Top 10 Misbruikte Kwetsbaarheden
Bijgewerkt: 27 mei 2026 | Bronnen: CISA KEV, NCSC, ENISA EUVD, FIRST EPSS, NVD (NIST)
Deze pagina toont kwetsbaarheden die actief worden misbruikt door cybercriminelen. De data komt van CISA (VS), het NCSC (NL) en FIRST EPSS. Dit is geen lijst met trending items op sociale media, maar een overzicht van bewezen gevaarlijke kwetsbaarheden.
Top 10 Misbruikte Kwetsbaarheden - Nederland en Belgie
Gebaseerd op NCSC advisories, verrijkt met CISA KEV en EPSS data
#1
CVSS 8.8 HOOG EPSS 0.6% (P70) → NCSC [M/H]
#2
CVSS 8.8 HOOG EPSS 0.6% (P70) → NCSC [M/H]
#3
CVSS 8.8 HOOG EPSS 0.6% (P70) → NCSC [M/H]
#4
CVSS 8.8 HOOG EPSS 0.6% (P70) → NCSC [M/H]
#5
CVSS 8.4 HOOG EPSS 0.2% (P41) → NCSC [M/H]
#6
CVSS 8.0 HOOG EPSS 0.4% (P58) → NCSC [M/H]
#7
CVSS 9.9 KRITIEK EPSS 0.1% (P18) → NCSC [M/H]
#8
CVSS 7.8 HOOG EPSS 0.0% (P14) → NCSC [M/H]
#9
CVSS 9.9 KRITIEK EPSS 0.1% (P30) → NCSC [M/H]
#10
CVSS 9.1 KRITIEK EPSS 0.1% (P27) → NCSC [M/H]
Top 10 Misbruikte Kwetsbaarheden - Wereldwijd
Gebaseerd op CISA Known Exploited Vulnerabilities, gerangschikt op exploitatiekans (EPSS)
#1
CVE-2008-4250
Microsoft - Windows
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow d...
CVSS 9.8 KRITIEK EPSS 92.1% (P100) ↓ CISA KEV
#2
CVE-2010-0249
Microsoft - Internet Explorer
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacte...
CVSS 8.8 HOOG EPSS 88.7% (P100) ↓ CISA KEV
#3
CVE-2009-3459
Adobe - Acrobat and Reader
Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption.
CVSS 8.8 HOOG EPSS 88.1% (P99) ↑ CISA KEV
#4
CVE-2010-0806
Microsoft - Internet Explorer
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletio...
CVSS 8.8 HOOG EPSS 87.3% (P99) ↓ CISA KEV
#5
CVE-2024-1708
ConnectWise - ScreenConnect
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
CVSS 8.4 HOOG EPSS 85.4% (P99) → CISA KEV Ransomware
#6
CVE-2026-41940
WebPros - cPanel & WHM and WP2 (WordPress Squared)
WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthor...
CVSS 9.8 KRITIEK EPSS 85.0% (P99) ↑ CISA KEV EUVD sinds Apr 30, 20 Ransomware
#7
CVE-2026-20182
Cisco - Catalyst SD-WAN
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative priv...
CVSS 10.0 KRITIEK EPSS 77.3% (P99) ↑ CISA KEV EUVD sinds May 14, 20
#8
CVE-2026-42208
BerriAI - LiteLLM
BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and...
CVSS 9.8 KRITIEK EPSS 54.3% (P98) ↑ CISA KEV EUVD sinds May 8, 202
#9
CVE-2009-1537
Microsoft - DirectX
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a cr...
CVSS 8.8 HOOG EPSS 53.0% (P98) ↓ CISA KEV
#10
CVE-2025-34291
Langflow - Langflow
Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpa...
CVSS 8.8 HOOG EPSS 30.4% (P97) ↑ CISA KEV
Top 10 Misbruikte Kwetsbaarheden - Gecombineerd
Gewogen ranking op basis van CISA KEV, NCSC severity, EPSS score, ransomware en recentheid
#1
CVE-2026-41940
WebPros - cPanel & WHM and WP2 (WordPress Squared)
WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthor...
CVSS 9.8 KRITIEK EPSS 85.0% (P99) ↑ CISA KEV EUVD sinds Apr 30, 20 Ransomware
#2
CVE-2024-1708
ConnectWise - ScreenConnect
ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems.
CVSS 8.4 HOOG EPSS 85.4% (P99) → CISA KEV Ransomware
#3
CVE-2008-4250
Microsoft - Windows
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow d...
CVSS 9.8 KRITIEK EPSS 92.1% (P100) ↓ CISA KEV
#4
CVE-2009-3459
Adobe - Acrobat and Reader
Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption.
CVSS 8.8 HOOG EPSS 88.1% (P99) ↑ CISA KEV
#5
CVE-2010-0806
Microsoft - Internet Explorer
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletio...
CVSS 8.8 HOOG EPSS 87.3% (P99) ↓ CISA KEV
#6
CVE-2010-0249
Microsoft - Internet Explorer
Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object. The impacte...
CVSS 8.8 HOOG EPSS 88.7% (P100) ↓ CISA KEV
#7
CVE-2026-20182
Cisco - Catalyst SD-WAN
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative priv...
CVSS 10.0 KRITIEK EPSS 77.3% (P99) ↑ CISA KEV EUVD sinds May 14, 20
#8
CVE-2009-1537
Microsoft - DirectX
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a cr...
CVSS 8.8 HOOG EPSS 53.0% (P98) ↓ CISA KEV
#9
CVE-2025-34291
Langflow - Langflow
Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=None allows a malicious webpa...
CVSS 8.8 HOOG EPSS 30.4% (P97) ↑ CISA KEV
#10
CVE-2026-42208
BerriAI - LiteLLM
BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorized access to the proxy and...
CVSS 9.8 KRITIEK EPSS 54.3% (P98) ↑ CISA KEV EUVD sinds May 8, 202
Legenda:
CVSS = ernstscore (0-10):
9.0-10 Kritiek
7.0-8.9 Hoog
4.0-6.9 Middel
0.1-3.9 Laag
| EPSS = kans op exploitatie (FIRST.org), P = percentiel, ↑ stijgend ↓ dalend
| CISA KEV = bevestigd actief misbruikt (VS)
| EUVD = ENISA Europese kwetsbaarhedenlijst
| Ransomware = gebruikt in ransomware campagnes
| NCSC = NCSC advisory met ernstrating