CVE & Exploit Intelligence Database

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

338,223 CVEs tracked 53,274 with exploits 4,730 exploited in wild 1,542 CISA KEV 3,929 Nuclei templates 37,826 vendors 42,563 researchers
1,099 results Clear all
CVE-2021-3633 7.3 HIGH EPSS 0.00
Lenovo Drivers Management < 2.9.0719.1104 - Uncontrolled Search Path
A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation.
CWE-427 Aug 17, 2021
CVE-2021-38086 7.8 HIGH EPSS 0.00
Acronis Cyber Protect <15 - Privilege Escalation
Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking.
CWE-427 Aug 12, 2021
CVE-2021-36770 7.8 HIGH EPSS 0.00
P5-encode < 3.12 - Uncontrolled Search Path
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a Trojan horse Encode::ConfigLocal library (in the current working directory) that preempts dynamic module loading. Exploitation requires an unusual configuration, and certain 2021 versions of Encode.pm (3.05 through 3.11). This issue occurs because the || operator evaluates @INC in a scalar context, and thus @INC has only an integer value.
CWE-427 Aug 11, 2021
CVE-2021-38571 7.8 HIGH EPSS 0.00
Foxit Reader & PhantomPDF <10.1.4 - Code Injection
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502.
CWE-427 Aug 11, 2021
CVE-2021-0160 7.8 HIGH EPSS 0.00
Intel Avermedia Capture Card < 3.0.64.143 - Uncontrolled Search Path
Uncontrolled search path in some Intel(R) NUC Pro Chassis Element AverMedia Capture Card drivers before version 3.0.64.143 may allow an authenticated user to potentially enable escalation of privilege via local access.
CWE-427 Aug 11, 2021
CVE-2021-32580 7.8 HIGH EPSS 0.00
Acronis True Image - Uncontrolled Search Path
Acronis True Image prior to 2021 Update 4 for Windows allowed local privilege escalation due to DLL hijacking.
CWE-427 Aug 05, 2021
CVE-2021-1593 7.3 HIGH EPSS 0.00
Cisco Packet Tracer - Uncontrolled Search Path
A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path on the system, which can cause a malicious DLL file to be loaded when the application starts. A successful exploit could allow an attacker with normal user privileges to execute arbitrary code on the affected system with the privileges of another user&rsquo;s account.
CWE-427 Aug 04, 2021
CVE-2020-18173 7.8 HIGH EPSS 0.00
1Password <7.3.712 - Code Injection
A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code.
CWE-427 Jul 26, 2021
CVE-2020-4623 6.5 MEDIUM EPSS 0.00
IBM I2 Ibase - Uncontrolled Search Path
IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984.
CWE-427 Jul 26, 2021
CVE-2020-5316 7.8 HIGH EPSS 0.00
Dell Supportassist For Business Pcs - Uncontrolled Search Path
Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability. A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code.
CWE-427 Jul 22, 2021
CVE-2021-1089 7.8 HIGH EPSS 0.00
NVIDIA GPU Display Driver - RCE
NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.
CWE-427 Jul 22, 2021
CVE-2021-3550 7.8 HIGH EPSS 0.00
Lenovo PCManager <3.0.500.5102 - Privilege Escalation
A DLL search path vulnerability was reported in Lenovo PCManager, prior to version 3.0.500.5102, that could allow privilege escalation.
CWE-427 Jul 16, 2021
CVE-2021-36753 7.8 HIGH EPSS 0.00
Bat < 0.18.2 - Uncontrolled Search Path
sharkdp BAT before 0.18.2 executes less.exe from the current working directory.
CWE-427 Jul 15, 2021
CVE-2020-11634 7.8 HIGH EPSS 0.00
Zscaler Client Connector < 2.1.2.105 - Uncontrolled Search Path
The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL. A local adversary may be able to execute arbitrary code in the SYSTEM context.
CWE-427 Jul 15, 2021
CVE-2021-3042 7.8 HIGH EPSS 0.00
Palo Alto Networks Cortex XDR <6.1-7.2 - Privilege Escalation
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. Exploiting this vulnerability requires the user to have file creation privilege in the Windows root directory (such as C:\). This issue impacts: All versions of Cortex XDR agent 6.1 without content update 181 or a later version; All versions of Cortex XDR agent 7.2 without content update 181 or a later version; All versions of Cortex XDR agent 7.3 without content update 181 or a later version. Cortex XDR agent 5.0 versions are not impacted by this issue. Content updates are required to resolve this issue and are automatically applied for the agent.
CWE-427 Jul 15, 2021
CVE-2020-29157 7.8 HIGH EPSS 0.00
Raonwiz Raon K Editor - Uncontrolled Search Path
An issue in RAONWIZ K Editor v2018.0.0.10 allows attackers to perform a DLL hijacking attack when the service or system is restarted.
CWE-427 Jul 14, 2021
CVE-2021-22000 7.8 HIGH EPSS 0.00
Vmware Thinapp < 5.2.10 - Uncontrolled Search Path
VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vulnerability due to insecure loading of DLLs. A malicious actor with non-administrative privileges may exploit this vulnerability to elevate privileges to administrator level on the Windows operating system having VMware ThinApp installed on it.
CWE-427 Jul 13, 2021
CVE-2021-35957 6.7 MEDIUM EPSS 0.00
Stormshield Endpoint Security Evolution <2.0.3 - Privilege Escalation
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones.
CWE-427 Jul 13, 2021
CVE-2021-36376 7.8 HIGH EPSS 0.00
dandavison delta <0.8.3 - Path Traversal
dandavison delta before 0.8.3 on Windows resolves an executable's pathname as a relative path from the current directory.
CWE-427 Jul 13, 2021
CVE-2021-3613 7.8 HIGH EPSS 0.00
Openvpn Connect < 3.3.0 - Uncontrolled Search Path
OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (OpenVPNConnect.exe).
CWE-427 Jul 02, 2021

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-3910
Google Chrome <146.0.7680.75 - RCE
 CVE-2026-3909
Google Chrome < 146.0.7680.75 - Out-of-Bounds Access
 CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF