Vulnerability Database

12-Month Intensity

Security bulletin trends by severity

0 1000 2000 3000 4000 Apr 25 May 25 Jun 25 Jul 25 Aug 25 Sep 25 Oct 25 Nov 25 Dec 25 Jan Feb Mar

CVSSv4 Base Score Distribution

Vulnerabilities by severity score for the past 7 days

9.0-10 7.0-8.9 4.0-6.9 0.1-3.9 0 1000 2000 3000 4000

Attack Vector

Breakdown by attack vectors for the past 7 days

Remote Adjecent Local Physical

Latest Vulnerability Database Updates

Security Bulletins

View All
SB2026040232
Medium

Fedora 42 update for libmicrohttpd
Patched
20m ago
SB2026040231
Medium

Fedora 43 update for libmicrohttpd
Patched
20m ago
SB2026040230
Medium

Fedora 44 update for libmicrohttpd
Patched
20m ago
SB2026040229
Low

Interpretation Conflict in Parse Server
Patched
22m ago
SB2026040228
Medium

Improper Authorization in Parse Server
Patched
1h ago
SB2026040227
Medium

Red Hat Enterprise Linux 9 update for the nginx:1.26 module
Patched
1h ago
SB2026040226
Low

Path traversal in WatchGuard Fireware OS
Patched
1h ago
SB2026040225
High

Multiple vulnerabilities in IBM Guardium Data Security Center
Patched Public exploit
1h ago
SB2026040224
Medium

Improper Neutralization of Special Elements in Output Used by a Downstream Component in Storybook
Patched
1h ago
SB2026040223
High

Improper Authentication in SAML SSO - Service Provider module for Drupal
Patched
2h ago

Zero-Days

View All
#VU124751

Use-after-free in Google Chrome
CVE-2026-5281
22h ago
#VU124720

Embedded malicious code (backdoor) in axios
CVE-ID: N/A
1d ago
#VU124719

Download of code without integrity check in TrueConf client for Windows
CVE-2026-3502
1d ago
#VU124689

Embedded malicious code (backdoor) in trivy
CVE-2026-33634
2d ago
#VU123976

Improperly implemented security check for standard in Google Chrome
CVE-2026-3910
2w ago
#VU123975

Out-of-bounds write in Google Chrome
CVE-2026-3909
2w ago
#VU123412

Integer overflow in Google Android
CVE-2026-21385
1mo ago
#VU123273

Improper authentication in Catalyst SD-WAN Controller (formerly SD-WAN vSmart)
CVE-2026-20127
1mo ago
#VU123002

Use of hard-coded credentials in RecoverPoint for Virtual Machines
CVE-2026-22769
1mo ago
#VU122834

Use-after-free in Google Chrome
CVE-2026-2441
1mo ago

Exploits

View All
#VU124768
CVE-2026-34787
Other

Exploit for PHP file inclusion in Emlog Pro
Emlog Pro
19h ago
#VU85668
CVE-2024-23222
Github

Exploit for Type confusion in WebKitGTK+ and WPE WebKit
WebKitGTK+
20h ago
#VU123313
CVE-2024-46987
Github

Exploit for Path traversal in Camaleon CMS
Camaleon CMS
20h ago
#VU123638
CVE-2026-29000
Github

Exploit for Improper verification of cryptographic signature in pac4j
pac4j
20h ago
#VU122076
CVE-2025-15467
Github

Exploit for Stack-based buffer overflow in OpenSSL
OpenSSL
20h ago
#VU123742
CVE-2026-25177
Github

Exploit for Improper Restriction of Names for Files and Other Resources in Windows and Windows Server
Windows
20h ago
#VU123653
CVE-2024-14027
Github

Exploit for Memory leak in Linux kernel
Linux kernel
20h ago
#VU118845
CVE-2025-66034
Github

Exploit for Path traversal in fontTools
fontTools
20h ago
#VU119103
CVE-2025-55182
Github

Exploit for Deserialization of untrusted data in React
React
20h ago

Vendor Spotlight - Last 7 Days

IBM Corporation

77 bulletins

Red Hat Inc.

41 bulletins

Linux Foundation

17 bulletins

Cisco Systems, Inc

8 bulletins

Microsoft

2 bulletins