FactualRisk — 📡 Exploitation Live

ITW / KEV actifs

exploitation confirmée

GreyNoise trending

scan massif actif

PoC publics

dans la période

Exploit-DB nouveaux

PoC RSS

📡 ITW confirmé

CVE-2026-20182KEVITW

Cisco / Catalyst SD-WANCVSS 10.0EPSS 0.773Score 228

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

📡 GreyNoise — Scans massifs actifs

GreyNoise non configuré — ajoutez GREYNOISE_API_KEY pour voir les scans massifs actifs.

💣 Exploit-DB — PoC publics récents

[remote] Microsoft - NTLMv2 Hash Capture

📅 29 May 2026EDB-52601

Microsoft - NTLMv2 Hash Capture

[webapps] MikroORM 7.0.13 - SQL Injection

📅 29 May 2026EDB-52600

MikroORM 7.0.13 - SQL Injection

[webapps] Prodigy Commerce 3.3.0 - Local File Inclusion

📅 29 May 2026EDB-52598

Prodigy Commerce 3.3.0 - Local File Inclusion

[webapps] Langflow 1.3.0 - Remote Code Execution

📅 29 May 2026EDB-52597

Langflow 1.3.0 - Remote Code Execution

[webapps] Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution

📅 29 May 2026EDB-52596

Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution

[local] ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion

📅 29 May 2026EDB-52595

ImageMagick - Infinite Loop in the MIFF decoder can lead to CPU exhaustion

[local] ZTE Routers - Unauthenticated Denial of Service

📅 29 May 2026EDB-52594

ZTE Routers - Unauthenticated Denial of Service

[local] ZTE ZXHN H188A V6 - Authentication Bypass

📅 29 May 2026EDB-52593

ZTE ZXHN H188A V6 - Authentication Bypass

[local] ZTE H298A / H108N - Unauthenticated Credential Exposure

📅 29 May 2026EDB-52592

ZTE H298A / H108N - Unauthenticated Credential Exposure

[local] Linux Kernel - Local Privilege Escalation

📅 29 May 2026EDB-52591

Linux Kernel - Local Privilege Escalation

[webapps] MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution

📅 29 May 2026EDB-52590

MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution

[remote] Wing FTP Server 8.1.3 - Authenticated Remote Code Execution

📅 29 May 2026EDB-52589

Wing FTP Server 8.1.3 - Authenticated Remote Code Execution

[webapps] CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)

📅 29 May 2026EDB-52588

CubeCart < 6.7.0 - Reflected Cross-Site Scripting (XSS) (Unauthenticated)

[remote] strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow

📅 29 May 2026EDB-52587

strongSwan 5.9.13 - libsimaka EAP-SIM/AKA heap buffer overflow

[dos] strongSwan 5.9.13 - DoS

📅 29 May 2026EDB-52586

strongSwan 5.9.13 - DoS

[local] Linux Kernel - Local Privilege Escalation

📅 27 May 2026EDB-52585

Linux Kernel - Local Privilege Escalation

[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal

📅 27 May 2026EDB-52584

Casdoor 3.54.1 - Arbitrary File Write via Path Traversal

[webapps] EspoCRM 9.3.3 - SSRF

📅 27 May 2026EDB-52583

EspoCRM 9.3.3 - SSRF

[webapps] scramble - Remote Code Execution

📅 27 May 2026EDB-52582

scramble - Remote Code Execution

[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection

📅 27 May 2026EDB-52581

MeiG Smart FORGE_SLT711 - OS Command Injection

🔬 CVEs avec PoC connu

CVE-2025-54957PoC

? / ?CVSS 0.0EPSS 0.000Score 8

GPZ: A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens