Vulnerabilities exploitable today
349,427in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,647
New KEV · 24H0
Exploit Today ≥ 701,582
Distribution · last window
- Critical1,327
- High4,319
- Medium3,685
- Low289
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2025-53755—0.6%
——0——CVE-2025-67860—0.6%
——0——CVE-2021-0934—0.6%
——0——CVE-2023-20952—0.6%
——0——CVE-2024-43108—0.6%
——0——CVE-2026-148675.5 MED0.6%
——0Credentials of built-in users are insecurely stored in the User directory of PcVue projects, all versions prior to 17.0.0. A local attacker could retrieve users’ credentials.
Active Directory accounts are not affected by this vulnerability.8dCVE-2021-0897—0.6%
——0——CVE-2023-21145—0.6%
——0——CVE-2026-28716—0.6%
——0——CVE-2024-25986—0.6%
——0——CVE-2026-462525.5 MED0.6%
——0In the Linux kernel, the following vulnerability has been resolved:
regulator: core: fix locking in regulator_resolve_supply() error path
If late enabling of a supply regulator fails in
regulator_resolve_supply(), the code currently triggers a lockdep
warning:
WARNING: drivers/regulator/core.c:2649 at _regulator_put+0x80/0xa0, CPU#6: kworker/u32:4/596
...
Call trace:
_regulator_put+0x80/0xa0 (P)
regulator_resolve_supply+0x7cc/0xbe0
regulator_register_resolve_supply+0x28/0xb8
as the regulator_list_mutex must be held when calling _regulator_put().
To solve this, simply switch to using regulator_put().
While at it, we should also make sure that no concurrent access happens
to our rdev while we clear out the supply pointer. Add appropriate
locking to ensure that.
While the code in question will be removed altogether in a follow-up
commit, I believe it is still beneficial to have this corrected before
removal for future reference.14dCVE-2025-48622—0.6%
——0——CVE-2024-20012—0.6%
——0——CVE-2023-20980—0.6%
——0——CVE-2021-0975—0.6%
——0——CVE-2025-48540—0.6%
——0——CVE-2025-47398—0.6%
——0——CVE-2023-21083—0.6%
——0——CVE-2022-20328—0.6%
——0——CVE-2026-35354—0.6%
——0——CVE-2026-47327—0.6%
——0——CVE-2025-68964—0.6%
——0——CVE-2026-32803—0.6%
——0——CVE-2025-68333—0.6%
——0——CVE-2026-6737—0.6%
——0——CVE-2026-40186.4 MED0.6%
——0TOCTOU Race Condition in specific trace commands of the TraceEvent() system call could allow an attacker with local access and with the PROCMGR_AID_TRACE ability, to cause information disclosure, data tampering or a crash of the QNX Neutrino kernel.2dCVE-2025-44002—0.6%
——0——CVE-2023-20802—0.6%
——0——CVE-2025-57840—0.6%
——0——CVE-2022-20230—0.6%
——0——CVE-2023-20839—0.6%
——0——CVE-2023-21225—0.6%
——0——CVE-2023-20934—0.6%
——0——CVE-2023-23588—0.6%
——0——CVE-2025-38158—0.6%
——0——CVE-2022-20274—0.6%
——0——CVE-2024-27209—0.6%
——0——CVE-2026-13502—0.6%
——0——CVE-2023-20747—0.6%
——0——CVE-2023-32839—0.6%
——0——