Vulnerabilities exploitable today
349,445in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,647
New KEV · 24H0
Exploit Today ≥ 701,582
Distribution · last window
- Critical1,330
- High4,339
- Medium3,697
- Low289
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2023-20985—0.8%
——0——CVE-2026-118665.4 MED0.8%
——0The Appointment Booking Plugin WordPress plugin before 5.6.3 does not validate a CSRF nonce on several state-changing actions handled by its central request dispatcher, allowing attackers to perform privileged actions, such as overwriting the booking-form configuration or disconnecting the connected payment gateway, via Cross-Site Request Forgery against a logged-in administrator.2dCVE-2023-20993—0.8%
——0——CVE-2022-42528—0.8%
——0——CVE-2026-26095—0.8%
——0——CVE-2026-26096—0.8%
——0——CVE-2022-20180—0.8%
——0——CVE-2023-21006—0.8%
——0——CVE-2026-415142.5 LOW0.8%
——0OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.5.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the Hisilicon HPRE crypto driver uses non-constant-time `memcmp()` for label hash verification and has multiple distinguishable error paths. This creates a Manger-style padding oracle that allows an attacker to recover RSA-OAEP plaintext with approximately 1000-2000 adaptive chosen ciphertext queries. Only affects plat-d06 with `CFG_HISILICON_ACC_V3=y`, which seems to be disabled by default. Version 4.11.0 contains a patch. As a workaround, disable Hisilicon HPRE RSA driver with `CFG_HISILICON_ACC_V3=n`.11dCVE-2026-24986—0.8%
——0——CVE-2022-20353—0.8%
——0——CVE-2023-20936—0.8%
——0——CVE-2022-20288—0.8%
——0——CVE-2022-47491—0.8%
——0——CVE-2025-68955—0.8%
——0——CVE-2022-20291—0.8%
——0——CVE-2022-20287—0.8%
——0——CVE-2022-47489—0.8%
——0——CVE-2026-40951—0.8%
——0——CVE-2026-2324—0.8%
——0——CVE-2021-25476—0.8%
——0——CVE-2026-0541—0.8%
——0——CVE-2026-55961—0.8%
——0——CVE-2023-21254—0.8%
——0——CVE-2022-48374—0.8%
——0——CVE-2024-45566—0.8%
——0——CVE-2025-48544—0.8%
——0——CVE-2024-39575—0.8%
——0——CVE-2023-21017—0.8%
——0——CVE-2026-35345—0.8%
——0——CVE-2025-46691—0.8%
——0——CVE-2025-62117—0.8%
——0——CVE-2024-23707—0.8%
——0——CVE-2022-20357—0.8%
——0——CVE-2023-20982—0.8%
——0——CVE-2022-48373—0.8%
——0——CVE-2026-8035—0.8%
——0——CVE-2022-21791—0.8%
——0——CVE-2024-7142—0.8%
——0——CVE-2025-68956—0.8%
——0——