate.1dCVE-2026-62175——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-60091. Reason: This candidate is a duplicate of CVE-2026-60091. Notes: All CVE users should reference CVE-2026-60091 instead of this candidate.1dCVE-2026-8281——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.1dCVE-2026-58461——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.2dCVE-2026-58407——
——0Rejected reason: Please submit CVE requests for each vulnerability.3dCVE-2026-61692——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61454. Reason: This candidate is a duplicate of CVE-2026-61454. Notes: All CVE users should reference CVE-2026-61454 instead of this candidate.3dCVE-2026-14286——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.6dCVE-2026-14278——
——0Rejected reason: After further coordination, CVE was determined to not be warranted.7dCVE-2026-58125——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.7dCVE-2026-58212——
——0Rejected reason: Further research determined the issue is not a vulnerability based on CNA Rule 4.1.12 The act of updating Product dependencies MUST NOT be determined to be a Vulnerability, regardless of whether the dependencies have Vulnerabilities.8dCVE-2026-49946——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.8dCVE-2026-49945——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.8dCVE-2026-49944——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.8dCVE-2026-148685.5 MED0.0%
——0The encryption algorithm used to protect the configuration of user accounts, stored in the built-in user directory of PcVue projects, all versions prior to 17.0.0, is not strong enough for the level of protection required. A local attacker could alter the existing configuration and ultimately gain privileged access to the PcVue application.7dCVE-2026-54709——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-54637. Reason: This candidate is a duplicate of CVE-2026-54637. Notes: All CVE users should reference CVE-2026-54637 instead of this candidate.10dCVE-2026-252717.8 HIG0.0%
——0Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use.9dCVE-2026-213845.3 MED0.0%
——0Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits.9dCVE-2026-213705.3 MED0.0%
——0Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values.9dCVE-2026-213695.3 MED0.0%
——0Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification.9dCVE-2026-213685.3 MED0.0%
——0Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks.9dCVE-2026-50238——
——0Rejected reason: Red Hat Product Security has concluded that this CVE is not required. The reported issue has been classified as a regular bug and will be addressed through the standard bug-fixing process.13dCVE-2026-11950——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.15dCVE-2026-12374—0.0%
——0Improper certificate validation and a time-of-check time-of-use (TOCTOU) race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller verification and a symlink swap during package installation.14dCVE-2026-47105——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.16d