CVE-2024-1086

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive val...

CVSS 7.8 HOOG EPSS 85.4% (P99) → KEV: Ja Ransomware Hype: 16

CVE-2024-3721

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A...

CVSS 6.3 MIDDEL EPSS 83.9% (P99) → KEV: Nee Hype: 8

CVE-2023-33538

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .

CVSS 8.8 HOOG EPSS 91.5% (P100) → KEV: Ja Hype: 7

CVE-2025-0520

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: ...

CVSS 9.4 KRITIEK EPSS 2.0% (P84) → KEV: Nee Hype: 2

CVE-2025-43300

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 1...

CVSS 10.0 KRITIEK EPSS 2.2% (P85) → KEV: Ja Hype: 1

CVE-2025-59528

Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5, Flowise is vulnerable to remote code execution. The CustomMCP node allows users to inp...

CVSS 10.0 KRITIEK EPSS 83.6% (P99) ↑ KEV: Nee Hype: 1

CVE-2026-34621

Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability t...

CVSS 8.6 HOOG EPSS 6.1% (P89) ↑ KEV: Ja Hype: 1

CVE-2025-8088

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wi...

CVSS 8.8 HOOG EPSS 7.0% (P92) ↑ KEV: Ja Hype: 1

CVE-2025-60710

Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally.

CVSS 7.8 HOOG EPSS 18.2% (P95) ↑ KEV: Ja Hype: 1

CVE-2025-54502

Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resul...

CVSS 7.1 HOOG EPSS - KEV: Nee Hype: 1