Vulnerability Dashboard

Real-time zero-day and critical vulnerability monitoring with comprehensive statistics

AI AnalysisBack to Home

Total in Feed

0

CISA KEV Recent

15

High Severity

0

RSS Feed

View

Recent Zero-Day & Critical Vulnerabilities

Last 30 days from trusted security sources

CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-58360: OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability

OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input thr...

Affected Product

OSGeo GeoServer

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-6218: RARLAB WinRAR Path Traversal Vulnerability

RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.

Affected Product

RARLAB WinRAR

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-62221: Microsoft Windows Use After Free Vulnerability

Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges l...

Affected Product

Microsoft Windows

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2022-37055: D-Link Routers Buffer Overflow Vulnerability

D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products ...

Affected Product

D-Link Routers

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-66644: Array Networks ArrayOS AG OS Command Injection Vulnerability

Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.

Affected Product

Array Networks ArrayOS AG

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-55182: Meta React Server Components Remote Code Execution Vulnerability

Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a fla...

Affected Product

Meta React Server Components

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2021-26828: OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability

OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute...

Affected Product

OpenPLC ScadaBR

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-48633: Android Framework Information Disclosure Vulnerability

Android Framework contains an unspecified vulnerability that allows for information disclosure.

Affected Product

Android Framework

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-48572: Android Framework Privilege Escalation Vulnerability

Android Framework contains an unspecified vulnerability that allows for privilege escalation.

Affected Product

Android Framework

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2021-26829: OpenPLC ScadaBR Cross-site Scripting Vulnerability

OpenPLC ScadaBR contains a cross-site scripting vulnerability via system_settings.shtm.

Affected Product

OpenPLC ScadaBR

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-61757: Oracle Fusion Middleware Missing Authentication for Critical Function Vulnerability

Oracle Fusion Middleware contains a missing authentication for critical function vulnerability, allowing unauthenticated remote attackers to take over...

Affected Product

Oracle Fusion Middleware

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-13223: Google Chromium V8 Type Confusion Vulnerability

Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.

Affected Product

Google Chromium V8

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-58034: Fortinet FortiWeb OS Command Injection Vulnerability

Fortinet FortiWeb contains an OS command Injection vulnerability that may allow an authenticated attacker to execute unauthorized code on the underlyi...

Affected Product

Fortinet FortiWeb

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-64446: Fortinet FortiWeb Path Traversal Vulnerability

Fortinet FortiWeb contains a relative path traversal vulnerability that may allow an unauthenticated attacker to execute administrative commands on th...

Affected Product

Fortinet FortiWeb

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-12480: Gladinet Triofox Improper Access Control Vulnerability

Gladinet Triofox contains an improper access control vulnerability that allows access to initial setup pages even after setup is complete.

Affected Product

Gladinet Triofox

MITRE CVE

About This Dashboard

CISA KEV: Known Exploited Vulnerabilities from CISA - actively being exploited in the wild and requiring immediate remediation

NVD Recent: Recently published high/critical severity CVEs from the National Vulnerability Database with CVSS v3.1 scoring

Update Frequency: Data is cached for 30 minutes and refreshed automatically to ensure timely security intelligence

Sources: CISA KEV Catalog, NVD API