PULSE
LIVE18signals / 24h
FEED
ransomkrybit reclama a euroins.bg · BG · Financial Servicesransomnova reclama a FMZ Tecnologia em Sistemas · BR · Technologyransomqilin reclama a Heartland Catfish · US · Agriculture and Food Productionransomqilin reclama a Salina Supply · US · Business Servicesransomqilin reclama a St Martha Catholic Church · US · Consumer Servicesransomqilin reclama a The Nueva School · US · Educationransomdragonforce reclama a NewNet · SA · Telecommunicationransomqilin reclama a Sicc · IT · Not Foundransomqilin reclama a KLD Labs · US · Technologyransomqilin reclama a Armara · FR · Not Foundransomqilin reclama a AK Preparedness · Business Servicesransomthreeam reclama a tws-tac.net · DE · Not Foundransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technologyransomkrybit reclama a euroins.bg · BG · Financial Servicesransomnova reclama a FMZ Tecnologia em Sistemas · BR · Technologyransomqilin reclama a Heartland Catfish · US · Agriculture and Food Productionransomqilin reclama a Salina Supply · US · Business Servicesransomqilin reclama a St Martha Catholic Church · US · Consumer Servicesransomqilin reclama a The Nueva School · US · Educationransomdragonforce reclama a NewNet · SA · Telecommunicationransomqilin reclama a Sicc · IT · Not Foundransomqilin reclama a KLD Labs · US · Technologyransomqilin reclama a Armara · FR · Not Foundransomqilin reclama a AK Preparedness · Business Servicesransomthreeam reclama a tws-tac.net · DE · Not Foundransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technology
CVE Watch349,507 in full archive

Vulnerabilities exploitable today

349,507in current view

Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.

In KEV catalog1,647
New KEV · 24H0
Exploit Today ≥ 701,582

Distribution · last window

  • Critical
    1,331
  • High
    4,364
  • Medium
    3,727
  • Low
    291
Filters

Window

Severity

Flags

Vulnerabilities345,921–345,960 · 349,507
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-20064
1.0%
0
CVE-2026-9987
1.0%
0
CVE-2025-46696
1.0%
0
CVE-2026-46157
1.0%
0
CVE-2024-39819
1.0%
0
CVE-2023-42728
1.0%
0
CVE-2023-21241
1.0%
0
CVE-2025-15037
1.0%
0
CVE-2026-46256
1.0%
0
CVE-2025-52540
1.0%
0
CVE-2026-42479
1.0%
0
CVE-2025-48578
1.0%
0
CVE-2024-56193
1.0%
0
CVE-2026-32043
1.0%
0
CVE-2025-60791
1.0%
0
CVE-2025-0044
1.0%
0
CVE-2024-40593
1.0%
0
CVE-2021-39747
1.0%
0
CVE-2025-0280
1.0%
0
CVE-2026-34854
1.0%
0
CVE-2023-33883
1.0%
0
CVE-2026-8863
1.0%
0
CVE-2026-622365.4 MED
1.0%
0grav-plugin-login before 3.8.11 contains a cross-site request forgery (CSRF) vulnerability in the login.regenerate2FASecret frontend task, which regenerates and persists a new TOTP secret for the authenticated session user without any anti-CSRF nonce or Origin/Referer check. Because Grav core dispatches the task from the GET 'task:' URI parameter and the default session cookie is SameSite=Lax, an attacker can lure a logged-in victim to an off-site page that performs a top-level GET navigation, rotating the victim's TOTP secret so their enrolled authenticator no longer matches the server, effectively forcing 2FA re-enrollment. Sites configured with session.samesite: Strict are not affected.1d
CVE-2024-0041
1.0%
0
CVE-2023-33900
1.0%
0
CVE-2022-23427
1.0%
0
CVE-2026-41009
1.0%
0
CVE-2026-5420
1.0%
0
CVE-2022-21777
1.0%
0
CVE-2025-20640
1.0%
0
CVE-2026-4242
1.0%
0
CVE-2025-68083
1.0%
0
CVE-2024-42033
1.0%
0
CVE-2025-54646
1.0%
0
CVE-2025-53103
1.0%
0
CVE-2025-68082
1.0%
0
CVE-2026-45942
1.0%
0
CVE-2022-21763
1.0%
0
CVE-2022-32653
1.0%
0
CVE-2021-0943
1.0%
0