Vulnerabilities exploitable today
349,130in current view
Single score combining CVSS, KEV membership and EPSS. Every CVE with its own record — timeline from publication to active exploitation.
In KEV catalog1,644
New KEV · 24H0
Exploit Today ≥ 701,579
Distribution · last window
- Critical1,293
- High4,219
- Medium3,544
- Low277
Window
Severity
Flags
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2026-24508—0.0%
——0——CVE-2025-66327—0.0%
——0——CVE-2025-66328—0.0%
——0——CVE-2026-58125——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.7dCVE-2026-49945——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.8dCVE-2025-47332—0.0%
——0——CVE-2026-213845.3 MED0.0%
——0Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits.9dCVE-2026-213695.3 MED0.0%
——0Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification.9dCVE-2025-66333—0.0%
——0——CVE-2026-58212——
——0Rejected reason: Further research determined the issue is not a vulnerability based on CNA Rule 4.1.12 The act of updating Product dependencies MUST NOT be determined to be a Vulnerability, regardless of whether the dependencies have Vulnerabilities.8dCVE-2025-47407—0.0%
——0——CVE-2026-47105——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.16dCVE-2026-11950——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.15dCVE-2022-33724—0.0%
——0——CVE-2026-20438—0.0%
——0——CVE-2026-61710——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61453. Reason: This candidate is a duplicate of CVE-2026-61453. Notes: All CVE users should reference CVE-2026-61453 instead of this candidate.1dCVE-2026-213705.3 MED0.0%
——0Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values.9dCVE-2026-45576——
——0zrok is software for sharing web services, files, and network resources. From 0.4.23 until 2.0.3, `zrok2 copy` stores attacker-controlled WebDAV or zrok drive paths such as /../outside.txt in the source inventory and passes them to FilesystemTarget.WriteStream, allowing the sync pipeline to write files outside the selected local filesystem destination root. This issue is fixed in version 2.0.3.6hCVE-2026-33697—0.0%
——0——CVE-2025-64313—0.0%
——0——CVE-2023-20914—0.0%
——0——CVE-2026-61606——
——0Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-61457. Reason: This candidate is a duplicate of CVE-2026-61457. Notes: All CVE users should reference CVE-2026-61457 instead of this candidate.1dCVE-2026-45568——
——0zrok is software for sharing web services, files, and network resources. Prior to 2.0.3, zrok's Python SDK ProxyShare Flask proxy route accepts an absolute URL in the request path and passes it to urllib.parse.urljoin, allowing the requested path to replace the configured target host and causing requests.request to return a server-side response from an attacker-chosen URL. This issue is fixed in version 2.0.3.6hCVE-2026-456125.5 MED—
——0rz-libdemangle is a Rizin library for demangling symbols. Prior to 6bf56d3, the Rust demangler in src/rust/rust_v0.c can perform an out-of-bounds read when the demangler structure is not yet initialized. This issue is fixed in commit 6bf56d3.5hCVE-2026-50268—0.0%
——0——CVE-2026-213685.3 MED0.0%
——0Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks.9dCVE-2026-49946——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.8dCVE-2026-50238——
——0Rejected reason: Red Hat Product Security has concluded that this CVE is not required. The reported issue has been classified as a regular bug and will be addressed through the standard bug-fixing process.14dCVE-2023-20940—0.0%
——0——CVE-2026-49944——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.8dCVE-2025-36916—0.0%
——0——CVE-2026-32317—0.0%
——0——CVE-2026-0121—0.0%
——0——CVE-2026-14286——
——0Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.6dCVE-2026-24349—0.0%
——0——CVE-2026-28551—0.0%
——0——CVE-2026-28549—0.0%
——0——CVE-2025-59610—0.0%
——0——CVE-2026-0112—0.0%
——0——CVE-2025-15065—0.0%
——0——