CYBERSIXT Signal Over Noise

CVE Tracker

Every vulnerability in the news, ranked by real-world risk.

Recent activityKnown exploitedCriticalHighest EPSS
CVE-2023-46805 8.2 High KEV Ransomware 65d ago

Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability

Ivanti Connect Secure and Policy Secure EPSS 94% 1 article
CVE-2024-1709 10 Critical KEV Ransomware 42d ago

ConnectWise ScreenConnect Authentication Bypass Vulnerability

ConnectWise ScreenConnect EPSS 94% 1 article
CVE-2017-0144 8.8 High KEV Ransomware 29d ago

Microsoft SMBv1 Remote Code Execution Vulnerability

Microsoft SMBv1 EPSS 94% 1 article
CVE-2023-1389 8.8 High KEV Ransomware 41d ago

TP-Link Archer AX-21 Command Injection Vulnerability

TP-Link Archer AX21 EPSS 93% 2 articles · 1 incident
CVE-2024-27198 9.8 Critical KEV Ransomware 64d ago

JetBrains TeamCity Authentication Bypass Vulnerability

JetBrains TeamCity EPSS 93% 1 article
CVE-2008-4250 9.8 Critical KEV Ransomware 20d ago

Microsoft Windows Buffer Overflow Vulnerability

Microsoft Windows EPSS 92% 4 articles
CVE-2022-26923 8.8 High KEV Ransomware 30d ago

Microsoft Active Directory Domain Services Privilege Escalation Vulnerability

Microsoft Active Directory EPSS 92% 1 article
CVE-2024-27199 7.3 High KEV Ransomware 50d ago

JetBrains TeamCity Relative Path Traversal Vulnerability

JetBrains TeamCity EPSS 91% 5 articles
CVE-2023-33538 8.8 High KEV Ransomware 51d ago

TP-Link Multiple Routers Command Injection Vulnerability

TP-Link Multiple Routers EPSS 91% 3 articles · 1 incident
CVE-2024-21182 7.5 High KEV 8d ago

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core).

Oracle WebLogic Server EPSS 90% 9 articles
CVE-2025-31161 9.8 Critical KEV Ransomware 64d ago

CrushFTP Authentication Bypass Vulnerability

CrushFTP CrushFTP EPSS 89% 1 article
CVE-2010-0249 8.8 High KEV Ransomware 20d ago

Microsoft Internet Explorer Use-After-Free Vulnerability

Microsoft Internet Explorer EPSS 89% 4 articles
CVE-2009-3459 8.8 High KEV Ransomware 20d ago

Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability

Adobe Acrobat and Reader EPSS 88% 4 articles
CVE-2010-0806 8.8 High KEV Ransomware 20d ago

Microsoft Internet Explorer Use-After-Free Vulnerability

Microsoft Internet Explorer EPSS 87% 4 articles
CVE-2025-59528 10 Critical 64d ago

Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution.

EPSS 85% 3 articles · 1 incident
CVE-2021-22555 8.3 High KEV Ransomware 34d ago

Linux Kernel Heap Out-of-Bounds Write Vulnerability

Linux Kernel EPSS 85% 1 article
CVE-2025-55182 10 Critical KEV Ransomware 34d ago

Meta React Server Components Remote Code Execution Vulnerability

Meta React Server Components EPSS 85% 6 articles · 1 incident
CVE-2024-1708 8.4 High KEV Ransomware 42d ago

ConnectWise ScreenConnect Path Traversal Vulnerability

ConnectWise ScreenConnect EPSS 85% 4 articles · 1 incident
CVE-2026-20182 10 Critical KEV Ransomware 23d ago

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

Cisco Catalyst SD-WAN EPSS 84% 9 articles
CVE-2026-23760 9.3 Critical KEV Ransomware 64d ago

SmarterTools SmarterMail Authentication Bypass Using an Alternate Path or Channel Vulnerability

SmarterTools SmarterMail EPSS 82% 1 article
CVE-2026-1281 9.8 Critical KEV Ransomware 33d ago

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) EPSS 82% 1 article
CVE-2022-0847 7.8 High KEV Ransomware 34d ago

Linux Kernel Privilege Escalation Vulnerability

Linux Kernel EPSS 81% 1 article
CVE-2026-39987 9.3 Critical KEV Ransomware 12d ago

Marimo Remote Code Execution Vulnerability

Marimo Marimo EPSS 81% 7 articles
CVE-2019-13272 7.8 High KEV Ransomware 34d ago

Linux Kernel Improper Privilege Management Vulnerability

Linux Kernel EPSS 80% 1 article
CVE-2026-1731 9.9 Critical KEV Ransomware 50d ago

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) EPSS 80% 4 articles
CVE-2020-9715 7.8 High KEV Ransomware 57d ago

Adobe Acrobat Use-After-Free Vulnerability

Adobe Acrobat EPSS 79% 6 articles
CVE-2025-57819 10 Critical KEV Ransomware 14d ago

Sangoma FreePBX Authentication Bypass Vulnerability

Sangoma FreePBX EPSS 77% 1 article
CVE-2025-64328 8.6 High KEV Ransomware 14d ago

Sangoma FreePBX OS Command Injection Vulnerability

Sangoma FreePBX EPSS 75% 1 article
CVE-2026-1340 9.8 Critical KEV Ransomware 33d ago

Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

Ivanti Endpoint Manager Mobile (EPMM) EPSS 74% 4 articles
CVE-2026-21643 9.1 Critical KEV Ransomware 57d ago

Fortinet FortiClient EMS SQL Injection Vulnerability

Fortinet FortiClient EMS EPSS 71% 7 articles · 1 incident
CVE-2025-48703 9 Critical KEV Ransomware 34d ago

CWP Control Web Panel OS Command Injection Vulnerability

CWP Control Web Panel EPSS 70% 1 article
CVE-2023-27351 8.2 High KEV Ransomware 50d ago

PaperCut NG/MF Improper Authentication Vulnerability

PaperCut NG/MF EPSS 66% 6 articles
CVE-2026-42208 9.3 Critical KEV Ransomware 30d ago

BerriAI LiteLLM SQL Injection Vulnerability

BerriAI LiteLLM EPSS 63% 8 articles · 1 incident
CVE-2025-10035 10 Critical KEV Ransomware 64d ago

Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability

Fortra GoAnywhere MFT EPSS 62% 2 articles
CVE-2026-0257 7.8 High KEV 5d ago

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security rest

Palo Alto Networks PAN-OS EPSS 59% 16 articles · 1 incident
CVE-2026-20127 10 Critical KEV Ransomware 26d ago

Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability

Cisco Catalyst SD-WAN Controller and Manager EPSS 55% 4 articles
CVE-2024-57728 7.2 High KEV Ransomware 46d ago

SimpleHelp Path Traversal Vulnerability

SimpleHelp SimpleHelp EPSS 54% 5 articles
CVE-2026-32202 4.3 Medium KEV Ransomware 42d ago

Microsoft Windows Protection Mechanism Failure Vulnerability

Microsoft Windows EPSS 53% 6 articles · 1 incident
CVE-2009-1537 8.8 High KEV Ransomware 20d ago

Microsoft DirectX NULL Byte Overwrite Vulnerability

Microsoft DirectX EPSS 53% 4 articles
CVE-2025-20362 6.5 Medium KEV Ransomware 47d ago

Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense EPSS 43% 3 articles
CVE-2025-32975 10 Critical KEV Ransomware 28d ago

Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability

Quest KACE Systems Management Appliance (SMA) EPSS 39% 6 articles
CVE-2024-57726 9.9 Critical KEV Ransomware 46d ago

SimpleHelp Missing Authorization Vulnerability

SimpleHelp SimpleHelp EPSS 39% 5 articles
CVE-2026-35616 9.1 Critical KEV Ransomware 10d ago

Fortinet FortiClient EMS Improper Access Control Vulnerability

Fortinet FortiClient EMS EPSS 35% 11 articles
CVE-2025-34291 9.4 Critical KEV Ransomware 19d ago

Langflow Origin Validation Error Vulnerability

Langflow Langflow EPSS 33% 3 articles
CVE-2026-48027 9.3 Critical KEV Ransomware 13d ago

Nx Console Embedded Malicious Code Vulnerability

Nx Nx Console EPSS 32% 8 articles
CVE-2025-26399 9.8 Critical KEV Ransomware 51d ago

SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

SolarWinds Web Help Desk EPSS 31% 1 article
CVE-2026-21513 8.8 High KEV Ransomware 34d ago

Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability

Microsoft Windows EPSS 28% 5 articles · 1 incident
CVE-2022-0492 7.8 High KEV 7d ago

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function.

Linux Kernel EPSS 28% 6 articles · 1 incident
CVE-2023-21529 8.8 High KEV Ransomware 57d ago

Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability

Microsoft Exchange Server EPSS 27% 7 articles
CVE-2025-20333 9.9 Critical KEV Ransomware 47d ago

Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense EPSS 27% 3 articles
CVE-2026-43284 8.8 High 14d ago

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from

EPSS 26% 7 articles · 1 incident
CVE-2026-33634 9.4 Critical KEV Ransomware 63d ago

Aquasecurity Trivy Embedded Malicious Code Vulnerability

Aquasecurity Trivy EPSS 24% 2 articles
CVE-2026-7473 6.9 Medium KEV 17h ago

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Rout

Arista Extensible Operating System EPSS 22% 8 articles · 2 incidents
CVE-2025-29635 7.2 High KEV Ransomware 46d ago

D-Link DIR-823X Command Injection Vulnerability

D-Link DIR-823X EPSS 20% 7 articles · 1 incident
CVE-2025-32711 9.3 Critical 37d ago

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

EPSS 19% 1 article
CVE-2025-48700 6.1 Medium KEV Ransomware 50d ago

Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) EPSS 18% 5 articles
CVE-2026-45321 9.6 Critical KEV Ransomware 13d ago

TanStack Unspecified Vulnerability

TanStack TanStack EPSS 17% 9 articles
CVE-2026-8398 9.8 Critical KEV Ransomware 13d ago

Daemon Tools Lite Embedded Malicious Code Vulnerability

Daemon Daemon Tools Lite EPSS 14% 7 articles
CVE-2026-21509 7.8 High KEV Ransomware 34d ago

Microsoft Office Security Feature Bypass Vulnerability

Microsoft Office EPSS 12% 3 articles
CVE-2025-8088 8.4 High KEV 13h ago

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files.

RARLAB WinRAR EPSS 12% 4 articles · 1 incident