Vulnerability Database

12-Month Intensity

Security bulletin trends by severity

0 1000 2000 3000 4000 Feb 25 Mar 25 Apr 25 May 25 Jun 25 Jul 25 Aug 25 Sep 25 Oct 25 Nov 25 Dec 25 Jan

CVSSv4 Base Score Distribution

Vulnerabilities by severity score for the past 7 days

9.0-10 7.0-8.9 4.0-6.9 0.1-3.9 0 1000 2000 3000 4000

Attack Vector

Breakdown by attack vectors for the past 7 days

Remote Adjecent Local Physical

Latest Vulnerability Database Updates

Security Bulletins

View All
SB2026022724
Critical

Elastic Synthetics Recorder update for third-party components
Patched Exploited
35s ago
SB2026022723
Medium

Path traversal in IceWarp
Patched
10m ago
SB2026022722
Medium

Improper access control in CAPTCHA module for Drupal
Patched
34m ago
SB2026022721
Medium

Denial of service in Elastic Packetbeat
Patched
36m ago
SB2026022720
Medium

Multiple vulnerabilities in Elastic Kibana
Patched
39m ago
SB2026022719
Medium

Two vulnerabilities in Elastic Kibana
Patched
40m ago
SB2026022718
Medium

Arbitrary file upload in Islandora module for Drupal
Patched
52m ago
SB2026022717
Medium

Server-Side Request Forgery (SSRF) in Drupal Canvas module for Drupal
Patched
1h ago
SB2026022716
Critical

Multiple vulnerabilities in IBM QRadar SIEM
Patched
1h ago
SB2026022715
High

IBM License Metric Tool update for Eclipse OMR
Patched
1h ago

Zero-Days

View All
#VU123273

Improper authentication in Catalyst SD-WAN Controller (formerly SD-WAN vSmart)
CVE-2026-20127
1d ago
#VU123002

Use of hard-coded credentials in RecoverPoint for Virtual Machines
CVE-2026-22769
1w ago
#VU122834

Use-after-free in Google Chrome
CVE-2026-2441
1w ago
#VU122706

Buffer overflow in macOS
CVE-2026-20700
2w ago
#VU122552

Type Confusion in Windows
CVE-2026-21519
2w ago
#VU122550

NULL pointer dereference in Windows Server
CVE-2026-21525
2w ago
#VU122548

Improper privilege management in Windows Server
CVE-2026-21533
2w ago
#VU122547

Protection Mechanism Failure in Windows
CVE-2026-21513
2w ago
#VU122544

Protection Mechanism Failure in Windows
CVE-2026-21510
2w ago
#VU122540

Reliance on Untrusted Inputs in a Security Decision in Microsoft Office
CVE-2026-21514
2w ago

Exploits

View All
#VU121148
CVE-2025-68493
Github

Exploit for XML External Entity injection in Apache Struts
Apache Struts
50m ago
#VU109097
CVE-2025-29969
Github

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Windows and Windows Server
Windows
51m ago
#VU121246
CVE-2026-20817
Github

Exploit for Permissions, Privileges, and Access Controls in Windows Server and Windows
Windows Server
51m ago
#VU112272
CVE-2025-47812
Github

Exploit for Input validation error in Wing FTP Server
Wing FTP Server
52m ago
#VU117222
CVE-2025-59287
Github

Exploit for Deserialization of Untrusted Data in Windows Server
Windows Server
52m ago
#VU74604
CVE-2023-28205
Github

Exploit for Use-after-free in WebKitGTK+ and WPE WebKit
WebKitGTK+
52m ago
#VU99656
CVE-2024-9932
Github

Exploit for Arbitrary file upload in Wux Blog Editor
Wux Blog Editor
55m ago
#VU111966
CVE-2025-4517
Github

Exploit for Path traversal in Python
Python
55m ago
#VU112067
CVE-2025-32462
Github

Exploit for Protection mechanism failure in Sudo
Sudo
56m ago

Vendor Spotlight - Last 7 Days

IBM Corporation

61 bulletins

Red Hat Inc.

55 bulletins

Cisco Systems, Inc

9 bulletins

Google

4 bulletins

Trend Micro

3 bulletins