CVE & Exploit Intelligence Database

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,123 CVEs tracked 53,223 with exploits 4,686 exploited in wild 1,539 CISA KEV 3,912 Nuclei templates 37,757 vendors 42,429 researchers
87 results Clear all
CVE-2026-20022 6.1 MEDIUM EPSS 0.00
Cisco Secure Firewall ASA/FTD - DoS
A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the command debug ip ospf canon. This vulnerability is due to insufficient input validation when processing OSPF LSU packets. An attacker could exploit this vulnerability by sending crafted unauthenticated OSPF packets. A successful exploit could allow the attacker to write to memory outside of the packet data, causing the device to reload, resulting in a DoS condition.
CWE-823 Mar 04, 2026
CVE-2025-54152 6.5 MEDIUM EPSS 0.00
Qsync Central <5.0.0.4 - Memory Corruption
A use of out-of-range pointer offset vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read sensitive portions of memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later
CWE-823 Feb 11, 2026
CVE-2026-23764 1 Writeup EPSS 0.00
VB-Audio Voicemeeter <1.1.1.9-3.1.1.9 - Memory Corruption
VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys). The drivers allocate non-paged pool and map it into user space, where a length value associated with the allocation is exposed and can be modified by an unprivileged local attacker. On subsequent IOCTL handling, the corrupted length is used directly as the IoAllocateMdl length argument without adequate integrity checks before building and mapping the MDL, which can cause a kernel crash (BSoD), typically PAGE_FAULT_IN_NONPAGED_AREA. This flaw allows a local user to trigger a denial-of-service on affected Windows systems.
CWE-823 Jan 22, 2026
CVE-2026-21487 6.1 MEDIUM 1 Writeup EPSS 0.00
Color Iccdev < 2.3.1.2 - Out-of-Bounds Access
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have an Out-of-bounds Read, Use of Out-of-range Pointer Offset and have Improper Input Validation in its CIccProfile::LoadTag function. This issue is fixed in version 2.3.1.2.
CWE-823 Jan 06, 2026
CVE-2017-20211 EPSS 0.00
UCanCode E-XD++ Visualization Enterprise Suite - RCE
UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may cause the control to dereference an attacker-controlled pointer, enabling remote code execution in the context of the hosting process. The vulnerability requires user interaction (instantiation of the ActiveX control via a web page or a file).
CWE-823 Nov 12, 2025
CVE-2025-11232 7.5 HIGH EPSS 0.00
Kea <3.0.1 - DoS
To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2.
CWE-823 Oct 29, 2025
CVE-2025-47349 7.8 HIGH EPSS 0.00
Product <Version - Memory Corruption
Memory corruption while processing an escape call.
CWE-823 Oct 09, 2025
CVE-2025-27059 8.8 HIGH EPSS 0.00
SCM <unknown> - Memory Corruption
Memory corruption while performing SCM call.
CWE-823 Oct 09, 2025
CVE-2025-25180 7.8 HIGH EPSS 0.00
Software - Memory Corruption
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform altering their behaviour.
CWE-823 Jul 14, 2025
CVE-2024-53017 6.6 MEDIUM EPSS 0.00
Product Version - Memory Corruption
Memory corruption while handling test pattern generator IOCTL command.
CWE-823 Jun 03, 2025
CVE-2025-46806 EPSS 0.00
sslh <2.2.4 - DoS
A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4.
CWE-823 Jun 02, 2025
CVE-2024-47893 6.5 MEDIUM EPSS 0.00
Kernel software - Memory Corruption
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to read and/or write data outside the Guest's virtualised GPU memory.
CWE-823 May 17, 2025
CVE-2024-45570 6.6 MEDIUM EPSS 0.00
IO Configuration < unknown - Memory Corruption
Memory corruption may occur during IO configuration processing when the IO port count is invalid.
CWE-119 May 06, 2025
CVE-2025-0467 8.2 HIGH EPSS 0.00
Kernel software - Memory Corruption
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
CWE-823 Apr 18, 2025
CVE-2024-45557 7.8 HIGH EPSS 0.00
TME <unknown> - Memory Corruption
Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation.
CWE-823 Apr 07, 2025
CVE-2024-43060 7.8 HIGH EPSS 0.00
Unknown Product <Unknown Version - Memory Corruption
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
CWE-119 Mar 03, 2025
CVE-2024-52939 7.8 HIGH EPSS 0.00
Kernel software <Guest VM - Memory Corruption
Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to trigger a write data outside the Guest's virtualised GPU memory.
CWE-823 Feb 22, 2025
CVE-2024-47896 3.3 LOW EPSS 0.00
Kernel software <Guest VM - Memory Corruption
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
CWE-823 Feb 22, 2025
CVE-2024-12577 7.3 HIGH EPSS 0.00
Kernel - Memory Corruption
Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory.
CWE-823 Feb 22, 2025
CVE-2024-49840 7.8 HIGH EPSS 0.00
FIPS < unknown - Memory Corruption
Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.
CWE-119 Feb 03, 2025

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
CVE-2025-15467: From OpenSSL Stack Overflow to Three ROP Chains in 64 Minutes - Introducing Stackforge
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF
 CVE-2026-21525
Microsoft Windows 10 1607 < 10.0.14393.8868 - NULL Pointer Dereference
 CVE-2026-21519
Microsoft Windows 10 1607 < 10.0.14393.8868 - Type Confusion