Vulnerability Database

12-Month Intensity

Security bulletin trends by severity

0 1000 2000 3000 4000 May 25 Jun 25 Jul 25 Aug 25 Sep 25 Oct 25 Nov 25 Dec 25 Jan Feb Mar Apr

CVSSv4 Base Score Distribution

Vulnerabilities by severity score for the past 7 days

9.0-10 7.0-8.9 4.0-6.9 0.1-3.9 0 200 400 600 800

Attack Vector

Breakdown by attack vectors for the past 7 days

Remote Adjecent Local Physical

Latest Vulnerability Database Updates

Security Bulletins

View All
SB20260528261
Medium

Multiple vulnerabilities in IBM OpenPages
Patched
2m ago
SB20260528260
High

Multiple vulnerabilities in IBM DataStax Enterprise
Patched
11m ago
SB20260528259
Low

Multiple vulnerabilities in IBM Maximo AI Service
Patched
12m ago
SB20260528258
High

Multiple vulnerabilities in IBM Maximo AI Service
Patched
12m ago
SB20260528257
Medium

IBM Sterling Connect:Direct for Microsoft Windows update for Bouncy Castle
Patched
13m ago
SB20260528256
High

IBM Maximo Application Suite - Visual Inspection Component update for Pillow
Patched
15m ago
SB20260528255
Medium

Multiple vulnerabilities in IBM SPSS Modeler
Patched
20m ago
SB20260528254
Medium

Multiple vulnerabilities in IBM SPSS Analytic Server
Patched Public exploit
27m ago
SB20260528253
Critical

Backdoor in Nx Console VSCode extension
Patched Exploited
1h ago
SB20260528252
High

Remote code execution in Drupal AlternativeCommerce (Basket) module for Drupal
Patched
1h ago

Zero-Days

View All
#VU132671

Embedded malicious code in Nx Console VSCode Extension
CVE-2026-48027
1h ago
#VU132313

Use of hard-coded credentials in KnowledgeDeliver
CVE-2026-5426
1d ago
#VU132249

Incorrect Privilege Assignment in LiteSpeed User-End cPanel Plugin
CVE-2026-48172
2d ago
#VU132106

Relative Path Traversal in Apex One
CVE-2026-34926
6d ago
#VU132036

Input validation error in Windows Defender
CVE-2026-45498
6d ago
#VU132035

Link following in Microsoft Malware Protection Engine
CVE-2026-41091
6d ago
#VU131560
Patch pending

Stored cross-site scripting in Microsoft Exchange Server
CVE-2026-42897
1w ago
#VU131450

Improper authentication in Catalyst SD-WAN Controller (formerly SD-WAN vSmart)
CVE-2026-20182
1w ago
#VU130638

Input validation error in Endpoint Manager Mobile (formerly MobileIron Core)
CVE-2026-6973
2w ago
#VU130262

Embedded malicious code (backdoor) in Daemon Tools
CVE-ID: N/A
3w ago

Exploits

View All
#VU132370
CVE-2026-42097
Other

Exploit for Authentication bypass using an alternate path or channel in Sparx Pro Cloud Server
Sparx Pro Cloud Server
20h ago
#VU132369
CVE-2026-42096
Other

Exploit for Improper access control in Sparx Pro Cloud Server
Sparx Pro Cloud Server
20h ago
#VU132348
CVE-2026-44705
Other

Exploit for Path traversal in node-tmp
node-tmp
23h ago
#VU132128
CVE-2026-46529
Github

Exploit for Improper Neutralization of Argument Delimiters in a Command in atril
atril
5d ago
#VU122640
CVE-2026-1814
Github

Exploit for Insufficient entropy in Nexpose and InsightVM
Nexpose
5d ago
#VU131377
CVE-2026-42945
Github

Exploit for Heap-based buffer overflow in NGINX Open Source and NGINX Plus
NGINX Open Source
5d ago
#VU129551
CVE-2026-0073
Github

Exploit for Input validation error in Google Android
Google Android
5d ago
#VU112634
CVE-2025-48804
Github

Exploit for Acceptance of Extraneous Untrusted Data With Trusted Data in Windows and Windows Server
Windows
5d ago
#VU131583
CVE-2026-46333
Github

Exploit for Improper access control in Linux kernel
Linux kernel
5d ago

Vendor Spotlight - Last 7 Days

Red Hat Inc.

56 bulletins

IBM Corporation

50 bulletins

Linux Foundation

47 bulletins

Microsoft

6 bulletins

Adobe

6 bulletins