Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-3587 | An unauthenticated remote attacker can exploit a hidden function in the CLI prompt to escape the restricted interface, leading to full compromise of the device. | 10.0 | 0.09% | 2026-03-23 | 2026-03-24 |
| CVE-2025-41672 | A remote unauthenticated attacker may use default certificates to generate JWT Tokens and gain full access to the tool and all connected devices. | 10.0 | 0.34% | 2025-07-07 | 2026-04-15 |
| CVE-2025-41656 | An unauthenticated remote attacker can run arbitrary commands on the affected devices with high privileges because the authentication for the Node_RED server is not configured by default. | 10.0 | 0.54% | 2025-07-01 | 2026-04-15 |
| CVE-2023-3572 | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device. | 10.0 | 0.99% | 2023-08-08 | 2024-11-21 |
| CVE-2021-20998 | In multiple managed switches by WAGO in different versions without authorization and with specially crafted packets it is possible to create users. | 10.0 | 0.17% | 2021-05-13 | 2024-11-21 |
| CVE-2020-12522 | The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10. | 10.0 | 0.18% | 2020-12-17 | 2024-11-21 |
| CVE-2020-12493 | An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices. | 10.0 | 0.30% | 2020-05-29 | 2024-11-21 |
| CVE-2026-32968 | Due to the improper neutralisation of special elements used in an OS command, an unauthenticated remote attacker can exploit an RCE vulnerability in the com_mb24sysapi module, resulting in full system compromise. This vulnerability is a variant attack for CVE-2020-10383. | 9.8 | 0.16% | 2026-03-23 | 2026-03-23 |
| CVE-2026-22906 | User credentials are stored using AES‑ECB encryption with a hardcoded key. An unauthenticated remote attacker obtaining the configuration file can decrypt and recover plaintext usernames and passwords, especially when combined with the authentication bypass. | 9.8 | 0.07% | 2026-02-09 | 2026-04-15 |
| CVE-2026-22904 | Improper length handling when parsing multiple cookie fields (including TRACKID) allows an unauthenticated remote attacker to send oversized cookie values and trigger a stack buffer overflow, resulting in a denial‑of‑service condition and possible remote code execution. | 9.8 | 0.15% | 2026-02-09 | 2026-04-15 |
| CVE-2026-22903 | An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the modified lighttpd server, causing it to crash and potentially enabling remote code execution due to missing stack protections. | 9.8 | 0.61% | 2026-02-09 | 2026-04-15 |
| CVE-2025-41742 | Sprecher Automations SPRECON-E-C, SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an unauthorized remote attacker via default cryptographic keys. The use of these keys allows the attacker to read, modify, and write projects and data, or to access any device via remote maintenance. | 9.8 | 0.16% | 2025-12-02 | 2026-02-23 |
| CVE-2025-41734 | An unauthenticated remote attacker can execute arbitrary php files and gain full access of the affected devices. | 9.8 | 0.11% | 2025-11-18 | 2025-11-21 |
| CVE-2025-41733 | The commissioning wizard on the affected devices does not validate if the device is already initialized. An unauthenticated remote attacker can construct POST requests to set root credentials. | 9.8 | 0.08% | 2025-11-18 | 2025-11-21 |
| CVE-2025-41732 | An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_cookie() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise. | 9.8 | 0.10% | 2025-12-10 | 2025-12-19 |
| CVE-2025-41730 | An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buffers which leads to full device compromise. | 9.8 | 0.10% | 2025-12-10 | 2025-12-19 |
| CVE-2025-41723 | The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations. | 9.8 | 0.18% | 2025-10-22 | 2026-04-15 |
| CVE-2025-41715 | The database for the web application is exposed without authentication, allowing an unauthenticated remote attacker to gain unauthorized access and potentially compromise it. | 9.8 | 0.12% | 2025-09-24 | 2026-04-15 |
| CVE-2025-41709 | An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device. | 9.8 | 0.57% | 2026-03-10 | 2026-03-18 |
| CVE-2025-41702 | The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key. | 9.8 | 0.19% | 2025-08-26 | 2026-04-15 |