Vulnerabilities

12 CVEs tracked · 4 exploited in wild

CVE ID	Description	CVSS	EPSS	Exploited	Assets	Patch
CRITICALCVE-2026-21412	Windows SmartScreen bypass — remote code execution	9.8	94%	YES	47	Pending
CRITICALCVE-2026-1732	OpenSSL heap buffer overflow in TLS handshake	9.1	82%	YES	128	Patched
HIGHCVE-2026-0044	Linux kernel privilege escalation via io_uring	8.4	67%	—	64	Patched
HIGHCVE-2026-3891	Apache HTTP Server request smuggling	7.5	45%	—	12	Pending
HIGHCVE-2025-48102	PostgreSQL authenticated SQL injection	7.2	38%	—	8	Patched
CRITICALCVE-2026-2214	Docker container escape via runc vulnerability	8.8	71%	YES	34	No Patch
MEDIUMCVE-2026-0871	Nginx HTTP/2 rapid reset denial of service	6.5	29%	—	22	Patched
MEDIUMCVE-2025-44210	Redis Lua sandbox escape	6.8	22%	—	5	Patched
HIGHCVE-2026-1105	Kubernetes API server RBAC bypass	8.1	58%	—	3	Pending
MEDIUMCVE-2026-0392	Node.js path traversal in fs module	5.3	12%	—	19	Patched
CRITICALCVE-2026-4401	VMware ESXi heap overflow — guest to host escape	9.3	88%	YES	6	Pending
LOWCVE-2025-39871	Chrome V8 type confusion — sandbox escape	4.3	8%	—	310	Patched

CRITICALCVE-2026-21412

CVSS 9.8

Windows SmartScreen bypass — remote code execution

EPSS 94%47 assetsPending Exploited

CRITICALCVE-2026-1732

CVSS 9.1

OpenSSL heap buffer overflow in TLS handshake

EPSS 82%128 assetsPatched Exploited

HIGHCVE-2026-0044

CVSS 8.4

Linux kernel privilege escalation via io_uring

EPSS 67%64 assetsPatched

HIGHCVE-2026-3891

CVSS 7.5

Apache HTTP Server request smuggling

EPSS 45%12 assetsPending

HIGHCVE-2025-48102

CVSS 7.2

PostgreSQL authenticated SQL injection

EPSS 38%8 assetsPatched

CRITICALCVE-2026-2214

CVSS 8.8

Docker container escape via runc vulnerability

EPSS 71%34 assetsNo Patch Exploited

MEDIUMCVE-2026-0871

CVSS 6.5

Nginx HTTP/2 rapid reset denial of service

EPSS 29%22 assetsPatched

MEDIUMCVE-2025-44210

CVSS 6.8

Redis Lua sandbox escape

EPSS 22%5 assetsPatched

HIGHCVE-2026-1105

CVSS 8.1

Kubernetes API server RBAC bypass

EPSS 58%3 assetsPending

MEDIUMCVE-2026-0392

CVSS 5.3

Node.js path traversal in fs module

EPSS 12%19 assetsPatched

CRITICALCVE-2026-4401

CVSS 9.3

VMware ESXi heap overflow — guest to host escape

EPSS 88%6 assetsPending Exploited

LOWCVE-2025-39871

CVSS 4.3

Chrome V8 type confusion — sandbox escape

EPSS 8%310 assetsPatched