CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 2126 of 26 results
«« First « Prev Page 2 / 2 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2025-27388 Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens. 8.3 0.36% 2025-08-14 2026-06-17
CVE-2025-27389 A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning. 5.1 0.11% 2025-12-04 2026-06-17
CVE-2026-22077 OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure. 5.6 0.08% 2026-04-27 2026-06-17
CVE-2026-22070 ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. 7.1 0.21% 2026-04-30 2026-06-17
CVE-2026-22069 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A 0.11% 2026-05-19 2026-06-29
CVE-2026-22078 Because O+ Connect's IPC service does not authenticate clients, external applications can escalate privileges and perform sensitive actions through the IPC channel. 7.3 0.09% 2026-06-29 2026-06-29
«« First « Prev Page 2 / 2 Next »
cvelogic Threat Intelligence