Misbruikte kwetsbaarheden

Top 10 actief misbruikte kwetsbaarheden op basis van CISA KEV, NCSC en EPSS-scores. Dagelijks bijgewerkt voor NL en BE.

⚠ Actief misbruikt

🔐 Kwetsbaarheden CVE's

Trending CVE's op sociale media

📈 Actueel overzicht

Dagelijks bijgewerkt cyber nieuws

🔒 Alle slachtoffers darkweb

410+ NL/BE organisaties op het darkweb

📊 Rapporten

Cyberdreigingsrapporten en analyses
🔐 CVE's 📈 Actueel 👁 Screenshot darkweb 📋 Artikelen ✉ Nieuwsbrief 📁 Onderwerpen

Top 10 Misbruikte Kwetsbaarheden

Bijgewerkt: 23 maart 2026 | Bronnen: CISA KEV, NCSC, ENISA EUVD, FIRST EPSS, NVD (NIST)

Deze pagina toont kwetsbaarheden die actief worden misbruikt door cybercriminelen. De data komt van CISA (VS), het NCSC (NL) en FIRST EPSS. Dit is geen trending-lijst op sociale media, maar een overzicht van bewezen gevaarlijke kwetsbaarheden.

Top 10 Misbruikte Kwetsbaarheden - Nederland en Belgie

Gebaseerd op NCSC advisories, verrijkt met CISA KEV en EPSS data

#1
CVE-2026-20131 Cisco - Secure Firewall Management Center (FMC)
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based manageme...
CVSS 10.0 KRITIEK EPSS 0.9% (P75) CISA KEV EUVD sinds Mar 19, 20 Ransomware NCSC [H/H]
#2
CVE-2026-1603 Ivanti - Endpoint Manager (EPM)
Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credentia...
CVSS 7.5 HOOG EPSS 65.4% (P98) CISA KEV NCSC [M/H]
#3
CVE-2026-20963 Microsoft - SharePoint
Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
CVSS 8.8 HOOG EPSS 9.1% (P93) CISA KEV NCSC [M/H]
#4
CVE-2026-20127 Cisco - Catalyst SD-WAN Controller and Manager
Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, ...
CVSS 10.0 KRITIEK EPSS 0.9% (P75) CISA KEV EUVD sinds Feb 25, 20 NCSC [H/H]
#5
CVE-2026-3909 Google - Skia
Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability affects Google Chrome...
CVSS 8.8 HOOG EPSS 4.4% (P89) CISA KEV EUVD sinds Mar 13, 20 NCSC [M/H]
#6
CVE-2026-3910 Google - Chromium V8
Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox vi...
CVSS 8.8 HOOG EPSS 1.3% (P80) CISA KEV EUVD sinds Mar 13, 20 NCSC [M/H]
#7
CVE-2022-20775 Cisco - SD-WAN
Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands within the application...
CVSS 7.8 HOOG EPSS 0.3% (P54) CISA KEV NCSC [H/H]
#8
A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on a...
CVSS 10.0 KRITIEK EPSS 0.1% (P19) NCSC [H/H]
#9
A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain DCA user privileges on an affected system. Thi...
CVSS 7.5 HOOG EPSS 0.0% (P1) NCSC [H/H]
#10
A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the a...
CVSS 5.4 MIDDEL EPSS 0.0% (P3) NCSC [H/H]

Top 10 Misbruikte Kwetsbaarheden - Wereldwijd

Gebaseerd op CISA Known Exploited Vulnerabilities, gerangschikt op exploitatiekans (EPSS)

#1
CVE-2017-7921 Hikvision - Multiple Products
Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information.
CVSS 10.0 KRITIEK EPSS 94.2% (P100) CISA KEV
#2
CVE-2021-22054 Omnissa - Workspace One UEM
Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vulnerability that could allow a malicious actor with network access to UEM to sen...
CVSS 7.5 HOOG EPSS 93.6% (P100) CISA KEV
#3
CVE-2025-32432 Craft CMS - Craft CMS
Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.
CVSS 10.0 KRITIEK EPSS 89.4% (P100) CISA KEV
#4
CVE-2025-68613 n8n - n8n
n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.
CVSS 8.8 HOOG EPSS 76.9% (P99) CISA KEV
#5
CVE-2026-1603 Ivanti - Endpoint Manager (EPM)
Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credentia...
CVSS 7.5 HOOG EPSS 65.4% (P98) CISA KEV NCSC [M/H]
#6
CVE-2025-54068 Laravel - Livewire
Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.
CVSS 9.8 KRITIEK EPSS 48.9% (P98) CISA KEV
#7
CVE-2025-26399 SolarWinds - Web Help Desk
SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on the host machine.
CVSS 9.8 KRITIEK EPSS 29.2% (P97) CISA KEV
#8
CVE-2025-47813 Wing FTP Server - Wing FTP Server
Wing FTP Server contains a generation of error message containing sensitive information vulnerability when using a long value in the UID cookie.
CVSS 4.3 MIDDEL EPSS 21.4% (P96) CISA KEV
#9
CVE-2021-22681 Rockwell - Multiple Products
Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key is used to verify Logix contro...
CVSS 9.8 KRITIEK EPSS 16.2% (P95) CISA KEV
#10
CVE-2025-66376 Synacor - Zimbra Collaboration Suite (ZCS)
Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability in the Classic UI where attackers could abuse Cascading Style Sheets (CSS) @import directives in email HTML.
CVSS 6.1 MIDDEL EPSS 11.4% (P94) CISA KEV

Top 10 Misbruikte Kwetsbaarheden - Gecombineerd

Gewogen ranking op basis van CISA KEV, NCSC severity, EPSS score, ransomware en recentheid

#1
CVE-2026-20131 Cisco - Secure Firewall Management Center (FMC)
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in the web-based manageme...
CVSS 10.0 KRITIEK EPSS 0.9% (P75) CISA KEV EUVD sinds Mar 19, 20 Ransomware NCSC [H/H]
#2
CVE-2025-32432 Craft CMS - Craft CMS
Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.
CVSS 10.0 KRITIEK EPSS 89.4% (P100) CISA KEV
#3
CVE-2026-1603 Ivanti - Endpoint Manager (EPM)
Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to leak specific stored credentia...
CVSS 7.5 HOOG EPSS 65.4% (P98) CISA KEV NCSC [M/H]
#4
CVE-2017-7921 Hikvision - Multiple Products
Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information.
CVSS 10.0 KRITIEK EPSS 94.2% (P100) CISA KEV
#5
CVE-2021-22054 Omnissa - Workspace One UEM
Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vulnerability that could allow a malicious actor with network access to UEM to sen...
CVSS 7.5 HOOG EPSS 93.6% (P100) CISA KEV
#6
CVE-2025-68613 n8n - n8n
n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution.
CVSS 8.8 HOOG EPSS 76.9% (P99) CISA KEV
#7
CVE-2025-54068 Laravel - Livewire
Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.
CVSS 9.8 KRITIEK EPSS 48.9% (P98) CISA KEV
#8
CVE-2026-20963 Microsoft - SharePoint
Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
CVSS 8.8 HOOG EPSS 9.1% (P93) CISA KEV NCSC [M/H]
#9
CVE-2026-20127 Cisco - Catalyst SD-WAN Controller and Manager
Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authentication bypass vulnerability could allow an unauthenticated, ...
CVSS 10.0 KRITIEK EPSS 0.9% (P75) CISA KEV EUVD sinds Feb 25, 20 NCSC [H/H]
#10
CVE-2026-3909 Google - Skia
Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability affects Google Chrome...
CVSS 8.8 HOOG EPSS 4.4% (P89) CISA KEV EUVD sinds Mar 13, 20 NCSC [M/H]
Legenda: CVSS = ernst-score (0-10): 9.0-10 Kritiek 7.0-8.9 Hoog 4.0-6.9 Middel 0.1-3.9 Laag | EPSS = kans op exploitatie (FIRST.org), P = percentiel, stijgend dalend | CISA KEV = bevestigd actief misbruikt (VS) | EUVD = ENISA Europese kwetsbaarhedenlijst | Ransomware = gebruikt in ransomware-campagnes | NCSC = NCSC advisory met ernst-rating