FactualRisk — 📋 Compliance — Mapping réglementaire CVEs

Flags total

161

NIS2

DORA

ISO27001

Vue d'ensemble par framework

NIS2 Art.21

Mesures de gestion des risques — patch obligatoire J+30

NIS2 Art.23

Notification d'incident significatif — J+24h / J+72h

DORA Art.9

Gestion des risques TIC — prestataires ICT critiques

DORA Art.20

Tests de résilience opérationnelle numérique

ISO27001 A.12.6

Gestion des vulnérabilités techniques

ISO27001 A.16.1

Gestion des incidents de sécurité

PCI-DSS 6.3

Vulnerability management — systèmes critiques

ANSSI R14

Mise à jour prioritaire recommandée

NIS2 Art.21 — Mesures de gestion des risques — patch obligatoire J+30 31 CVE(s)

CVE	Prio	CVSS	EPSS	Vendor	Produit	Signaux
CVE-2008-4250	P0	9.8	0.921	Microsoft	Windows	KEVITW🦠
CVE-2026-41940	P0	9.8	0.905	WebPros	cPanel & WHM and WP2 (WordPress Squared)	KEVITW🦠
CVE-2010-0249	P0	8.8	0.888	Microsoft	Internet Explorer	KEVITW🦠
CVE-2009-3459	P0	8.8	0.881	Adobe	Acrobat and Reader	KEVITW🦠
CVE-2010-0806	P0	8.8	0.873	Microsoft	Internet Explorer	KEVITW🦠
CVE-2026-42208	P0	9.8	0.543	BerriAI	LiteLLM	KEVITW🦠
CVE-2026-20182	P0	10.0	0.773	Cisco	Catalyst SD-WAN	KEVITW
CVE-2009-1537	P0	8.8	0.530	Microsoft	DirectX	KEVITW🦠
CVE-2026-9082	P0	9.8	0.342	Drupal	Core	KEVITW🦠
CVE-2025-34291	P0	8.8	0.348	Langflow	Langflow	KEVITW🦠
CVE-2026-48027	P0	9.8	0.268	Nx	Nx Console	KEVITW🦠
CVE-2026-0300	P0	9.8	0.045	Palo Alto Networks	PAN-OS	KEVITW🦠
CVE-2026-8398	P0	9.8	0.000	Daemon	Daemon Tools Lite	KEVITW🦠
CVE-2026-48172	P0	9.8	0.080	LiteSpeed	cPanel Plugin	KEVITW🦠
CVE-2026-45321	P0	9.6	0.000	TanStack	TanStack	KEVITW🦠
CVE-2026-42897	P0	8.1	0.075	Microsoft	Microsoft	KEVITW🦠
CVE-2026-6973	P0	7.2	0.049	Ivanti	Endpoint Manager Mobile (EPMM)	KEVITW🦠
CVE-2026-41091	P0	7.8	0.059	Microsoft	Defender	KEVITW🦠
CVE-2026-31431	P0	7.8	0.022	Linux	Kernel	KEVITW🦠
CVE-2026-34926	P1	6.7	0.008	Trend Micro	Apex One	KEVITW🦠
CVE-2026-45618	P0	10.0	0.000	npm	liquidjs	ITW🦠
CVE-2026-45498	P1	4.0	0.041	Microsoft	Defender	KEVITW🦠
CVE-2026-31233	P1	9.8	0.004	pip	guardrails-ai
CVE-2026-46562	P1	9.8	0.000	maven	org.yamcs:yamcs-core
CVE-2026-31234	P1	9.8	0.007	pip	horovod
CVE-2026-31237	P1	9.8	0.005	pip	ludwig
CVE-2026-31236	P1	9.8	0.001	pip	llm
CVE-2026-31235	P1	9.8	0.001	pip	imgaug
CVE-2026-31238	P1	9.8	0.001	pip	ludwig
CVE-2026-31239	P1	9.8	0.001	pip	mamba-ssm
CVE-2026-25879	P1	9.8	0.000	pip	langroid

NIS2 Art.23 — Notification d'incident significatif — J+24h / J+72h 21 CVE(s)

CVE	Prio	CVSS	EPSS	Vendor	Produit	Signaux
CVE-2008-4250	P0	9.8	0.921	Microsoft	Windows	KEVITW🦠
CVE-2026-41940	P0	9.8	0.905	WebPros	cPanel & WHM and WP2 (WordPress Squared)	KEVITW🦠
CVE-2010-0249	P0	8.8	0.888	Microsoft	Internet Explorer	KEVITW🦠
CVE-2009-3459	P0	8.8	0.881	Adobe	Acrobat and Reader	KEVITW🦠
CVE-2010-0806	P0	8.8	0.873	Microsoft	Internet Explorer	KEVITW🦠
CVE-2026-42208	P0	9.8	0.543	BerriAI	LiteLLM	KEVITW🦠
CVE-2026-20182	P0	10.0	0.773	Cisco	Catalyst SD-WAN	KEVITW
CVE-2009-1537	P0	8.8	0.530	Microsoft	DirectX	KEVITW🦠
CVE-2026-9082	P0	9.8	0.342	Drupal	Core	KEVITW🦠
CVE-2025-34291	P0	8.8	0.348	Langflow	Langflow	KEVITW🦠
CVE-2026-48027	P0	9.8	0.268	Nx	Nx Console	KEVITW🦠
CVE-2026-0300	P0	9.8	0.045	Palo Alto Networks	PAN-OS	KEVITW🦠
CVE-2026-8398	P0	9.8	0.000	Daemon	Daemon Tools Lite	KEVITW🦠
CVE-2026-48172	P0	9.8	0.080	LiteSpeed	cPanel Plugin	KEVITW🦠
CVE-2026-45321	P0	9.6	0.000	TanStack	TanStack	KEVITW🦠
CVE-2026-42897	P0	8.1	0.075	Microsoft	Microsoft	KEVITW🦠
CVE-2026-6973	P0	7.2	0.049	Ivanti	Endpoint Manager Mobile (EPMM)	KEVITW🦠
CVE-2026-41091	P0	7.8	0.059	Microsoft	Defender	KEVITW🦠
CVE-2026-31431	P0	7.8	0.022	Linux	Kernel	KEVITW🦠
CVE-2026-34926	P1	6.7	0.008	Trend Micro	Apex One	KEVITW🦠
CVE-2026-45498	P1	4.0	0.041	Microsoft	Defender	KEVITW🦠

DORA Art.9 — Gestion des risques TIC — prestataires ICT critiques 8 CVE(s)

CVE	Prio	CVSS	EPSS	Vendor	Produit	Signaux
CVE-2008-4250	P0	9.8	0.921	Microsoft	Windows	KEVITW🦠
CVE-2010-0249	P0	8.8	0.888	Microsoft	Internet Explorer	KEVITW🦠
CVE-2010-0806	P0	8.8	0.873	Microsoft	Internet Explorer	KEVITW🦠
CVE-2026-20182	P0	10.0	0.773	Cisco	Catalyst SD-WAN	KEVITW
CVE-2009-1537	P0	8.8	0.530	Microsoft	DirectX	KEVITW🦠
CVE-2026-42897	P0	8.1	0.075	Microsoft	Microsoft	KEVITW🦠
CVE-2026-41091	P0	7.8	0.059	Microsoft	Defender	KEVITW🦠
CVE-2026-45498	P1	4.0	0.041	Microsoft	Defender	KEVITW🦠

ISO27001 A.12.6 — Gestion des vulnérabilités techniques 55 CVE(s)

CVE	Prio	CVSS	EPSS	Vendor	Produit	Signaux
CVE-2008-4250	P0	9.8	0.921	Microsoft	Windows	KEVITW🦠
CVE-2026-41940	P0	9.8	0.905	WebPros	cPanel & WHM and WP2 (WordPress Squared)	KEVITW🦠
CVE-2010-0249	P0	8.8	0.888	Microsoft	Internet Explorer	KEVITW🦠
CVE-2009-3459	P0	8.8	0.881	Adobe	Acrobat and Reader	KEVITW🦠
CVE-2010-0806	P0	8.8	0.873	Microsoft	Internet Explorer	KEVITW🦠
CVE-2026-42208	P0	9.8	0.543	BerriAI	LiteLLM	KEVITW🦠
CVE-2026-20182	P0	10.0	0.773	Cisco	Catalyst SD-WAN	KEVITW
CVE-2009-1537	P0	8.8	0.530	Microsoft	DirectX	KEVITW🦠
CVE-2026-9082	P0	9.8	0.342	Drupal	Core	KEVITW🦠
CVE-2025-34291	P0	8.8	0.348	Langflow	Langflow	KEVITW🦠
CVE-2026-48027	P0	9.8	0.268	Nx	Nx Console	KEVITW🦠
CVE-2026-0300	P0	9.8	0.045	Palo Alto Networks	PAN-OS	KEVITW🦠
CVE-2026-8398	P0	9.8	0.000	Daemon	Daemon Tools Lite	KEVITW🦠
CVE-2026-48172	P0	9.8	0.080	LiteSpeed	cPanel Plugin	KEVITW🦠
CVE-2026-45321	P0	9.6	0.000	TanStack	TanStack	KEVITW🦠
CVE-2026-42897	P0	8.1	0.075	Microsoft	Microsoft	KEVITW🦠
CVE-2026-6973	P0	7.2	0.049	Ivanti	Endpoint Manager Mobile (EPMM)	KEVITW🦠
CVE-2026-41091	P0	7.8	0.059	Microsoft	Defender	KEVITW🦠
CVE-2026-31431	P0	7.8	0.022	Linux	Kernel	KEVITW🦠
CVE-2026-34926	P1	6.7	0.008	Trend Micro	Apex One	KEVITW🦠
CVE-2026-45618	P0	10.0	0.000	npm	liquidjs	ITW🦠
CVE-2026-45498	P1	4.0	0.041	Microsoft	Defender	KEVITW🦠
CVE-2026-31233	P1	9.8	0.004	pip	guardrails-ai
CVE-2026-46562	P1	9.8	0.000	maven	org.yamcs:yamcs-core
CVE-2026-46621	P3	9.1	0.000	maven	org.yamcs:yamcs-core
CVE-2026-48527	P3	8.7	0.000	npm	@haxtheweb/haxcms-nodejs
CVE-2026-44492	P3	8.6	0.000	npm	axios
CVE-2026-31234	P1	9.8	0.007	pip	horovod
CVE-2026-31237	P1	9.8	0.005	pip	ludwig
CVE-2026-31236	P1	9.8	0.001	pip	llm
CVE-2026-31235	P1	9.8	0.001	pip	imgaug
CVE-2026-31238	P1	9.8	0.001	pip	ludwig
CVE-2026-31239	P1	9.8	0.001	pip	mamba-ssm
CVE-2026-25879	P1	9.8	0.000	pip	langroid
GHSA-cwj3-vqpp-pmxr	P3	8.8	0.000	npm	openclaw
CVE-2026-42305	P3	8.8	0.000	pip	dulwich
CVE-2026-45401	P3	8.5	0.000	pip	open-webui
CVE-2026-46345	P3	8.4	0.000	pip	compliance-trestle
CVE-2026-47717	P3	7.5	0.000	npm	fuxa-server
CVE-2026-45617	P3	7.5	0.000	npm	liquidjs

ISO27001 A.16.1 — Gestion des incidents de sécurité 24 CVE(s)

CVE	Prio	CVSS	EPSS	Vendor	Produit	Signaux
CVE-2008-4250	P0	9.8	0.921	Microsoft	Windows	KEVITW🦠
CVE-2026-41940	P0	9.8	0.905	WebPros	cPanel & WHM and WP2 (WordPress Squared)	KEVITW🦠
CVE-2010-0249	P0	8.8	0.888	Microsoft	Internet Explorer	KEVITW🦠
CVE-2009-3459	P0	8.8	0.881	Adobe	Acrobat and Reader	KEVITW🦠
CVE-2010-0806	P0	8.8	0.873	Microsoft	Internet Explorer	KEVITW🦠
CVE-2026-42208	P0	9.8	0.543	BerriAI	LiteLLM	KEVITW🦠
CVE-2026-20182	P0	10.0	0.773	Cisco	Catalyst SD-WAN	KEVITW
CVE-2009-1537	P0	8.8	0.530	Microsoft	DirectX	KEVITW🦠
CVE-2026-9082	P0	9.8	0.342	Drupal	Core	KEVITW🦠
CVE-2025-34291	P0	8.8	0.348	Langflow	Langflow	KEVITW🦠
CVE-2026-48027	P0	9.8	0.268	Nx	Nx Console	KEVITW🦠
CVE-2026-0300	P0	9.8	0.045	Palo Alto Networks	PAN-OS	KEVITW🦠
CVE-2026-8398	P0	9.8	0.000	Daemon	Daemon Tools Lite	KEVITW🦠
CVE-2026-48172	P0	9.8	0.080	LiteSpeed	cPanel Plugin	KEVITW🦠
CVE-2026-45321	P0	9.6	0.000	TanStack	TanStack	KEVITW🦠
CVE-2026-42897	P0	8.1	0.075	Microsoft	Microsoft	KEVITW🦠
CVE-2026-6973	P0	7.2	0.049	Ivanti	Endpoint Manager Mobile (EPMM)	KEVITW🦠
CVE-2026-41091	P0	7.8	0.059	Microsoft	Defender	KEVITW🦠
CVE-2026-31431	P0	7.8	0.022	Linux	Kernel	KEVITW🦠
CVE-2026-34926	P1	6.7	0.008	Trend Micro	Apex One	KEVITW🦠
CVE-2026-45618	P0	10.0	0.000	npm	liquidjs	ITW🦠
CVE-2026-45498	P1	4.0	0.041	Microsoft	Defender	KEVITW🦠
CVE-2026-45077	P3	0.0	0.000	composer	symfony/monolog-bridge	ITW🦠
CVE-2026-45074	P3	0.0	0.000	composer	symfony/security-http	ITW🦠

ANSSI R14 — Mise à jour prioritaire recommandée 22 CVE(s)

CVE	Prio	CVSS	EPSS	Vendor	Produit	Signaux
CVE-2008-4250	P0	9.8	0.921	Microsoft	Windows	KEVITW🦠
CVE-2026-41940	P0	9.8	0.905	WebPros	cPanel & WHM and WP2 (WordPress Squared)	KEVITW🦠
CVE-2010-0249	P0	8.8	0.888	Microsoft	Internet Explorer	KEVITW🦠
CVE-2009-3459	P0	8.8	0.881	Adobe	Acrobat and Reader	KEVITW🦠
CVE-2010-0806	P0	8.8	0.873	Microsoft	Internet Explorer	KEVITW🦠
CVE-2026-42208	P0	9.8	0.543	BerriAI	LiteLLM	KEVITW🦠
CVE-2026-20182	P0	10.0	0.773	Cisco	Catalyst SD-WAN	KEVITW
CVE-2009-1537	P0	8.8	0.530	Microsoft	DirectX	KEVITW🦠
CVE-2026-9082	P0	9.8	0.342	Drupal	Core	KEVITW🦠
CVE-2025-34291	P0	8.8	0.348	Langflow	Langflow	KEVITW🦠
CVE-2026-48027	P0	9.8	0.268	Nx	Nx Console	KEVITW🦠
CVE-2026-0300	P0	9.8	0.045	Palo Alto Networks	PAN-OS	KEVITW🦠
CVE-2026-8398	P0	9.8	0.000	Daemon	Daemon Tools Lite	KEVITW🦠
CVE-2026-48172	P0	9.8	0.080	LiteSpeed	cPanel Plugin	KEVITW🦠
CVE-2026-45321	P0	9.6	0.000	TanStack	TanStack	KEVITW🦠
CVE-2026-42897	P0	8.1	0.075	Microsoft	Microsoft	KEVITW🦠
CVE-2026-6973	P0	7.2	0.049	Ivanti	Endpoint Manager Mobile (EPMM)	KEVITW🦠
CVE-2026-41091	P0	7.8	0.059	Microsoft	Defender	KEVITW🦠
CVE-2026-31431	P0	7.8	0.022	Linux	Kernel	KEVITW🦠
CVE-2026-34926	P1	6.7	0.008	Trend Micro	Apex One	KEVITW🦠
CVE-2026-45618	P0	10.0	0.000	npm	liquidjs	ITW🦠
CVE-2026-45498	P1	4.0	0.041	Microsoft	Defender	KEVITW🦠

ℹ️ À propos

Mapping automatique indicatif — ne constitue pas un avis juridique.
KEV+P0/P1 → NIS2 Art.21 · KEV+ransomware/ITW → NIS2 Art.23 · P0/P1 prestataires critiques → DORA Art.9 · CVSS≥7 → ISO27001 A.12.6 · ITW/ransomware → ISO27001 A.16.1 · CVSS≥9+REMOTE → PCI-DSS 6.3 · KEV ou CVSS≥9+ITW → ANSSI R14.
Pour un audit complet, rapprochez-vous de votre RSSI ou DPO.