Top 10 Misbruikte Kwetsbaarheden
Bijgewerkt: 23 mei 2026 | Bronnen: CISA KEV, NCSC, ENISA EUVD, FIRST EPSS, NVD (NIST)
Deze pagina toont kwetsbaarheden die actief worden misbruikt door cybercriminelen. De data komt van CISA (VS), het NCSC (NL) en FIRST EPSS. Dit is geen lijst met trending items op sociale media, maar een overzicht van bewezen gevaarlijke kwetsbaarheden.
Top 10 Misbruikte Kwetsbaarheden - Nederland en Belgie
Gebaseerd op NCSC advisories, verrijkt met CISA KEV en EPSS data
#1
CVSS 8.8 HOOG EPSS 0.6% (P70) → NCSC [M/H]
#2
CVSS 8.8 HOOG EPSS 0.6% (P70) → NCSC [M/H]
#3
CVSS 8.8 HOOG EPSS 0.6% (P70) → NCSC [M/H]
#4
CVSS 8.8 HOOG EPSS 0.6% (P70) → NCSC [M/H]
#5
CVSS 8.4 HOOG EPSS 0.2% (P41) → NCSC [M/H]
#6
CVSS 8.0 HOOG EPSS 0.4% (P58) → NCSC [M/H]
#7
CVSS 9.1 KRITIEK EPSS 0.2% (P38) → NCSC [M/H]
#8
CVSS 9.9 KRITIEK EPSS 0.1% (P18) → NCSC [M/H]
#9
CVSS 7.8 HOOG EPSS 0.0% (P14) → NCSC [M/H]
#10
CVSS 9.9 KRITIEK EPSS 0.1% (P30) → NCSC [M/H]
Top 10 Misbruikte Kwetsbaarheden - Wereldwijd
Gebaseerd op CISA Known Exploited Vulnerabilities, gerangschikt op exploitatiekans (EPSS)
#1
CVE-2008-4250
Microsoft - Windows
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow d...
CVSS 9.8 KRITIEK EPSS 92.5% (P100) → CISA KEV
#2
CVE-2009-3459
Adobe - Acrobat and Reader
Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption.
CVSS 8.8 HOOG EPSS 91.0% (P100) ↑ CISA KEV
#3
CVE-2010-0249
Microsoft - Internet Explorer
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacte...
CVSS 8.8 HOOG EPSS 88.7% (P100) ↓ CISA KEV
#4
CVE-2010-0806
Microsoft - Internet Explorer
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletio...
CVSS 8.8 HOOG EPSS 87.3% (P99) ↓ CISA KEV
#5
CVE-2024-1708
ConnectWise - ScreenConnect
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
CVSS 8.4 HOOG EPSS 85.4% (P99) → CISA KEV Ransomware
#6
CVE-2026-41940
WebPros - cPanel & WHM and WP2 (WordPress Squared)
WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthor...
CVSS 9.8 KRITIEK EPSS 84.4% (P99) ↑ CISA KEV EUVD sinds Apr 30, 20 Ransomware
#7
CVE-2026-39987
Marimo - Marimo
Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.
CVSS 9.8 KRITIEK EPSS 82.2% (P99) ↑ CISA KEV
#8
CVE-2026-20182
Cisco - Catalyst SD-WAN
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative priv...
CVSS 10.0 KRITIEK EPSS 77.3% (P99) ↑ CISA KEV EUVD sinds May 14, 20
#9
CVE-2024-7399
Samsung - MagicINFO 9 Server
Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.
CVSS 9.8 KRITIEK EPSS 72.9% (P99) → CISA KEV
#10
CVE-2009-1537
Microsoft - DirectX
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a cr...
CVSS 8.8 HOOG EPSS 55.5% (P98) ↑ CISA KEV
Top 10 Misbruikte Kwetsbaarheden - Gecombineerd
Gewogen ranking op basis van CISA KEV, NCSC severity, EPSS score, ransomware en recentheid
#1
CVE-2026-41940
WebPros - cPanel & WHM and WP2 (WordPress Squared)
WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthor...
CVSS 9.8 KRITIEK EPSS 84.4% (P99) ↑ CISA KEV EUVD sinds Apr 30, 20 Ransomware
#2
CVE-2024-1708
ConnectWise - ScreenConnect
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
CVSS 8.4 HOOG EPSS 85.4% (P99) → CISA KEV Ransomware
#3
CVE-2008-4250
Microsoft - Windows
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow d...
CVSS 9.8 KRITIEK EPSS 92.5% (P100) → CISA KEV
#4
CVE-2009-3459
Adobe - Acrobat and Reader
Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption.
CVSS 8.8 HOOG EPSS 91.0% (P100) ↑ CISA KEV
#5
CVE-2010-0806
Microsoft - Internet Explorer
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletio...
CVSS 8.8 HOOG EPSS 87.3% (P99) ↓ CISA KEV
#6
CVE-2024-57728
SimpleHelp - SimpleHelp
SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploit...
CVSS 7.2 HOOG EPSS 52.4% (P98) → CISA KEV Ransomware
#7
CVE-2010-0249
Microsoft - Internet Explorer
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacte...
CVSS 8.8 HOOG EPSS 88.7% (P100) ↓ CISA KEV
#8
CVE-2024-57726
SimpleHelp - SimpleHelp
SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be used to escalate privilege...
CVSS 9.9 KRITIEK EPSS 42.7% (P98) ↓ CISA KEV Ransomware
#9
CVE-2009-1537
Microsoft - DirectX
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a cr...
CVSS 8.8 HOOG EPSS 55.5% (P98) ↑ CISA KEV
#10
CVE-2026-20182
Cisco - Catalyst SD-WAN
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative priv...
CVSS 10.0 KRITIEK EPSS 77.3% (P99) ↑ CISA KEV EUVD sinds May 14, 20
Legenda:
CVSS = ernstscore (0-10):
9.0-10 Kritiek
7.0-8.9 Hoog
4.0-6.9 Middel
0.1-3.9 Laag
| EPSS = kans op exploitatie (FIRST.org), P = percentiel, ↑ stijgend ↓ dalend
| CISA KEV = bevestigd actief misbruikt (VS)
| EUVD = ENISA Europese kwetsbaarhedenlijst
| Ransomware = gebruikt in ransomware campagnes
| NCSC = NCSC advisory met ernstrating