Vulnerabilities exploitable today
349,216in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,299
- High4,252
- Medium3,580
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2023-48343—0.3%
——0——CVE-2024-32901—0.3%
——0——CVE-2024-32927—0.3%
——0——CVE-2023-48349—0.3%
——0——CVE-2023-48344—0.3%
——0——CVE-2024-56186—0.3%
——0——CVE-2023-28576—0.3%
——0——CVE-2025-46636—0.3%
——0——CVE-2023-52350—0.3%
——0——CVE-2023-38439—0.3%
——0——CVE-2025-20780—0.3%
——0——CVE-2022-25716—0.3%
——0——CVE-2025-27053—0.3%
——0——CVE-2025-27054—0.3%
——0——CVE-2024-40659—0.3%
——0——CVE-2024-20110—0.3%
——0——CVE-2023-38554—0.3%
——0——CVE-2024-20134—0.3%
——0——CVE-2024-20135—0.3%
——0——CVE-2022-48457—0.3%
——0——CVE-2022-48459—0.3%
——0——CVE-2025-36905—0.3%
——0——CVE-2022-39856—0.3%
——0——CVE-2018-9449—0.3%
——0——CVE-2025-36522—0.3%
——0——CVE-2025-47349—0.3%
——0——CVE-2024-47017—0.3%
——0——CVE-2023-40638—0.3%
——0——CVE-2025-36105—0.3%
——0——CVE-2023-33917—0.3%
——0——CVE-2023-48348—0.3%
——0——CVE-2022-48448—0.3%
——0——CVE-2024-20086—0.3%
——0——CVE-2024-39429—0.3%
——0——CVE-2023-20726—0.3%
——0——CVE-2024-39430—0.3%
——0——CVE-2024-20087—0.3%
——0——CVE-2026-499585.0 MED0.3%
——0Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function within api/workspace_git.py that allows attackers to delete files outside the configured workspace boundary by replacing a validated path component with a symlink after validation but before deletion. Attackers can substitute a workspace-controlled path component with a symlink pointing to an external directory between the safe_resolve_ws() validation step and the subsequent Path.unlink() or shutil.rmtree() deletion call, causing the delete operation to follow the symlink and remove arbitrary files outside the workspace.3dCVE-2026-155515.5 MED0.3%
——0Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Overflow Buffers.
This issue affects .4dCVE-2023-33906—0.2%
——0——