Vulnerabilities exploitable today
349,427in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,647
New KEV · 24H0
Exploit Today ≥ 701,582
Distribution · last window
- Critical1,327
- High4,319
- Medium3,685
- Low289
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2009-3023—99.8%
——30——CVE-2008-0226—99.8%
——30——CVE-2022-1329—99.8%
——30——CVE-2012-1461—99.8%
——30——CVE-2009-0545—99.8%
——30——CVE-2017-7615—99.8%
——30——CVE-2023-32563—99.8%
——30——CVE-2023-46264—99.8%
——30——CVE-2015-3824—99.8%
——30——CVE-2001-0333—99.8%
——30——CVE-2022-1707—99.8%
——30——CVE-2014-0054—99.8%
——30——CVE-2007-0071—99.8%
——30——CVE-2017-16806—99.8%
——30——CVE-2022-30522—99.8%
——30——CVE-2016-6600—99.8%
——30——CVE-2023-6875—99.8%
——30——CVE-2022-21371—99.8%
——30——CVE-2020-27871—99.8%
——30——CVE-2024-45216—99.8%
——30——CVE-2023-45288—99.8%
——30——CVE-2024-9047—99.8%
——30——CVE-2021-46065—99.8%
——30——CVE-2017-12636—99.8%
——30——CVE-2019-9193—99.8%
——30——CVE-2019-11479—99.8%
——30——CVE-2022-36553—99.8%
——30——CVE-2023-2947—99.8%
——30——CVE-2011-3368—99.8%
——30——CVE-2016-7547—99.8%
——30——CVE-2006-2372—99.8%
——30——CVE-2000-0402—99.8%
——30——CVE-2015-5477—99.8%
——30——CVE-2023-37582—99.8%
——30——CVE-2026-435007.8 HIG99.8%
——30In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE
handler in rxrpc_verify_response() copy the skb to a linear one before
calling into the security ops only when skb_cloned() is true. An skb
that is not cloned but still carries externally-owned paged fragments
(e.g. SKBFL_SHARED_FRAG set by splice() into a UDP socket via
__ip_append_data, or a chained skb_has_frag_list()) falls through to
the in-place decryption path, which binds the frag pages directly into
the AEAD/skcipher SGL via skb_to_sgvec().
Extend the gate to also unshare when skb_has_frag_list() or
skb_has_shared_frag() is true. This catches the splice-loopback vector
and other externally-shared frag sources while preserving the
zero-copy fast path for skbs whose frags are kernel-private (e.g. NIC
page_pool RX, GRO). The OOM/trace handling already in place is reused.3dCVE-2025-59528—99.8%
——30——CVE-2018-11759—99.8%
——30——CVE-2018-1207—99.8%
——30——CVE-2021-22962—99.8%
——30——CVE-2015-5531—99.8%
——30——