CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 5159 results
«« First « Prev Page 1 / 258 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2021-47832 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as a duplicate. N/A 0.01% 2026-01-16 2026-01-21
CVE-2025-34294 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the behavior originates from a documentation-published Active Response example script. Please refer to this advisory ( https://github.com/wazuh/wazuh-documentation/security/advisories/GHSA-46r5-xp98-fpgg ) for further information. N/A 0.01% 2025-10-28 2025-12-19
CVE-2025-34075 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Initially assigned to document an issues that allows guest VM to modify the host’s Vagrantfile via default synced folder, leading to host-side code execution. Rejected as CVE due to documented, intended behavior that does not violate a claimed security boundary.  https://developer.hashicorp.com/vagrant/docs/synced-folders N/A 0.02% 2025-07-02 2025-07-16
CVE-2019-25348 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A 0.03% 2026-02-12 2026-02-13
CVE-2018-25153 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak. N/A 0.03% 2025-12-24 2025-12-29
CVE-2026-35021 Rejected reason: This CVE ID has been rejected by its CVE Numbering Authority (CNA). It was determined that the affected code path cannot be triggered through normal usage of Claude Code. N/A 0.03% 2026-04-06 2026-05-29
CVE-2026-34509 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A 0.03% 2026-03-31 2026-04-01
CVE-2022-50798 Rejected reason: This candidate is a duplicate of CVE-2017-11359. N/A 0.03% 2025-12-30 2026-01-07
CVE-2026-28484 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A 0.05% 2026-03-05 2026-03-06
CVE-2022-50807 Rejected reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. N/A 0.05% 2026-01-13 2026-01-14
CVE-2026-34508 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A 0.06% 2026-03-31 2026-04-01
CVE-2025-34412 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it identified a vulnerability in a SaaS product that does not require user action. N/A 0.06% 2025-12-15 2025-12-24
CVE-2026-35020 Rejected reason: This CVE ID has been rejected by the its CVE Numbering Authority (CNA). It was determined that the attack requires an attacker to already control arbitrary environment variables, a level of access they consider functionally equivalent to code execution and outside the threat model of CLI tools. N/A 0.06% 2026-04-06 2026-05-29
CVE-2025-34062 An information disclosure vulnerability exists in OneLogin AD Connector versions prior to 6.1.5 via the /api/adc/v4/configuration endpoint. An attacker with access to a valid directory_token—which may be retrievable from host registry keys or improperly secured logs—can retrieve a plaintext response disclosing sensitive credentials. These may include an API key, AWS IAM access and secret keys, and a base64-encoded JWT signing key used in the tenant’s SSO IdP configuration. 5.7 0.07% 2025-07-01 2026-06-17
CVE-2026-56272 Flowise before 3.0.13 uses bcrypt with default salt rounds of 5, providing only 32 iterations instead of the OWASP-recommended minimum of 10 rounds. Attackers can crack password hashes approximately 30 times faster with modern GPU hardware, potentially compromising all user accounts in a database breach scenario. 5.6 0.07% 2026-06-24 2026-06-25
CVE-2026-32977 OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in the fs-bridge writeFile commit step that uses an unanchored container path during the final move operation. An attacker can exploit a time-of-check-time-of-use race condition by modifying parent paths inside the sandbox to redirect committed files outside the validated writable path within the container mount namespace. 5.8 0.08% 2026-03-31 2026-06-17
CVE-2024-13975 A local privilege escalation vulnerability exists in Commvault for Windows versions 11.20.0, 11.28.0, 11.32.0, 11.34.0, and 11.36.0. In affected configurations, a local attacker who owns a client system with the file server agent installed can compromise any assigned Windows access nodes. This may allow unauthorized access or lateral movement within the backup infrastructure. The issue has been resolved in versions 11.32.60, 11.34.34, and 11.36.8. 8.5 0.08% 2025-07-25 2026-06-17
CVE-2026-43529 OpenClaw before 2026.4.10 contains a time-of-check-time-of-use vulnerability in the validateScriptFileForShellBleed function that allows local attackers to bypass workspace boundary checks. An attacker with workspace write access can race-condition swap the target file between validation and preflight read, causing the validator to inspect a different file identity than the one that passed the initial boundary check. 2.0 0.08% 2026-05-05 2026-06-17
CVE-2026-32988 OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability in fs-bridge staged writes where temporary file creation and population are not pinned to a verified parent directory. Attackers can exploit a race condition in parent-path alias changes to write attacker-controlled bytes outside the intended validated path before the final guarded replace step executes. 5.8 0.08% 2026-03-31 2026-06-17
CVE-2019-25651 Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weaknesses that allow attackers to recover encryption keys from captured traffic. Attackers with adjacent network access can capture sufficient encrypted traffic and exploit AES-CBC mode vulnerabilities to der 9.0 0.08% 2026-03-27 2026-06-16
«« First « Prev Page 1 / 258 Next »
cvelogic Threat Intelligence