PULSE
LIVE16signals / 24h
FEED
ransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technologyransomincransom reclama a D.MAG New Material Technology Co., Ltd. Taiwan Giant · TW · Manufacturingransomincransom reclama a vedan corp · VN · Agriculture and Food Productionransomincransom reclama a reatile.co.za · ZA · Not Foundransomincransom reclama a V&P Nurseries · US · Agriculture and Food Productionransomqilin reclama a Powder River Heating & Air Conditioning · US · Consumer Servicesransomqilin reclama a Droguería Martorani · AR · Consumer Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomincransom reclama a v-silicon.com · TW · Technologyransomincransom reclama a FAST.COM.PH · PH · Technologyransomincransom reclama a D.MAG New Material Technology Co., Ltd. Taiwan Giant · TW · Manufacturingransomincransom reclama a vedan corp · VN · Agriculture and Food Productionransomincransom reclama a reatile.co.za · ZA · Not Foundransomincransom reclama a V&P Nurseries · US · Agriculture and Food Productionransomqilin reclama a Powder River Heating & Air Conditioning · US · Consumer Servicesransomqilin reclama a Droguería Martorani · AR · Consumer Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturing
CVE Watch349,429 in full archive

Vulnerabilities exploitable today

349,429in current view

Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.

In KEV catalog1,647
New KEV · 24H0
Exploit Today ≥ 701,582

Distribution · last window

  • Critical
    1,327
  • High
    4,319
  • Medium
    3,691
  • Low
    289
Filters

Window

Severity

Flags

Vulnerabilities346,561–346,600 · 349,429
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-57438
0.7%
0
CVE-2023-42741
0.7%
0
CVE-2021-0875
0.7%
0
CVE-2021-0874
0.7%
0
CVE-2025-7007
0.7%
0
CVE-2025-48566
0.7%
0
CVE-2025-32331
0.7%
0
CVE-2026-409527.8 HIG
0.7%
0CVE-2026-40952 is a privilege misconfiguration in the Secure Access installer for the Windows client and server prior to version 14.55. Attackers with local access to the client or server can use it to elevate privileges to Administrator when Secure Access is installed in a non-default location.2d
CVE-2026-415152.5 LOW
0.7%
0OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.9.0 and prior to version 4.11.0, the RSA-OAEP decryption implementation in the NXP CAAM crypto driver uses non-constant-time `memcmp()` for label hash verification and has multiple distinguishable error paths. This creates a Manger-style padding oracle that allows an attacker to recover RSA-OAEP plaintext with approximately 1000-2000 adaptive chosen ciphertext queries. Version 4.11.0 contains a patch. As a workaround, disable the NXP CAAM RSA driver with `CFG_CRYPTO_DRV_RSA=n`.11d
CVE-2025-21060
0.7%
0
CVE-2025-54638
0.7%
0
CVE-2025-46587
0.7%
0
CVE-2026-33565
0.7%
0
CVE-2026-40385
0.7%
0
CVE-2025-7214
0.7%
0
CVE-2025-46588
0.7%
0
CVE-2025-13668
0.7%
0
CVE-2025-48565
0.7%
0
CVE-2023-32808
0.7%
0
CVE-2023-32810
0.7%
0
CVE-2023-32809
0.7%
0
CVE-2026-0032
0.7%
0
CVE-2026-53820
0.7%
0
CVE-2026-561174.7 MED
0.7%
0dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket and send a privileged command such as -x, causing control_recvdata() to free the client object while the same READ+HANGUP event subsequently reaches control_hangup() with the stale pointer, resulting in a use-after-free condition exploitable in deployments using --disable-privsep or where privsep initialization has failed with the control socket operating in mode 0666.3d
CVE-2025-22422
0.7%
0
CVE-2025-7215
0.7%
0
CVE-2022-26436
0.7%
0
CVE-2022-50277
0.7%
0
CVE-2026-133223.8 LOW
0.7%
0A flaw was found in KubeVirt's downward metrics virtio-serial server. The server reads guest requests using textproto.Reader.ReadLine(), which buffers input indefinitely until a newline character is received, with no length limit or read deadline. A user with access to a VM guest that has the downward metrics virtio-serial device configured can write a continuous byte stream to the device, causing unbounded memory allocation in the virt-handler process until it is OOM-killed.12d
CVE-2026-23856
0.7%
0
CVE-2025-38311
0.7%
0
CVE-2024-47030
0.7%
0
CVE-2025-48585
0.7%
0
CVE-2026-8148
0.7%
0
CVE-2022-42533
0.7%
0
CVE-2021-0884
0.7%
0
CVE-2023-20850
0.7%
0
CVE-2021-0885
0.7%
0
CVE-2025-48531
0.7%
0
CVE-2026-0007
0.7%
0