Vulnerability Dashboard

Real-time zero-day and critical vulnerability monitoring with comprehensive statistics

AI AnalysisBack to Home

Total in Feed

0

CISA KEV Recent

15

High Severity

0

RSS Feed

View

Recent Zero-Day & Critical Vulnerabilities

Last 30 days from trusted security sources

CISA KEVACTIVELY EXPLOITED
Critical

CVE-2021-22175: GitLab Server-Side Request Forgery (SSRF) Vulnerability

GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks are enabled.

Affected Product

GitLab GitLab

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2026-22769: Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability

Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an unauthenticated remote att...

Affected Product

Dell RecoverPoint for Virtual Machines (RP4VMs)

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2020-7796: Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability

Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery vulnerability if WebEx zimlet installed and zimlet JSP is enabled.

Affected Product

Synacor Zimbra Collaboration Suite

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2024-7694: TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar Anti-Ransomware does not pro...

Affected Product

TeamT5 ThreatSonar Anti-Ransomware

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2008-0015: Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability

Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a ...

Affected Product

Microsoft Windows

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2026-2441: Google Chromium CSS Use-After-Free Vulnerability

Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HT...

Affected Product

Google Chromium

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2026-1731: BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Successful exploitation could allow a...

Affected Product

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2026-20700: Apple Multiple Buffer Overflow Vulnerability

Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that co...

Affected Product

Apple Multiple Products

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2024-43468: Microsoft Configuration Manager SQL Injection Vulnerability

Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending speci...

Affected Product

Microsoft Configuration Manager

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-15556: Notepad++ Download of Code Without Integrity Check Vulnerability

Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept o...

Affected Product

Notepad++ Notepad++

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2025-40536: SolarWinds Web Help Desk Security Control Bypass Vulnerability

SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restr...

Affected Product

SolarWinds Web Help Desk

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2026-21513: Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability

Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security featur...

Affected Product

Microsoft Windows

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2026-21525: Microsoft Windows NULL Pointer Dereference Vulnerability

Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service local...

Affected Product

Microsoft Windows

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2026-21510: Microsoft Windows Shell Protection Mechanism Failure Vulnerability

Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature o...

Affected Product

Microsoft Windows

MITRE CVE
CISA KEVACTIVELY EXPLOITED
Critical

CVE-2026-21533: Microsoft Windows Improper Privilege Management Vulnerability

Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate p...

Affected Product

Microsoft Windows

MITRE CVE

About This Dashboard

CISA KEV: Known Exploited Vulnerabilities from CISA - actively being exploited in the wild and requiring immediate remediation

NVD Recent: Recently published high/critical severity CVEs from the National Vulnerability Database with CVSS v3.1 scoring

Update Frequency: Data is cached for 30 minutes and refreshed automatically to ensure timely security intelligence

Sources: CISA KEV Catalog, NVD API