██╗██╗ ██████╗ ██╗ ██╗███████╗ ████████╗██╗ ██╗██████╗ ███████╗ █████╗ ████████╗███████╗
██║██║ ██╔═══██╗██║ ██║██╔════╝ ╚══██╔══╝██║ ██║██╔══██╗██╔════╝██╔══██╗╚══██╔══╝██╔════╝
██║██║ ██║ ██║██║ ██║█████╗ ██║ ███████║██████╔╝█████╗ ███████║ ██║ ███████╗
██║██║ ██║ ██║╚██╗ ██╔╝██╔══╝ ██║ ██╔══██║██╔══██╗██╔══╝ ██╔══██║ ██║ ╚════██║
██║███████╗╚██████╔╝ ╚████╔╝ ███████╗ ██║ ██║ ██║██║ ██║███████╗██║ ██║ ██║ ███████║
╚═╝╚══════╝ ╚═════╝ ╚═══╝ ╚══════╝ ╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝ ╚═╝ ╚══════╝
♥♥♥♥
♥♥ ♥♥
♥♥♥♥
♥♥
♥
STATE OF THE INTERNET
♥♥♥♥
♥♥ ♥♥
♥♥♥♥
♥♥
♥ [ REAL-TIME VULNERABILITY INTELLIGENCE FROM CISA KEV CATALOG ]
1,569
KEV Vulnerabilities
345,194
CVEs Indexed
8,697
PoC Exploits
313
Ransomware Threats
THREAT INTELLIGENCE TERMINAL v2.0
LATEST CVE DISCLOSURES 7 DAYS
protobufjs compiles protobuf definitions into JavaScript (JS) functions. In versions prior to 8.0.1 and 7.5.5, attackers can inject arbitrary code in the "type" fields of protobuf definitions, which w
The Keycloak authentication manager in `apache-airflow-providers-keycloak` did not generate or validate the OAuth 2.0 `state` parameter on the login / login-callback flow, and did not use PKCE. An att
The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'other_attributes' parameter in versions up to, and including, 4.2.1 due to insufficient input sa
The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.3.1, via the 'z_taxonomy_image' shortcode. This is due to the shortcode rend
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_block shortcode in all versions up to, and including, 3.3.9 due to in
Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.
Secrets in Variables saved as JSON dictionaries were not properly redacted - in case thee variables were retrieved by the user the secrets stored as nested fields were not masked.
An example of BashOperator in Airflow documentation suggested a way of passing dag_run.conf in the way that could cause unsanitized user input to be used to escalate privileges of UI user to allow exe
In case of SQL errors, exception/stack trace of errors was exposed in API even if "api/expose_stack_traces" was set to false. That could lead to exposing additional information to potential attacker.
Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly tru
FRESH PoC EXPLOITS 7 DAYS
N/A
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables
Cockpit's remote login feature passes user-supplied hostnames and usernames from the web interface to the SSH client without validation or sanitization. An attacker with network access to the Cockpit
The Academy LMS – WordPress LMS Plugin for Complete eLearning Solution plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.5.0. This
The RegistrationMagic plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.0.7.1. This is due to the 'add_menu' function is accessible via the 'rm_user_ex
The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' func
The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to Remote Code Execution (RCE) in all versions up to, and including, 1.7.36. This is d
The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.3 via the sneeit_articles_pagination_callback() function. This is due to the fu
Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl-checkout allows Upload a Web Shell to a Web Server.This issue affects g-FFL Checkout: from n/a through <=
Gogs is an open source self-hosted Git service. Versions 0.13.4 and below have an access control bypass vulnerability which allows any repository collaborator with Write permissions to delete protecte
TOP TARGETED VENDORS
microsoft[████████████████████]368
apple[█████░░░░░░░░░░░░░░░]93
cisco[█████░░░░░░░░░░░░░░░]86
adobe[████░░░░░░░░░░░░░░░░]78
google[████░░░░░░░░░░░░░░░░]71
TOP VULNERABILITY TYPES (CWE)
CWE-20[████████████████████]115
CWE-78[██████████████████░░]101
CWE-787[█████████████████░░░]98
CWE-416[████████████████░░░░]91
CWE-119[██████████████░░░░░░]83
CWE-22[████████████░░░░░░░░]69
CWE-502[███████████░░░░░░░░░]64
CWE-94[███████████░░░░░░░░░]63
PoC EXPLOIT COVERAGE
[ █████████ ░░░░░░░░░░░ ] 46.0%
722 of 1,569 KEVs have PoC exploits
(8,697 total PoC repos tracked)
DATABASE STATUS
ONLINE
Last generated: 4/20/2026, 11:12:36 PM
QUICK ACTIONS
PRACTICE EXPLOITING THESE VULNERABILITIES
Each KEV vulnerability listed above has a corresponding hands-on lab environment. Learn offensive techniques safely in isolated Docker containers.
LAUNCH LAB ENVIRONMENT →DATA SOURCE: CISA KNOWN EXPLOITED VULNERABILITIES CATALOG | NVD | GITHUB PoC REPOSITORIES
UPDATED DAILY | COVERAGE: 1569 KEVs / 345,194 CVEs